Age | Commit message (Collapse) | Author | Files | Lines |
|
worker (VPP-1213)
Change-Id: I8e0c7ed2ff462b9ab59c233f56be262ec03c29ff
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Do not translate packet which go out via nat44-in2out-output and was tranlated
in nat44-out2in before. On way back forward packet to nat44-in2out node.
Change-Id: I934d69856f0178c86ff879bc691c9e074b8485c8
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit 4d023c8c930b2a4220998d4c211d751e33324faa)
|
|
forwarding mode:
session initiaded from service host - translate
session initiaded from remote host - do not translate
Change-Id: I0e3733361de4b85068b9be02f953154a478ce8cc
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Use (u64) cast to ensure proper address calculations.
Change-Id: Ifbbe66072eb94bfe33ac04eaa4416abceeb7245e
Signed-off-by: Lee Roberts <lee.roberts@hpe.com>
|
|
When a user session is allocated/reused, only increase
one of the session counters for that user if the counters
are below the per-user limit.
THis addresses a SEGV that arises after the following
sequence of events:
- an outside interface IP address is put in a pool
- a user exceeds the number of per-user translations by
an amount greater than the number of per-user translations
(nsessions + nstaticsessions > 100 + 100)
- the outside interface IP address is deleted and then added
again (observed when using DHCP client, likely happens if
address changed via CLI, API also)
- the user sends more packets that should be translated
When nsessions is > the per-user limit,
nat_session_alloc_or_recycle() reclaims the oldest existing
user session. When an outside address is deleted, the
corresponding user sessions are deleted. If the counters were
far above the per-user limit, the deletions wouldn't result
in the counters dropping back below the limit. So no session
could be reclaimed -> SEGV.
Change-Id: I940bafba0fd5385a563e2ce87534688eb9469f12
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
The init-path for IPSEC_AH where the CTX gets initialized is broken
since the for-loop never executes due to the wrong usage of
tm->n_vlib_mains which being subtracted by 1.
Change-Id: I4d967f52cd3ca061aa60d824d65f446e06162403
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
(cherry picked from commit 4631610a20e6ae3181cb517db27a93b2a3e07eff)
|
|
Change-Id: I3e4bbfe205c86cb0839dd5c542f083dbe6bea881
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit 3f2dd30b0bf7cf3d82c720d5065178c1fa628c6b)
|
|
Change-Id: Icb858414145db0e5fef495e155903b3b935e50ba
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit 3c2a416c42a0481698735a0b1e355bfb7a702882)
|
|
pair (VPP-1199)
Change-Id: Iad8c626e83bbc58d5c85b6736f5a3dd5bc9ceafb
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit e877d68407d316adb64baa855985b746dcb2e102)
|
|
Change-Id: Iaf959d7636907cec54d83b3f14244153fbf19fa2
Signed-off-by: Dave Barach <dbarach@cisco.com>
|
|
(VPP-1176)"
This reverts commit d30c94afe4e67298b3da6fd839e0210844cf45a5.
Change-Id: Ic076f6c116e1d816c492eb8e03e50cf95cedae77
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
If forwarding is enabled, inbound packets on an outside
interface should not be dropped and instead pass on to
the FIB lookup. This works for TCP and UDP but not other
IP protocols. Enable it for unknown protocols.
Change-Id: I1da84b5633a36b3e5e64079754db2fcc50f29819
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 03f942a1cc4de3963507fc7075d91aff0cae7d58)
|
|
forwarding mode:
session initiaded from service host - translate
session initiaded from remote host - do not translate
Change-Id: I48170ee8e4ad14d3d3083ee31a40ef8d10d6ff32
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit 204591d1bd754f6086edcf8b27a95beab929a78f)
|
|
Change-Id: I1552e1418b704fdf1f1fa2c0174313b9b82a37a3
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
in2out and out2in protocol are not same
Change-Id: I4ce680ad1f088cb079e1f2aeb15ca59225fca0d1
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
(cherry picked from commit 9691cf2d082727fb2f88e85050068dc6fd761bcd)
|
|
frag packet can't get reass.
adding bihash,it can rewrite new hash value.
so need to delete hash after compare hash value.
Change-Id: I83b5c47890110e9a598b78cfbe8fcd27bbe291bb
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
(cherry picked from commit 5e85c54d229e443d30dabe9bca39625587add8a5)
|
|
receiving pkts from other interfaces
Change-Id: Ie40ee9129edaac717e716b469f4d10f3c29a4932
Signed-off-by: Chaoyu Jin <chjin@cisco.com>
|
|
(VPP-1192)
following is not possible:
set interface nat44 out GigabitEthernet0/3/0 output-feature
set interface nat44 out GigabitEthernet0/3/0
Change-Id: I1592cc18390881fda66f98316700886b8f5295f0
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit e4e34c23fe7050c26967997fdb8f555c51fd3961)
|
|
Change-Id: I8a4a7a85e86acbfe411e6dfa22e3976d7d4c903b
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
(cherry picked from commit 9f06d0eccf06b82b42cc55f02c37cbed9e1aab83)
|
|
interface reconnect.
Change-Id: Ifc7eb2494a22c334d8899422545fca1a4bba4d05
Signed-off-by: Chun Li <chunl2@cisco.com>
|
|
ouptut
Change-Id: I6f75b7328fd0aa71d00a701e36c8b4ad06bff3c4
Signed-off-by: Chaoyu Jin <chjin@cisco.com>
|
|
Change-Id: Ib9eb65d2ba166f5883a8ce8d37298c696113f2be
Signed-off-by: Chun Li <chunl2@cisco.com>
|
|
The following command sequences cause the crash:
create tap id 0 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
set interface state tap0 up
set interface state tap1 up
delete tap tap0
delete tap tap1
create tap id 0 rx-ring-size 1024 tx-ring-size 1024
0: /home/sluong/vpp2/vpp/build-data/../src/vnet/interface_funcs.h:46
(vnet_get_hw_interface) assertion `! pool_is_free (vnm->interface_main.hw_interfaces, _e)' fails
The reason for the crash is because when the tap interface is deleted,
the code does not remove the entry from the device queue. But the interface
is deleted anyway from vnet_main.interface_main.hw_interfaces.
When an interface is created again, it may encounter
the deleted entry in the device queue and crash. Notice create and delete a
single entry does not cause a crash. Need to create and delete 2 interfaces
to create a "hole" in the device queue.
Change-Id: I42ce0b7943d73b3eab32a16751a0a3183de62d9f
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 0b8567331c3edf8b6aee51c849b8391a2922d9ab)
|
|
(VPP-1149)
Change-Id: I860468bdc21c6ee07f63c8854592c46ca631ebc2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
(VPP-1156)
Change-Id: I5395245c9e49f741a949ada1f725c34f9379c249
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit f7ad5cbe819533523169e8a88876b94b9f38789c)
|
|
Change-Id: Iae15d15b470bdde759d08201de9d6dc5afef0ee9
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
NAT input features run after acl-plugin-in-ip4-fa
NAT output features run after acl-plugin-out-ip4-fa
Change-Id: I1e4487a0d6fdb99a90b8db640d9ad0e0eb7347a5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit 16f0546cadb1248f9dce99788ecc50cc2668c7e4)
|
|
Change-Id: I373f429c53c6f66ad38322addcfaccddb7761392
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib04a8787038fb536470a04d99fdc165102edfb5a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Crash occurring With a worker thread configured and dhcp
client active on an interface. When a DHCP reply packet
is received, call to ethernet_get_main() from
dhcp_proxy_to_client_input() was causing a crash.
Replaced with a call to vnet_get_ethernet_main().
Once that was resolved, calling dhcp_client_acquire_address()
from a worker thread also caused a crash. Changed so the main
thread will do the address/route configuration.
Change-Id: Ib23984787102dea8cf6cfcde86188a751f15c1e1
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
We disable the client detect feature when we bind a DHCP address. Turn
it back on again when the lease expires. Otherwise, if the DHCP
server replies after an outage, we'll never see the reply.
Add dhcp packet tx counters, by packet type
Change-Id: Id54b05647d5d7bd8d3ab99e6584ee86d9e4ff7f9
Signed-off-by: Dave Barach <dave@barachs.net>
(cherry picked from commit 4941fcc23ab01f5ca918e56489d404b92d8bde90)
|
|
For some files such as hugepages files, ftruncate() fails with the error
"Invalid argument" if the 'length' parameter is not on a page boundary.
Change-Id: I42a9cde98707da15e3c5d1653046e2277fc7a424
Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
(cherry picked from commit 7d25415a9384d4c3d786d0c1ae5c0fcff3112acd)
|
|
Change-Id: I000d842e969b838ad5fbcd18186ac7e1b39b4c46
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Ic5e8d74bf5ac84cce5661de44778c89541c67636
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit e71eb5922a293eca36dbd323970741daaca3c5c7)
|
|
Modify interface creation to allow creation of tunnel interfaces
without dedicated per tunnel output and tx nodes which are not
used for most tunnel types. Also changed interface-output node
function vnet_per_buffer_interface_output() so it does not rely
on hw_if_index as the next node index which is not flexible nor
efficient for large scale tunnel interfaces.
The improvenemts are done for VXLAN, VXLAN-GPE, GENEVE and GTPU
tunnels. GRE tunnel is still using per tunnel output nodes which
will be changed in a separate patch with other GRE enhencements.
Change-Id: I4123c01c0d2ead814417a867adb8c8a407e4df55
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit e5453d0fa29f39a7f78a7e22815566a7f4c9e5ef)
|
|
Change-Id: Idddb60bbc7fcc701d39212f6422a6b2f6dc75221
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
a crash on debug image (VPP-1151)
In debug image, there is extra code to validate the buffer when it is
freed. It uses the hash table to lookup the buffer index with spinlock
to prevent contention. However, there is one spinlock for each worker
thread. So allocating the buffer on thread-x and freeing the same buffer
on thread-y causes the validation to fail on thread-y. The fix is to
have only one spinlock, stored in vlib_global_main.
Change-Id: Ic383846cefe84a3e262255afcf82276742f0f62e
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: I5415c002a431d84372f56d4a77dc2aabd6ef55f7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
On deleting sub-interfaces, functions vnet_delete_sub_interface()
and vnet_delete_hw_interface() are not cleaning up sub-interface
related hash tables and memory properly.
Change-Id: I17c7c4b2078c062c77bfe48889beb677610035ca
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I6eef2ca258ff5b4aa9b21b98543d814633e295af
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
|
|
Buffers may be allocated for indirect descriptors by tx thread and
they are freed when tx thread is invoked in the next invocation.
This is to allow the recipient (kernel) to have a chance to process
them. But if the tap interface is deleted, the tx thread may not yet
be called to clean up the indirect descriptors' buffers. In that case,
we need to remove them without waiting for the tx thread to be called.
Failure to do so may cause buffers leak when the tap interface is deleted.
For the RX ring, leakage also exists for vring->buffers when the interface
is removed.
Change-Id: I3df313a0e60334776b19daf51a9f5bf20dfdc489
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: I3ce014da7b514aa766a90cacddd76cd2247406a8
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
Change-Id: I55d9953851062f7106c66701d46bcd9073cf1ee4
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
(cherry picked from commit 5ee623e789261552eb9460be10f34793d40b6575)
|
|
Packets with a SR policy of one SID list create a malformed packet.
Outer IPv6 header points to a routing extension header that does not
exist since the SID list contains only one SID.
Change-Id: I1effee0457453bab95706a8a24fdabfbd843d5b7
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
|
|
provide one label stack per fib_table_entry_path_add2 call. otherwise multiple mheap releases take place.
Change-Id: I475ca1b801fc85dddda0b540c69ad628a274df7f
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
|
|
Change-Id: I6ae99c00e76058654f2c5e71377e9fd1bd13b47b
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
|
|
Change-Id: Iddd754d00ace3d042336e5c2c40431566275051a
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
(cherry picked from commit eea537a288721b867d65b736363ab3f71ba6116c)
|
|
Change-Id: Ie291468ea9d05c47cefe39c4ff7fea3e016bacf2
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 0e8cb6c475b616a3296b08d25bcaa1eed3ab0084)
|
|
Follow up fix - vl_api_gre_add_del_tunnel_t_handler should pass
outer_fib_id from API message to vnet_gre_add_del_tunnel() and
not convert it to fib_index, since vnet_gre_add_del_tunnel()
already perform the lookup to get fib_index from fib_id.
Change-Id: I24967a97f82ce018ddef596e556bd3eb1706cb63
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I5e080d69f28661cc0b1846885d5001526b54fbd9
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|