summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-09-12acl-plugin: add startup-config section "acl-plugin" and heap/hash parametersAndrew Yourtchenko3-4/+60
This adds the ability to tweak the memory allocation parameters of the ACL plugin from the startup config. It may be useful in the cases involving higher limit of the connections than the default 1M, or the high number of cores. Change-Id: I2b6fb3f61126ff3ee998424b762b6aefe8fb1b8e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-12nat lb mapping command existed array out of bounds(VPP-979)flyingeagle231-1/+2
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12ACL-plugin add "replace" semantics for adding a new MacIP aclPavel Kotucek5-18/+313
Change-Id: Ia5c869b2d8b8ad012b9e89fb6720c9c32d9ee065 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-11replace uint32_t with u32Neale Ranns6-12/+12
Change-Id: I6cab79c266837a8731adcf78c9e093dfa6be0ead Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11arp/glean: fix hash computationFlorin Coras1-1/+2
Change-Id: Ifef8a9328bb865f6ddb041bafe3699153f89755a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-11Recombine diags and minimum barrier open time changes (VPP-968)Colin Tregenza Dancer7-13/+367
Support logging to both syslog and elog Also include DaveB is_mp_safe fix, which had been lost Change-Id: If82f7969e2f43c63c3fed5b1a0c7434c90c1f380 Signed-off-by: Colin Tregenza Dancer <ctd@metaswitch.com>
2017-09-11memif: mode ip is not settable from binary APISteven3-4/+10
While mode ip is supported via the CLI for creating a memif interface, it is not settable from the binary API due to missing code. While at it, update the help usage to include the missing keyword secret. Change-Id: Ia9c71f4017210a5e1733ce4992fbb566b7d20c1a Signed-off-by: Steven <sluong@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns53-503/+1276
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-10NAT: fixed hairpinning for in2out translation as an output feature (VPP-976)Matus Fabian1-7/+19
Test whether the hairpinning flag is set only for packets from NAT inside interface. Change-Id: I4a4fdd2084a76a70ce9dfe3e2b8332c02fa2eccd Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-09move unix_file_* code to vppinfraDamjan Marion26-352/+423
This will allow us to use this code in client libraries without vlib. Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08physmem: make fake allocation non-fatal if we cannot pick numa nodeDamjan Marion1-4/+11
Change-Id: I563c043ed82e3ef199fc3d47931108f31cc01728 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08Initialize ip4_reass_lock of map_main to zero (VPP-975)dongjuan1-0/+2
Change-Id: I0f58100a944e36f5b530101178303d4595b3207f Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-09-08vlib: move linux-specific code to vlib/linuxDamjan Marion13-298/+364
Change-Id: Id79d2c2be7a98e15416a537c890a8f2dd6d4464d Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08PUNT: Missing include for readv()Marco Varlese1-0/+1
The missing header include was generating a compile-time error; src/vnet/ip/punt.c:460:10: error: implicit declaration of function 'readv' Change-Id: I3f74294e7824ea3602b8d416c86fdada1aac1906 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-09-08memif: fix coverity warnings as of 9/7Steven4-12/+29
1. coverity complains about "buffer not null terminated" for strncpy because we pass the size of the destination to the call which is equal to the true size of the destination. We subtract 1 for the size to accommodate the null like all other places are already doing it. 2. Add a check to tx_queues in memif_interface_tx_inline to avoid "divide by zero". 3. To avoid null pointer dereference in memif_create_if, change the goto done rather than goto error and spit a more meaningful error rather than silent about it. 4. Shuffle a line to avoid "check after use" in vl_api_memif_delete_t_handler. Change-Id: Icba7ecd5362c012a48ac35795d31aab356617420 Signed-off-by: Steven <sluong@cisco.com>
2017-09-08ACL-plugin MACIP ACLs testsPavel Kotucek1-2/+16
Change-Id: Ie40c837358454cfe9475cb2c14fdf20b24fa6602 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-08acl-plugin: add hitcount to applied hash-acl entriesAndrew Yourtchenko3-4/+10
Add a counter incremented upon the ACL check, so it is easier to see which kind of traffic is being checked by the policy, add the corresponding output to the debug CLI "show acl-plugin tables" command. Change-Id: Id811dddf204e63eeceabfcc509e3e9c5aae1dbc8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-08Fixes for issues reported by Coverity (VPP-972)Chris Luke7-20/+48
Change-Id: I25238debb7081b4467aec4620dfdef33fbef3295 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-07Allow individual stats API and introduce stats.apiKeith Burns (alagalah)9-592/+1131
- want_interface_simple_stats - want_interface_combined_stats - want_ip4|6_fib|nbr_stats Change-Id: I4e97461def508958b3e429c3fe8859b36fef2d18 Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2017-09-07vlib physmem reworkDamjan Marion19-517/+700
This patch adds supprot support for multiple numa-aware physmem regions. Change-Id: I5c69a6f4da33c8ee21bdb8604d52fd2886f2327e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-07LISP: add neighbor discovery and CP protocol separation APIsFilip Tehlar2-0/+86
Change-Id: Ia2fc4621f0e199b0d02ac4d2104b54bdb49c14dd Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-07LISP: Add APIs for enable/disable xTR/P-ITR/P-ETR modesFilip Tehlar1-0/+60
Change-Id: Ieeb3b7eaabb568180320fe54d3eae2d26f3e4704 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-07Devices: Set interface rx-mode may cause SIGSEGV with nonexistent queueSteven3-3/+17
When I type in set interface rx-mode with a nonexistent queue, I got a crash with the following traceback. It looks like the vm is NULL when vlib_node_get_runtime is called. DBGvpp# sh int rx Thread 0 (vpp_main): node dpdk-input: TenGigabitEthernet5/0/0 queue 0 (polling) TenGigabitEthernet5/0/1 queue 0 (polling) TenGigabitEthernet7/0/0 queue 0 (polling) TenGigabitEthernet7/0/1 queue 0 (polling) node vhost-user-input: VirtualEthernet0/0/2 queue 0 (adaptive) DBGvpp# set interface rx-mode VirtualEthernet0/0/2 queue 1 polling Thread 1 "vpp_main" received signal SIGSEGV, Segmentation fault. 0x00007ffff6d4e0bc in vlib_node_get_runtime (vm=0x0, node_index=125) at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:92 92 vlib_node_t *n = vec_elt (nm->nodes, node_index); (gdb) where at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:92 at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:112 vnm=0x6f0fa0 <vnet_main>, hw_if_index=7, queue_id=1, mode=0x7fffb62099e8) at /home/sluong/vpp/build-data/../src/vnet/devices/devices.c:307 hw_if_index=7, queue_id=1, mode=VNET_HW_INTERFACE_RX_MODE_POLLING) at /home/sluong/vpp/build-data/../src/vnet/interface_cli.c:1192 vm=0x7ffff7b9d440 <vlib_global_main>, input=0x7fffb6209ef0, cmd=0x7fffb61d5d14) at /home/sluong/vpp/build-data/../src/vnet/interface_cli.c:1288 vm=0x7ffff7b9d440 <vlib_global_main>, cm=0x7ffff7b9d630 <vlib_global_main+496>, input=0x7fffb6209ef0, parent_command_index=18) at /home/sluong/vpp/build-data/../src/vlib/cli.c:588 vm=0x7ffff7b9d440 <vlib_global_main>, cm=0x7ffff7b9d630 <vlib_global_main+496>, input=0x7fffb6209ef0, parent_command_index=12) The fix is to add a check for vec_len(hw->input_node_thread_index_by_queue) and vec_len (hw->rx_mode_by_queue) to reject the command if the queue_id is out of bound. While at it, I notice inputting queue_id=-1 is being interpreted as all queues. An easy fix is to not overload the queue_id variable with -1 to mean something else. Change-Id: Id70ec3e7d06ccc67635e6d28ef53420bdac4a988 Signed-off-by: Steven <sluong@cisco.com>
2017-09-07NAT: fixed bug in snat_get_worker_out2in_cb (VPP-832)Matus Fabian1-0/+2
Change-Id: Id9c977634a1259865e3403ba0d90aecaca85207d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-07acl-plugin: match index set to first portrange element if non-first ↵Andrew Yourtchenko1-5/+1
portrange matches on the same hash key (VPP-937) Multiple portranges that land on the same hash key will always report the match on the first portrange - even when the subsequent portranges have matched. Test escape, so make a corresponding test case and fix the code so it passes. (the commit on stable/1707 has erroneously mentioned VPP-938 jira ticket) Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit fb088f0a201270e949469c915c529d75ad13353e) Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-07Punt socket: Fix coverity error for pathname length mismatch between API and ↵Ole Troan1-1/+1
sun_path. Change-Id: I69d67707540e075afe7bad0a70e57d9d80b1bc8e Signed-off-by: Ole Troan <ot@cisco.com>
2017-09-07Add fd/socket name to clib_socket_* error msgs.Dave Wallace1-12/+22
Change-Id: Ifcc9df04e7b224dfc9e9be53a30df5bbccbe05b4 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-07Fix session connect_* api message handling.Dave Wallace7-173/+159
Change-Id: If7fd125989c90240de12953658d10007b9eb4f07 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-07Support for bridge domain free text tagJerome Tollet4-2/+66
Change-Id: I9a75fdafd0c1d87b6f071fda5b77ff5f6b79deb7 Signed-off-by: Jerome Tollet <jtollet@cisco.com>
2017-09-06Set uid/gid on ssvm segment file.Dave Wallace3-1/+12
Change-Id: I482bb9654f4dfe240bace5c2b61056cfd04cf018 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-06Improve "show segment-manager segments"Dave Barach6-29/+176
Clean up private-segment fifo preallocation Change-Id: I53c630ed81d48f2832a204992d73635536926983 Signed-off-by: Dave Barach <dave@barachs.net>
2017-09-06Fixes for issues raised by Coverity (VPP-972)Chris Luke3-6/+4
Change-Id: I4b1f27b95d67d48b7a13750ff8754c344ed7afa7 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-06NAT: Destination NAT44 with load-balancing (VPP-954)Matus Fabian6-70/+1011
added load-balancing static mappings with unequal load support Change-Id: Ie505e41f24d46f812b94dd28bdafe3dc170a6060 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-06dpdk/ipsec: fix setup when using master core onlySergio Gonzalez Monroy1-2/+3
Change-Id: I62b7aa896dfe218358f11a5197b1228a3dd67152 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-09-05Add pidfile cmdline optionPierre Pfister3-9/+98
Change-Id: Ibaa61b624eb6683b1be6901a7b29f5f73aad27b2 Signed-off-by: Pierre Pfister <ppfister@cisco.com>
2017-09-05Refork worker thread data structures in parallel (VPP-970)Colin Tregenza Dancer3-136/+214
Change the rebuilding of worker thread clone datastructures to run in parallel on the workers, instead of serially on main. Change-Id: Ib76bcfbef1e51f2399972090f4057be7aaa84e08 Signed-off-by: Colin Tregenza Dancer <ctd@metaswitch.com>
2017-09-05PUNT socket: External control plane processes connected via UNIX domain sockets.Ole Troan5-11/+652
An external (to VPP) process can register (over the VPP binary API) to receive control plane packets over a UNIX domain socket. The packets are prepended with a packet descriptor containing meta-data (if_index of interface, etc). Currently only UDP is supported. The socket supports sending of packets/frames as well. The sent packet is prepended with a descriptor, telling VPP to route the packet (via ip4-lookup, ip6-lookup) or as an pre-formed Ethernet frame that is sent directly to interface-output. The intended use case for this is for an external DHCP client or a RIP implementation. New configuration option: punt { socket <socket path> } To register use the punt_socket API message. TODO: - Add support for pre-routing. I.e send L3 packet to given TX interface, but do ARP/ND (ip[46]-rewrite) - Add test scripts - Support for abstract names (starting with \0) - Add rate limiting (COP) - Support for other protocols, e.g. IPv6 ND Change-Id: I4a0afc8020deebb3d9d74686dde694ee5bcb8d0f Signed-off-by: Ole Troan <ot@cisco.com>
2017-09-04LISP: re-fetch mapping before it expiresFilip Tehlar10-138/+330
Change-Id: I0581a1bddad55d8d573c546ec84b0b2760abab3d Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-03Improve L2FIB PDR/NDR performance (VPP-963)John Lo4-18/+30
1. Limit MAC entry update per l2-learn call to reduce update burst when wall clock advance to the the next minute so all MAC time stamps are behind current time needing update. 2. Optimize l2-learn node fast path code sequence. 3. Invalidate cache_key when update MAC entry. 4. Change L2 learn hit counter to L2 learn hit-update counter. 5. Increase L2FIB table memory size to 512MB to fit 4M entries 6. Set MAC learn limit at 4M entries Change-Id: I3075ee8fb59645a56850126bac2e3e6d341cef4d Signed-off-by: John Lo <loj@cisco.com>
2017-09-01Add fixed-size, preallocated pool supportDave Barach19-98/+520
Simply call pool_init_fixed(...) before using the pool. Note that fixed, preallocated pools live in individually-mmap'ed address segments, except for the free element bitmap. A large fixed pool can exceed 4gb. Fix tcp buffer allocator leak, remove broken assert Change-Id: I4421082e12a77c41c6e20f7747f3150dcd01fc26 Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-31VPP-959: Python API require minimum CFFI version.Ole Troan1-1/+1
Change-Id: I328689b7d4efe6017412de43630a5e9f3633dd71 Signed-off-by: Ole Troan <ot@cisco.com>
2017-08-31dpdk/ipsec: update doc regarding startup.confSergio Gonzalez Monroy1-10/+7
Change-Id: Ie449072ab1efec081235b508f1def60a1287ff5f Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-08-31vhost: Disallow interrupt mode config if driver opts out interrupt supportSteven2-3/+9
According to the spec, supporting interrupt mode from the driver is optional, not a must. When interrupt mode is configured on the interface, we should check to make sure that the driver didn't opt out for the kickfd support and reject the configuration if it did. Change-Id: I7d3dbaddde65458e1a6a802754a3768ae8685a0e Signed-off-by: Steven <sluong@cisco.com>
2017-08-31Fix BIHASH_KVP_CACHE_SIZE == 0 caseDave Barach3-4/+37
Setting the bucket-level LRU cache size to zero removes the bucket-level LRU cache code. Change-Id: Idf2e63d0d508675e957366515863766f79a3479c Signed-off-by: Dave Barach <dbarach@cisco.com>
2017-08-31Fix vent_data memory leak in function run_ping_ip46_address (VPP-966)dongjuan1-0/+1
Change-Id: I05d0c8310aa86480a3d283f45e115284c4b4ebd5 Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-08-31Set runtime_path properly when running non-rootDamjan Marion2-3/+12
non-root users should use /run/user/$PID/... Change-Id: I1ca136df7a339eff193ed9c9a396d6965b192d0e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-08-31Free memory the 'rpaths' pointers, that may incur memory leaks(VPP-965).ShenJibiao1-0/+1
Change-Id: I2732c02b97f4602162638bbcf3ab46521c2782da Signed-off-by: ShenJibiao <shen.jibiao@zte.com.cn>
2017-08-30Thread safe internal buffer manager, take twoDamjan Marion3-4/+32
First attempt to make internal buffer manager thread safe was not succesfull, so trying again. This time with more testing. Change-Id: I01b8385a9c26d233934a3339255ea4bd31c865ac Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-08-30tcp: re-enable persist timer if no data available to sendFlorin Coras3-5/+26
Additionally, flush rx fifos for closed sessions. Change-Id: If2cc563fbda0451e7572650e98b15f0a694a0ff9 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-30Offload prep calls needed for IP and UDP checksum offload pktsDave Barach1-1/+4
Change-Id: I9b29bcff348bddfb49b1c38b1d409249e37bb075 Signed-off-by: Dave Barach <dave@barachs.net>