Age | Commit message (Collapse) | Author | Files | Lines |
|
Ports are allocated per protocol (UDP, TCP, ICMP)
1:1 NAT with port is configured for specific protocol
Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Now that the M() and S() macros accept a message parameter, there
is no longer a need to introduce a new block structure around the
CONTROL_PING messages just to have a new unbound "mp" variable.
Instead, just use one named "mp_ping" directly.
Change-Id: I6b283562bb6eec25806e3d35c35b977680ecd1dd
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Instead, have them accept and assign a return paramter leaving
the return control flow up to the caller. Clean up otherwise
misleading returns present even after "NOT REACHED" comments.
Change-Id: I0861921f73ab65d55b95eabd27514f0129152723
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than rely on an unbound variable, explicitly introduce
the timeout variable within the 'do { ... } while (0)' construct
as a block-local variable.
Change-Id: I6e78635290f9b5ab3f56b7f116c5fa762c88c9e9
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than blindly assume an unbound, fixed message parameter
explicilty pass it as a paramter to the S() macro.
Change-Id: Ieea1f1815cadd2eec7d9240408d69acdc3caa49a
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Now that all the M() and M2() uses properly supply a message
pointer as second parameter, fix the macros to use it.
Change-Id: I0b8f4848416c3fa2e06755ad6ea7171b7c546124
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than maintain (?) an unused second parameter, t, and pull
an unbound message pointer, mp, out of context, explicitly list
the message pointer as the second parameter.
Change-Id: I92143efda6211cdf6b935470f8c71579742a6b64
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
1 - use the SR policy to construct the replicate DPO. Each bucket therein is a SR tunnel.
2 - install a special mfib entry that links via this replicate
3 - forwarding is now mfib-lookup -> replicate -> sr_rewrite (per-tunnel)
no need for a separate sr_replicate node.
4 - Stack the sr tunnel on the forwarding DPO of the first-hop FIB entry.
no need for a second lookup post SR encap.
5 - fix some path-list lock leaks in the MFIB entry.
Change-Id: I20de96ea4c4be4fae252625bde159d9c435c8315
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- Make puppetlabs/ubuntu-16.04-64-nocm the default box
- Enable x11 forwarding
- Install x11-utils required for emacs to work over X11
- Refactor run.sh
- Add VPP_VAGRANT_POST_BUILD environment variable to
allow selection of installing VPP or run "make test".
- Fix dependencies in src/vppapigen.am
Change-Id: I0ec054fdc83feb71ca8396df53ed02bf82ecd7e7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Add authentication support to BFD feature. Out of three existing
authentication types, implement SHA1 (sole RFC requirement). Simple
password is insecure and MD5 is discouraged by the RFC, so ignore
those.
Add/change APIs to allow configuring BFD authentication keys
and their usage with BFD sessions.
Change-Id: Ifb0fb5b19c2e72196d84c1cde919bd4c074ea415
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Avoid coverity warning and improve safety by declaring a helper
structure and working with it when searching for ip headers.
Make sure the content following IPv6 header is actually UDP before
parsing it. Bail out if unexpcted IPv6 header found ...
Change-Id: I1c6b9fd42d6fdae226f12c91c53c07a932b29522
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I165b64fdc12dd2936df1958348e93b709ce0e784
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
Use FIB_SOURCE_PLUGIN_HI and modify ARP input to use non-source variants for
flags and resolving interface get.
Change-Id: I3bab76f36e0b1ee86e430a416099f1654e02740a
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Remote mapping and locator set binary APIs uses zero length arrays
defined as 'u8 array[0]' in .api file.
This path will change such cases to form 'type_t array[count];'
in order to enhance maintainability.
Change-Id: I98d0252b441020609c550d48186ed0d8338a3f2d
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
fix wrong udp error codes in decap ip6 handling
Change-Id: Ibf791a995128d38b31725c1ee67ec9d1c9dffca2
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I40deb8b40f5d3a96d2c0dcb400f489cd05a64348
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I2575d780d19e12ddf8a77e5596e5d7cc3dbf4233
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Add the external NAT address to the FIB as receive entries.
This ensures that VPP will reply to ARP for these addresses and we don't need
to enable proxy ARP on the outside interface.
Change-Id: I1db153373c43fec4808845449a17085509ca588c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I8333b7d19ebdacac5445b4505750dd0a46764b36
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Change-Id: I9cfff0196845c6f1161848aa49442aa4df81b20e
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
expressive (and might appease coverity)
Change-Id: Ie3c9b2896a487a0302903bfbdd6348f6f091c67d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add vxlan-bypass feature which can be enabled on the IP6 underlay
interface which receive VXLAN packets to accelerate VXLAN decap
processing. The CLI to enable/disable it is:
set interface ip6 vxlan-bypass <interface> [del]
The vxlan-bypass feature is already supported on the IP4 underlay
interface. The CLI to enable/disable it is:
set interface ip vxlan-bypass <interface> [del]
Move vxlan-bypass API/CLI support code from decap.c to vxlan.c.
Also fixed two issues in the VXLAN decap path in the vxlan-input node:
1. Add verification of VXLAN packet FIB index with the encap-vrf-id
of the VXLAN tunnel.
2. Fix checking of VXLANoIPv6 packet mcast DIP against that of the
IP6 mcast VXLAN tunnel.
Change-Id: I2bad4074a468c48fbb8bb5ac64f6437190756ed2
Signed-off-by: John Lo <loj@cisco.com>
|
|
minus headers.
Before the commit 878c6098 the VLIB_BUFFER_DATA_SIZE was different depending
on whether building "vpp" or "vpp_lite", resulting in an overrun in vpp_lite build.
Avoid the hardcoded value and make the upper bound for ICMP echo data size
dependent on the buffer size.
Change-Id: Id6c4d7fc73766a95af2610eb237881b5fe9ce9aa
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I2330cb7c2ba0f5eaeb4e7a4c3de4f22283d3923d
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
|
|
Change-Id: Iaca2ff453872e638ee83b11fc16472e44deb9a7e
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
header is included by ip6.h and should therefore be made public
Change-Id: Ieb7d14bb082d821c2f77e9204ec09d884fb2cb09
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
Change-Id: Ie7f51643fd3522a0fa8df8d0309305481c211f5f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
At the least, $(BUILT_SOURCES) should be added to CLEANFILES. Also
beneficial is $(api_DATA), and in the case of Java, *.files and *.h.
Also there is a vpp/app/version.h, and some grammar and lex files in
vppapigen.
Change-Id: Ic6d3f2d40ce65e1d9a8b88217fa1f36de393ebb4
Signed-off-by: Burt Silverman <burtms@gmail.com>
|
|
Change-Id: If10b878cb05d695eaed9416202fd19bed2e0b793
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ia7d8b557bcdf45eb8e33bb3d297bc6f7ad321c72
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
Build Cryptodev IPsec support by default when DPDK is enabled but only build
hardware Cryptodev PMDs.
To enable Cryptodev support, a new startup.conf option for dpdk has been
introduced 'enable-cryptodev'.
During VPP init, if Cryptodev support is not enabled or not enough cryptodev
resources are available then default to OpenSSL ipsec implementation.
Change-Id: I5aa7e0d5c2676bdb41d775ef40364536a081956d
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
Change-Id: I1596d7a130fb6d3b170b8e01f2116b323cc10c0d
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
When mac address is set prior bringing interface up incorrect rx filter
being installed into the e1000 mac.
Change-Id: If59a2bf16f732e45221b3787d271307d369e54d3
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
Since messages ids are no longer statically referenced,
fixes also VPP-611.
Change-Id: Ic8e6ee2b7f1142c185595347984d69350be25ac3
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match
- Replication represented via a new replicate DPO.
- RPF configuration and data-plane checking
- data-plane signals sent to listening control planes.
The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast.
'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests.
Updated applications to use the new MIFB functions;
- IPv6 NS/RA.
- DHCPv6
unit tests for these are undated accordingly.
Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
The values of next node can be simply assigned by dereferencing the pointer instead of obfuscating the dereference.
Change-Id: I1f4a3d51b768960699010591410695473728d3a2
Signed-off-by: Vengada <venggovi@cisco.com>
|
|
Send dhcp server-to-client packets to the ip stack, so we can acquire
snat outside interface addresses from a dhcp server
Change-Id: I7751356fa23d9f26b503c9796bd85f96275fe978
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Even when not requesting notification the VPP API
sends event notifications on certain calls. E.g.
creating interfaces.
Traceback (most recent call last):
File "/vpp/ipfix/src/vpp-api/python/vpp_papi/vpp_papi.py", line 447, in msg_handler_sync
if self.event_callback:
AttributeError: VPP instance has no attribute 'event_callback'
Change-Id: I4ca30c49df298655dc8948c5ebd68de0b3d6a592
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Back when vppctl was a shell script, you could
use -p or --prefix to set the chroot prefix to
drive multiple vpp instances. This patch adds
that capability back.
Change-Id: Iaa70a20eff13e8d7e206fcceadb7e5d06afa3fc5
Signed-off-by: Ed Warnicke <hagbard@gmail.com>
|
|
Change-Id: I693a73ba9a5e3b0cb5d2a6c5d363f671e19c1f24
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
Change-Id: I6aaf9c602cd515ed9d4416d286f9191d048c1a87
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Previously install path for python binding is fixed, as
lib/python2.7/site-packages and other version/enironement is not
supported. This change introduces automake's python macro and gets
the install path from environment dynamically.
Change-Id: I6535107d4bde61976fbdf5392d460beb1049658e
Signed-off-by: Tomofumi Hayashi <tohayash@redhat.com>
|
|
Change-Id: I3829835ed2126e51e96690c907deac623dc77151
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
When enabled, destinations with negative mappings or those not reachable
via underlay have their traffic forwarded to the PETR.
Change-Id: I1056b0959736144f27fcca7b79263f921e7a8bd9
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I422a3f168bd483e011cfaf54af022cb79b78db02
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I953b3888bbc6d8a5f53f684a5edc8742b382f323
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I24355c71606c047e474b2541bb274e3d183fee85
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I99e913b954f8b02f347bfeff093856a1c5e96781
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
span-output (tx) was enabled on wrong arc_name
Change-Id: Ic21dfaec35c975de79abec66421b353637ac9394
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
Change-Id: Ib75197ef8e5057e7f0d9361a10705c3743d05333
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|