Age | Commit message (Collapse) | Author | Files | Lines |
|
The API calls that use any of vl_api_address_t, vl_api_ip4_address,
vl_api_ip6_address_t, vl_api_prefix_t, vl_api_ip4_prefix_t,
vl_api_ip6_prefix_t now accepts either the old style dictionary,
a text string (2001:db8::/32) or an ipaddress ojbect.
Unless it is called with '_no_type_conversion':True, it will
also return an appropriate ipaddress object.
Change-Id: I84e4a1577bd57f6b5ae725f316a523988b6a955b
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Reverse the polarity on test to determine if old SA session
deletion succeeded. 0 == success, not failure.
Change-Id: I499cb04c7f13165e6c92367d4385057b77fe3836
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
ipsec4-output and ipsec6-output were conflicting with ipsec
interface names ("ipsec<id>") and vnet/interface.c autogenerated
output node ("<ifname>-output").
Changing feature names seems to be the less invasive option.
This patch also changes "input" feature names for consistency.
Change-Id: I4ba10d07e9ba09df20aa2500104252b06b55f8f7
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Change-Id: I2f81ec95de55ad2355f82550451ad825c228e5cd
Signed-off-by: Khers <s3m2e1.6star@gmail.com>
|
|
Needed for arm machines in CI.
Change-Id: Ib16a8b63e145116c7cb22376243e9026d9545c8a
Signed-off-by: juraj.linkes <juraj.linkes@pantheon.tech>
|
|
This patch adds a configuration parameter to IPSec tunnels, enabling
custom FIB selection for encapsulated packets.
Although this option could also be used for policy-based IPSec,
this change only enables it for virtual-tunnel-interface mode.
Note that this patch does change the API default behavior regarding
TX fib selection for encapsulated packets.
Previous behavior was to use the same FIB after and before encap.
The new default behavior consists in using the FIB 0 as default.
Change-Id: I5c212af909940a8cf6c7e3971bdc7623a2296452
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Change-Id: I7893a8fd5b3e15063675597c0e9bd1cd0b49ef0e
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
|
|
Change-Id: Ic67073e1f2ebe54bee5cb96a951eb92a28b1de06
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Change-Id: Ib0d9b533d72c899b77c9a7bd1daa9b4a55b7221c
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
The services {} definitions contain which APIs are streaming.
In addition only create function definition for the client side
(not for reply messages).
Change-Id: I8e83d35386cdd9ebee83d4571eaebdc6dff19e82
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Add 2/3 support to binarytomac and mactobinary and move to vpp_mac.py
Change-Id: I3dc7e4a24486aee22140c781aae7e44e58935877
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
if a tunnel's destination address is reachable through the tunnel
(see example config belwo) then search for and detect a recursion
loop and don't stack the adjacency. Otherwise this results in a
nasty surprise.
DBGvpp# loop cre
DBGvpp# set int state loop0 up
DBGvpp# set int ip addr loop0 10.0.0.1/24
DBGvpp# create gre tunnel src 10.0.0.1 dst 1.1.1.1
DBGvpp# set int state gre0 up
DBGvpp# set int unnum gre0 use loop0
DBGvpp# ip route 1.1.1.1/32 via gre0
DBGvpp# sh ip fib 1.1.1.1
ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ]
1.1.1.1/32 fib:0 index:11 locks:4 <<< this is entry #11
src:CLI refs:1 entry-flags:attached, src-flags:added,contributing,active,
path-list:[14] locks:2 flags:shared,looped, uPRF-list:12 len:1 itfs:[2, ]
path:[14] pl-index:14 ip4 weight=1 pref=0 attached-nexthop: oper-flags:recursive-loop,resolved, cfg-flags:attached,
1.1.1.1 gre0 (p2p)
[@0]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11: <<<< and the midchain forwards via entry #11
[@2]: dpo-drop ip4
src:recursive-resolution refs:1 src-flags:added, cover:-1
forwarding: unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:12 to:[0:0]]
[0] [@6]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11:
[@2]: dpo-drop ip4
DBGvpp# sh adj 1
[@1] ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11:
[@2]: dpo-drop ip4
flags:midchain-ip-stack midchain-looped <<<<< this is a loop
counts:[0:0]
locks:4
delegates:
children:
{path:14}
Change-Id: I39b82bd1ea439be4611c88b130d40289fa0c1b59
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ic6a6202a2d5aca33eee7fc6ff8eeaa1db9b58525
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I20820145377060e12aeeb23b433206c79fd88332
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5a5ee48755befc370a1f89ddbb0d91f164ed564f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I6debfe85d9d55f6f9a8ef0ce1dcc008393847a37
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ia9048bb4e074f7ebc36eb77e542a916924103332
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iff75be238a231df88a37b61610c134e4a4770708
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: If7835e9b80ec9402404bfc8d271eb11a10ef992b
Signed-off-by: Pavel Kotucek <pavel.kotucek@pantheon.tech>
|
|
Change-Id: Ife66395b89e1e9f9206666e5f0fd441b3c241bb2
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
|
|
Change-Id: I9726ac5cc7292a492928b213bc85ccfa8a26c1cb
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: Ic9747541aad8148ebf7d520b525b99c4cc3961f3
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Id8669bbadd1d6b2054865a310a654e9b38d1667d
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I7cf3ae8c10dd584e8bc234a3253bea3c5a2d105a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
gcc-8 flunks a certain number of tests at compile time, so
conditionally disable (negative) tests which won't even compile.
Change-Id: Id7e85f38bc371623972efa6e2c8f9ee4717f5ff5
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Let m = user estimate of the (max) src string length, low = smaller
address of (src, dst), hi = larger address (src, dst).
if (low + (m - 1) >= hi), we have a *potential* overlapping copy which
is not allowed. Before we declare overlap - and return an error -
retry the check with m = actual src string length.
The resulting "test string" failure affected aarch64 (only) because of
differences in test code stack variable placement / alignment.
Change-Id: I2931d1ce2c61af3d3880075b033d2a4c4e421f09
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
A client can send a memclnt delete message and ask vpp to cleanup the
shared memory queue. Obviously, in this case no delete reply is sent
back to the client.
Change-Id: I9c8375093f8607680ad498a6bed0690ba02a7c3b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ia9c3d7a68a23dc4ab3be06f88fdfb053db422372
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I45fd7538853f84c6c8bf804cc20acbc9601db3ba
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I8debcd078b733ed19c4b46ea41a2a150d816724c
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ibb55427ed49d0277854a352922c6c4bb007bf072
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ia56c2698adb0ea7811203844dc4db10e121fbc42
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Add a check to make sure that the vlib and vnet buffer flag bit
definitions do not overlap.
The VNET_BUFFER_F_AVAIL1...8 definitions allow out-of-tree codes to:
#define VNET_BUFFER_F_MY_USECASE VNET_BUFFER_F_AVAIL1
and so on. This avoids introducing irrelevant and/or proprietary bit
definitions into vnet/buffer.h, and hopefully minimizes merge pain for
everyone involved.
Change-Id: I5be4f61dceb81b5bfca005f6d609ade074af205b
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I92f415bf253d6e051ec9d94ebeb98f081b2a0293
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ifdbb4c4cffd90c4ec8b39513d284ebf7be39eca5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iad3120ab6466b77875efc89ccb49f6d22e36e62a
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I9ef042c06c12892a2bbc23cc3bac6891c77e3feb
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Ife05d25fd736ae3064f01e974e5aecc5b48de924
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Id39d64bf1b49345a3dc31c63360569212aba6865
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ic6a8b9aaec7e5dee4fb1971168988dbe4f931f86
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: I9d2f52e756363df011026773bfffa838a557313f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
cleaning up some unused code
Change-Id: I1558eec79af173e5cdcc769d7c3909039403eed8
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
|
|
Change-Id: Ia5d45db73e4bdb32214ed4f365d5eec8e28115f3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I89be597376690bb75c4347bcfc1c6c3d27c4034c
Signed-off-by: Chore <s3m2e1.6star@gmail.com>
|
|
startup.conf
otherwise, these pools will occupy an entire huge page for each even
they are very small.
Change-Id: I08919714de9b6cd4b8dddb546ca54364b56ec99f
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
Should have been done this way years ago. My bad.
Change-Id: Ic7bf937fb6c4dc5c1b6ae64f2ecf8608b62e7039
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
VPP graph dispatch trace record description:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Major Version | Minor Version | NStrings | ProtoHint |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer index (big endian) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ VPP graph node name ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer Metadata ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer Opaque ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer Opaque 2 ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| VPP ASCII packet trace (if NStrings > 4) | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet data (up to 16K) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Graph dispatch records comprise a version stamp, an indication of how
many NULL-terminated strings will follow the record header, and a
protocol hint.
The buffer index allows downstream consumers of these data to easily
filter/track single packets as they traverse the forwarding
graph. FWIW, the 32-bit buffer index is stored in big endian format.
As of this writing, major version = 1, minor version = 0. Nstrings
will be either 4 or 5.
Here is the current set of protocol hints:
typedef enum
{
VLIB_NODE_PROTO_HINT_NONE = 0,
VLIB_NODE_PROTO_HINT_ETHERNET,
VLIB_NODE_PROTO_HINT_IP4,
VLIB_NODE_PROTO_HINT_IP6,
VLIB_NODE_PROTO_HINT_TCP,
VLIB_NODE_PROTO_HINT_UDP,
VLIB_NODE_N_PROTO_HINTS,
} vlib_node_proto_hint_t;
Example: VLIB_NODE_PROTO_HINT_IP6 means that the first octet of packet
data SHOULD be 0x60, and should begin an ipv6 packet header.
Change-Id: Idf310bad80cc0e4207394c80f18db5f77c378741
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
fix coding style
Change-Id: I458d81fa80c509b71edb2021468a89715cb32ae3
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
Change-Id: I45b97cfd0c3785bfbf6d142d362bd3d4d56bae00
Signed-off-by: Neale Ranns <nranns@cisco.com>
|