summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2021-03-15nat: get rid of worker selection callbacksKlement Sekera8-81/+77
Make code easier to read and debug. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ib52a4cdd3bcdcc475053aa32af3964c00859e1cd
2021-03-15ipsec: allow inbound non-tunnel SA through CLIMohammed Hawari1-6/+0
Change-Id: Ia304488900bd9236ab4e7cc6f17ae029ee6f2c00 Type: fix Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2021-03-15nat: pnat copy and clear byte instructionsAndrew Yourtchenko13-161/+658
Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I8e48bdcc4c311717e067bb0a4e0b409a2eb8e83d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ole Troan <ot@cisco.com>
2021-03-15dns: fix crash when printing unlikely msgDave Barach1-3/+4
%U format, arguments out of order, etc. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I829a3e5808923f096369ccf6af6386060ee8b62f
2021-03-15ikev2: support responder hostnameFilip Tehlar11-64/+311
Type: feature Ticket: VPP-1901 Change-Id: I1ad222b54363fd35679d0132d458345a9a18362c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-03-15cnat: maglev fixesNathan Skrzypczak4-31/+47
This fixes cnat_feature node LB - use siblings instead of direct next_nodes - only do the lookup if we have NO_NAT - fix behavior in v6 Type: fix Change-Id: Ie80c9912946bf55c30eadeb51340f4aec9bb297e Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-03-15misc: finish removing deprecated cop APIDave Barach1-22/+0
Fix bug in crcchecker. It must be possible to remove a non-production .api file Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I00b953e58017cc53051e6f4d8a70403dce8219a0
2021-03-15dpdk: implement interrupt modeMohammed Hawari4-12/+116
Change-Id: I6ababc99ecf559327a4370914580c98d32680175 Type: feature Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2021-03-15tests: use socket transport instead of shared memoryOle Troan8-33/+91
Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I9e65c94a5a05047a5104e9361ea36eac77b40442 Signed-off-by: Ole Troan <ot@cisco.com>
2021-03-15nat: remove unused parameterKlement Sekera1-9/+9
Type: refactor Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ifb4a9c52fd2c5dd9f3f5cf41214aa1851f6d7acd
2021-03-14ip: extend punt CLI for exception packetsMohammed Hawari8-42/+183
Change-Id: I20e48a5ac8068eccb8d998346d35227c4802bb68 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: feature
2021-03-12interface: fix extra locking on fib/mfib tableDmitry Vakrhushev1-23/+17
Unlocking previeous fib/mfib table before bind it to a new. Currently if rebind interface table from one to another, previous table's lock wouldn't decrease the locks count. Type: fix Change-Id: I09340baf1c7039aed3be15ee231eded7364b213e Signed-off-by: Dmitry Vakrhushev <dmitry@netgate.com>
2021-03-12nat: remove unused importKlement Sekera1-1/+0
Type: style Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I66b7ed03f784f3992a910ad6a52ed89116a39297
2021-03-11hsa: add support for tls to proxyFlorin Coras2-39/+89
Type: improvement Change-Id: I934e1e981bfa3e5ef81a61b2180604f9b9fc991b Signed-off-by: Florin Coras <fcoras@cisco.com>
2021-03-11session tls: deq notifications for custom txFlorin Coras3-0/+8
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6ed2104e9d79c367ca36460047586f9b632c3315
2021-03-11misc: fix gcc-11 buildDamjan Marion4-51/+38
Type: fix Change-Id: Ia17c8255806a2575bb75ed37050b47ddb347050c Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-11vlib: refactor node function variantsDamjan Marion10-235/+256
It allows default variant selection from startup.conf Type: improvement Change-Id: Idff95e12dd0c105dab7c905089548b05a6e974e0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-11misc: remove cop API support (part 1)Dave Barach7-390/+1
API marked for deprecation last year due to non-inclusive language. Last supported release: 21.01. See the "adl" plugin. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I931e58ced9cc8403ca5b23fd6b07e50d0ff7306b
2021-03-10session: check if fifo exists in cl bound notificationFlorin Coras1-1/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I316575a4b199916920cad6be8f9b49025d6ccc2d
2021-03-10interface: fix interface-output and interface-tx multiarch selectionDamjan Marion3-38/+46
Type: fix Change-Id: I77723dcbf753c2a7f1ec00f034d8ab604f12214b Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-09tests: re-enable the rest of NAT44ED tests for multiworkerAndrew Yourtchenko1-1/+0
Type: test Change-Id: I37a12e3580c3631582f366944fe30f325b46f366 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2021-03-09nat: fix dst nat thread issuesKlement Sekera4-123/+129
Make sure packet lands on the right thread for dst nat case. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I0ec4e4c2bb3fa80ff73fac588c36d36420ba68fa
2021-03-09vlib: remove unused functionDamjan Marion1-9/+0
Not used for a looong time.... Type: refactor Change-Id: I4b1d6216dbd349dd02c1d7c884f89ece66cd6045 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-09pnat: coverity fixesOle Troan2-3/+5
Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ia1cfdbd39ed458cb3fffd29a8b6d6eff64644de8
2021-03-08cnat: Coverity fixNathan Skrzypczak1-1/+1
Type: fix Change-Id: I004a49e59d8643599fc99ad6fa5848d3cf289b7a Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-03-08tcp: account for option alignment in initial snd_mssFlorin Coras1-2/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I24225ada6623c5b5543341ecac0d6c1db43cc8a9
2021-03-07nat: replace main vlib with per-thread vlibKlement Sekera6-67/+53
Fix incorrect vlib main usage. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ic5304ca844f1b27756818eb6995b1d9c08412674
2021-03-07nat: fix worker selectionKlement Sekera7-89/+73
Use correct ports from SVR. Perform lookup of existing session for all cases to pick any created bypasses and derive correct thread indexes. Type: fix Change-Id: I1e3814c9e13cd4d9b8d65f514f7e9ab42df3c22e Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-03-07nat: test - add show traceKlement Sekera1-0/+1
Add missing show trace. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2f216bfc1bc70ebcbf5593214d46601f44f0b6e2
2021-03-07dispatch-trace: move dispatch trace pcap code to pluginDamjan Marion9-573/+609
Type: refactor Change-Id: I02a527f57853ebff797f0d85761b71127916d6ce Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-06nat: use correct node indexes for queuesKlement Sekera1-2/+2
Type: fix Change-Id: I30b847acc4653fea9d609fc0d5875c3fda0824ef Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-03-05vppapigen: expose the values of per-message "options" in the api.json filesAndrew Yourtchenko2-1/+2
Also fix the vapi parser's assumption about what the container with CRC is supposed to look like.. Change-Id: I3a23ef6c1502232742c03d227eb3654fb757709c Type: improvement Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2021-03-05avf: don't memcpy if adminq output buffer size is 0Damjan Marion1-1/+1
Type: fix Change-Id: I0df14ff87d0bf51eeb392f72434febf6c4a2957a Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-05fib: format function for adjacency flagsNeale Ranns2-0/+18
Type: improvement Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ib01ed3231321f0f38c4b1deb885c4cf718cc0147
2021-03-05interface: move vnet_pcap_t to vnetDamjan Marion5-30/+33
It naturally belogns there... Type: refactor Change-Id: I05f7ba01103a5e9b3756f1ea69c8cc5d8f26f0a0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-05mss_clamp: TCP MSS clamping pluginNeale Ranns7-0/+1331
Type: feature Configure TCP MSS clamping on an interface as follows: set interface tcp-mss-clamp [rx|tx] <interface-name> ip4 [enable|disable|rx|tx] ip4-mss <size> ip6 [enable|disable|rx|tx] ip6-mss <size> Change-Id: I45b04e50a0b70a33e14a9066f981c651292ebffb Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com> Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-03-05api: crchcecker ignore version < 1.0.0 and outside of src directoryOle Troan2-0/+4
- For check patchset ignore files outside of src directory - For check patchset ignore files that have version < 1.0.0 - fix Pylint warnings - Modify vppapigen_crc to include version in JSON output Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I171cf6397e129e2438b2a494c5656236a7810f7b
2021-03-05l2: coverity woe in l2_rw_mod_entrySteven Luong1-3/+0
Coverity complains that the statement if (!e) return -1; is never true and is logically dead code in the subject function. It is right. e is assigned in both the if and else statementes immediately above and can never be null. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ic2d0e76eff696ee689a68a07913876dcecf5c647
2021-03-05dpdk: fix rte mempool for rx_queuesVladimir Ratnikov1-1/+9
Change dpdk_ops_vpp_get_count() return value from 0 to actual available pool size; For some drivers/envs(azure,vmbus) rx_queue size will be zero and the only 1 element will be created (0 + 1) When more than one packet will arrive, it will cause SEGFAULT Type: fix Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: Ibe7da6acc91200bec33d99f580044456d8984110
2021-03-05ipsec: Support async mode per-SANeale Ranns11-205/+232
Type: feature This feautre only applies to ESP not AH SAs. As well as the gobal switch for ayncs mode, allow individual SAs to be async. If global async is on, all SAs are async. If global async mode is off, then if then an SA can be individually set to async. This preserves the global switch behaviour. the stratergy in the esp encrypt.decrypt nodes is to separate the frame into, 1) sync buffers, 2) async buffers and 3) no-op buffers. Sync buffer will undergo a cyrpto/ath operation, no-op will not, they are dropped or handed-off. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ifc15b10b870b19413ad030ce7f92ed56275d6791
2021-03-05ipsec: Submit fuller async framesNeale Ranns4-178/+146
Type: improvement In the current scheme an async frame is submitted each time the crypto op changes. thus happens each time a different SA is used and thus potentially many times per-node. thi can lead to the submision of many partially filled frames. change the scheme to construct as many full frames as possible in the node and submit them all at the end. the frame owner ship is passed to the user so that there can be more than one open frame per-op at any given time. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ic2305581d7b5aa26133f52115e0cd28ba956ed55
2021-03-05marvell: check return value of vlib_trace_bufferRobert Shearman1-8/+10
Check the value of vlib_trace_buffer in mrvl_pp2_input_trace to fix a compiler error for an unused result of the function. Type: fix Fixes: 9a3973e3a36bfd4dd8dbffe130a92649fc1b73d3 Signed-off-by: Robert Shearman <robertshearman@gmail.com> Change-Id: Ib005ae662885ed8ef902607037b843a524789a19
2021-03-05marvell: spelling fixesRobert Shearman2-3/+3
Fix places where "Marvel" is used incorrectly instead of "Marvell". Type: style Change-Id: I9247676ab08faed31e7b813f6f496ba008210c00 Signed-off-by: Robert Shearman <robertshearman@gmail.com>
2021-03-05marvell: fix implicit declaration of functionRobert Shearman1-0/+1
Fix compile error due to implicit declaration of vnet_hw_if_get_rxq_poll_vector by including the header file that declares this. Type: fix Fixes: b85b0df2a039b694fb2f3c09a01decfb89d7bce2 Signed-off-by: Robert Shearman <robertshearman@gmail.com> Change-Id: I4a21743df93ffaa637641838d30b3b5c70dd79ef
2021-03-05crypto: revert "fix ops flags in crypto sw scheduler"Damjan Marion1-2/+7
This reverts commit 30ad571cc35e4dc6d4d7e50b81b97f83f8770eea. Type: fix Change-Id: If8c6e388e732d2a1b5efd0677d9528a646365f94 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-03-04ikev2: fix incorrect api messageFilip Tehlar1-1/+1
Type: fix Change-Id: I9b3f4531070786f583e18609dfae1d95487ce93c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-03-04cnat: Add calico/k8s src policyNathan Skrzypczak3-2/+59
This patch implements k8s-specific extensions to the cnat plugin. This could be done by exposing a richer semantic on srcNAT policies, but this might be too complex work at this point. Also k8s fits quite well as a 'cloud NAT' usecase. Type: feature Change-Id: I2266daf7b10a92e65f5ed430838a12ae826bd333 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-03-04cnat: Prepare extended snat policiesNathan Skrzypczak14-549/+770
Type: refactor Change-Id: I9ca3333274d6f32b6aff57f0fb3d2049c066337a Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-03-04cnat: Fix snat with dhcpNathan Skrzypczak4-11/+17
Type: fix We didn't check that the srcEndpoint was resolved when creating the session, we could end up sNATing with 0.0.0.0 as src_addr Change-Id: If8dfa577e659cfe90b148657a44c0390a7d383e9 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-03-04crypto: fix ops flags in crypto sw schedulerBenoît Ganne1-7/+2
The sw crypto scheduler converts crypto frames to individual crypto operations. This is done by reusing per-thread vectors for crypto, integrity and chained operations. The crypto op flags must be reset to frame flags minus invalid values depending of the operation. The previous tentative also cleared the chained buffer flag, breaking jumbo support. Type: fix Change-Id: Icce6887a9e0dae8c300c56e97b977e203e784713 Signed-off-by: Benoît Ganne <bganne@cisco.com>