summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-04-24NAT44: one-armed NAT and identity mapping (VPP-1212)Matus Fabian1-3/+10
Change-Id: I228728bacfca6056dc409a96de1bffb9cadcd3e6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-24mem-leak in stats handling (VPP-1250)Neale Ranns1-4/+18
Change-Id: I55f978c84a56bc089e5657c528195b6c84409364 Signed-off-by: Neale Ranns <neale.ranns@cisco.com> (cherry picked from commit df53f5fda277a035984f1de4474f0b58ae15b114)
2018-04-24Support QOS_SOURCE_IP recording from L2 input node.Igor Mikhailov (imichail)2-5/+77
Some scenarios not involving ip[4,6]-input paths might benefit from IP header QOS fields recorded and applied. An example: L2 (overlay) traffic being encapsulated by VPP in VXLAN and transmitted on another (underlay) interface might want the QOS information carried over in the outer IP header. Change-Id: I4d9462c47ae6ba97680edb1e53340b17cfd7845b Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
2018-04-23MPLS VPLS CLI fixNeale Ranns1-0/+1
set the IS_RX flag based on CLI 'l2-input-on' Change-Id: I53d9129a7c09f605c1eb55753426f392b1b480bc Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-04-23lacp: partner may time us out if fast-rate is configured [VPP-1247]Steven5-8/+14
We should be sending LACP PDU every second if the partner has LACP_TIMEOUT flag set which means it will time us out in 3 seconds. Add interface name for lacp trace Change-Id: If7d816c062d03e80cc0dd7d10dba0b76ace0664a Signed-off-by: Steven <sluong@cisco.com>
2018-04-20tcp: make newreno byte instead of acks dependentFlorin Coras4-3/+28
Should be more resilient to ack losses Change-Id: Icec3b93c1d290dec437fcc4e6fe5171906c9ba8a Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-20tcp: improve statsFlorin Coras3-128/+177
Change-Id: I9ab11ba9f958c679112eb22c8db39cb269a29dc7 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-19Allow an IPsec tunnel interface to be renumberedMatthew Smith6-30/+54
When creating an IPsec tunnel interface, allow a numeric identifier to be set for use in the interface's name in place of the dev instance. Default to using the dev instance if no value is explicitly set. When an IPsec tunnel is deleted, the interface is deleted now instead of being kept in a pool of available hw interfaces. Otherwise there was the possibility of conflicting tx node names between deleted tunnels and newly created ones. Change-Id: Ic525466622a0dec38a845fa5871c084f6d9da380 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-04-19Add special Twice-NAT feature (VPP-1221)Juraj Sloboda7-30/+94
When enabled then Twice-NAT is applied only when source IP equals destination IP after DNAT Change-Id: I58a9d1d222b2a10c83eafffb2107f32c1b4aa3a8 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-04-19Minor optimzation/cleanup to ethernet-input nodeJohn Lo1-5/+5
Change-Id: Ibf3ef82950f50b746394a731cd2e7cba1cd16ec4 Signed-off-by: John Lo <loj@cisco.com>
2018-04-18dpdk: improve loggingDamjan Marion4-35/+187
- use of vlib_log for non-dataplane logging - redirect of dpdk logs trough unix pipe into vlib_log - "show dpdk physmem" cli Change-Id: I5da70f9c130273072a8cc80d169df31fc216b2c2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-18vlib: logging improvementsDamjan Marion2-32/+74
Change-Id: I1c72d9ddefdc83c7d5ab2564f89d83ffd3fa6110 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-18typo fix: UNKOWN -> UNKNOWNAndrey "Zed" Zaikin7-14/+14
Change-Id: I008a4d7ad7160d1f07e7ceef712a5318a9368308 Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
2018-04-18Mcast rewrite optimisationsNeale Ranns8-45/+59
hard code the address mask offsets. This are protocol specific and only used on ethernet when used at all. Change-Id: Ib1f6f33682f53254ffbb5a241a1583e65420e0c7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-18session: coverity warningsFlorin Coras2-3/+3
Change-Id: I53bb1e289ba16ee6d9aed7285b18437c996077a4 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-18NAT44: recycle old sessions for forwarding bypass (VPP-1240)Matus Fabian4-17/+98
Change-Id: I7e6b0e7e91cc032b1685f35de5d84363a85158a5 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-18vppinfra: make set_mempolicy failure non-critical unless NUMA_FORCE is setDamjan Marion1-1/+2
Change-Id: I6c1c855cf5fc2ee06f1c7ddd6576ca16cd556fdd Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-18SCTP: coverity warningsMarco Varlese1-5/+2
This patch addresses the warning 182994 Change-Id: I071f3cbdf9965c7b57d444f79430ee75c66c856e Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-04-18udp/session: refactor to support dgram modeFlorin Coras21-447/+1105
- adds session layer support for datagram based protocols - updates udp to work in pure connectionless and datagram mode. The existing connected mode is now 'accessible' for apps as a dummy UDPC, as in, connected udp, protocol. - updates udp_echo, echo client, echo server code to work in datagram mode. Change-Id: I2960c0d2d246cb166005f545794ec31fe0d546dd Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-18dpdk: resurrect removed code [VPP-1245]Steven1-0/+4
https://gerrit.fd.io/r/#/c/7701/ accidentally removed 3 lines of code in dpdk/device/init.c which were added by https://gerrit.fd.io/r/#/c/7826/ case VNET_DPDK_PMD_VHOST_ETHER: xd->port_type = VNET_DPDK_PORT_TYPE_VHOST_ETHER; break; Those lines were needed to recognize vhost-user interface which is created via vdev command in dpdk and display VhostEthernet. Without them, UnknownEthernet is displayed. Change-Id: I6d7ee6aecc6a415fbb7308595d515649475bcd5f Signed-off-by: Steven <sluong@cisco.com>
2018-04-18Fix the ip header offset counting in vnet/ipsecSzymon Sliwa1-5/+4
IP header is set as data + sizeof(ethernet_header_t), what does not need to be true. The solution is to use l3_hdr_offset. Change-Id: I5d9f41599ba8d8eb14ce2d9d523f82ea6e0fd10d Signed-off-by: Szymon Sliwa <szs@semihalf.com>
2018-04-17Add logging supportDamjan Marion9-52/+875
Change-Id: Ieac9cf50156dbbb4962411e900d59256441915ef Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-04-17IP mcast: allow unicast address as a next-hopNeale Ranns8-41/+306
Change-Id: I5e679f2601e37688f2768620479dc2efb7d19ca3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-17dpdk: add additional fields to rte_mbuf trace printDamjan Marion1-2/+5
Change-Id: I3792c524323ce9e300648abe85454cff5d19aba7 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-17dpdk: print device flags in the 'show hardware' outputDamjan Marion2-11/+37
Change-Id: I0d10f13a56420b119fdfad97dcc135b245c269e1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-17ACL based forwardingAndrew Yourtchenko13-1/+1999
A poor man's flow switching or policy based rounting. An ACL is used to match packets and is associated with a [set of] forwarding paths that determine how to forward matched packets - collectively this association is a 'policy'. Policies are then 'attached', in a priority order, to an interface when thaey are encountered as an input feature. If a packet matches no policies it is forwarded normally in the IP FIB. This commit is used to test the "ACL-as-a-service" functionality, which currently compiles, and the existing traffic ACL tests pass in both hash and linear modes. Change-Id: I0b274ec9f2e645352fa898b43eb54c457e195964 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ole Troan <ot@cisco.com>
2018-04-17VPP-1243: fix reassembly CLIKlement Sekera1-5/+6
Change-Id: Ie20aaf0eb1a5a338a54f0de4d6da661431be5163 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-04-17vhost: show vhost-user <interface> may crash [VPP-1242]Steven1-0/+7
show vhost-user <interface> may cause a crash if interface is semi-bogus. Semi-bogus means it is a known vpp interface which has a hw_if_index, but it is bogus because it is not a vhost-user interface. The fix is to add a check to reject non vhost-user interface for the command. Change-Id: I63f1e8bfbf46f5ec4c30f9fb3546982b63cd7cc5 Signed-off-by: Steven <sluong@cisco.com>
2018-04-17SCTP: coverity scan warningsMarco Varlese3-30/+39
This patch addresses 182346, 182347, 182353. Change-Id: I59c3d74bd3a2122b836c93e22ddb632fa032f7fe Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-04-17vxlan:remove counters writeback cacheEyal Bari2-519/+242
+refactor decap loop to remove repetitions and goto's slightly improves performance in scale (3k-4k tunnels) tests (7-9 clocks) slightly deteriorates performance in single tunnel tests (3-4 clocks) Change-Id: I1a64ed0279c00481b61a162296c5a30f58bf29c4 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-04-17acl-plugin: VPP-1241: fix the "show acl-plugin tables applied" outputAndrew Yourtchenko2-45/+20
It is a relatively rarely used low level command for code that didn't change, but due to infra changes it did not survive. Having it working may be very useful for corner-case debugging. So, fix it for working with the acl-as-a-service infra. Change-Id: I11b60e0c78591cc340b043ec240f0311ea1eb2f9 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 18bde8a579960aa46f43ffbe5c2905774bd81a35)
2018-04-17igmp: fix debug macroJakub Grajciar3-13/+13
Change-Id: I071d4cfcf6ea9763dd4842a3594c486a8e400e8c Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2018-04-16Implement ip_probe_neighbor APIJohn Lo4-10/+135
Add API support similar to VPP CLI "ip probe-neighbor" except API call is asynch and will not wait, as the CLI does, for address resolution of probed neighbor. The API client can use the APIs want_ip4_arp_events or want_ip6_nd_events to get notified of the desired address resolution event. Change-Id: Ieab58abe75b5cc7f5185b3b91418b6362f8992d3 Signed-off-by: John Lo <loj@cisco.com>
2018-04-16session: use generic session pool for listenersFlorin Coras8-103/+42
Change-Id: I825f3822910a6ee368b9004e39ca16ac6833e30c Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-13Revert "MTU: Setting of MTU on software interface (instead of hardware ↵Damjan Marion23-250/+239
interface)" This reverts commit 70083ee74c3141bbefb185525315f1b34497dcaa. Reverting as this patch is causing following crash: 0: /home/damarion/cisco/vpp3/build-data/../src/vnet/devices/devices.h:131 (vnet_get_device_input_thread_index) assertion `queue_id < vec_len (hw->input_node_thread_index_by_queue)' fails Aborted Change-Id: Ie2a365032110b1f67be7a9d832885b9899813d39 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-13acl-plugin: VPP-1239: acl-as-a-service does not match IPv6 packets, works ↵Andrew Yourtchenko2-4/+5
only in lookup context 0 In process of extracting the matching out of the ACL plugin internals, a couple of pieces setting the miscellaneout fields in the 5tuple structure did not make it, so they are initialized to zeroes. Move the assignments to the right place to make both traffic acls and acl-as-a-service working. Change-Id: I66a7540a13b05113b599f0541999a18fad60385d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit d3b96ef0d75889f09dc51efb89e5123cdbe7ffe8)
2018-04-13NAT66: Do not translate if packet not aimed at outside interfaceJuraj Sloboda3-0/+55
Change-Id: Id5a2a90d81cc9cb87cb6fb89ac2f4ca3cbcb51e2 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-04-13VOM: GBP: update subnet is type changesNeale Ranns2-5/+16
Change-Id: Ic04f419b9c09be34afc390e672793180d56c4665 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-04-13MTU: Setting of MTU on software interface (instead of hardware interface)Ole Troan23-239/+250
Change-Id: I98bd454a761a1032738a21edeb0fe847e801f901 Signed-off-by: Ole Troan <ot@cisco.com>
2018-04-13GBP V2Neale Ranns71-983/+6636
update the GBP plugin to implement the full NAT feature set of opflex agent Change-Id: Ic06a039c889445ed0b9087fa1f292634192b0f8d Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-04-13bond: ping fails between l2 BD [VPP-1238]Steven4-15/+91
In dpdk based bonding, when the bond interface is configured for l2, it automatically sets the bond interface to promiscuous mode and sets rx redirect to ethernet-input. This allows traffic to be bridged to non compute node facing interface when it is received from the compute node interface. For native vpp bonding, we need to do similar things. When the bond interface is configured for l2, we set the slave interfaces to promiscuous mode and set rx redirect to ethernet-input because dpdk does not know anything about the bond interface. Likewise, when a new interface is enslaved, we also need to do the same thing if the bond interface has already been configured for l2. Change-Id: I7e168008e8a4221be74929b2a20e6db0ce8f3110 Signed-off-by: Steven <sluong@cisco.com>
2018-04-12VCL IOEvent external API callbackKeith Burns (alagalah)6-90/+367
Change-Id: I417357b00c43b27872aa3f681335bdc1ef574eca Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com> Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-04-12export new VOM hpp post 11648Neale Ranns1-0/+1
Change-Id: I3e670c22b3b8a674c98ff30eb093c5c6ab873e53 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-12Fixes for 'make UNATTENDED=yes CC=clang CXX=clang verify'Neale Ranns51-180/+215
Change-Id: I994649761fe2e66e12ae0e49a84fb1d0a966ddfb Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-12vom: Fix the itf stats replayMohsin Kazmi3-1/+39
Change-Id: Iedc6bbaa1c0a1c3c6e1b8ed6d67db28046a551f4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-04-12fixes python3 TypeError; python2 intactAndrey "Zed" Zaikin1-1/+1
exception in vpp_api.vac_write(): "TypeError: initializer for ctype 'char *' must be a bytes or list or tuple, not str" Change-Id: Ib6bcfb86e6e36c557174979a110113af689c6754 Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
2018-04-12bond: 1 packet/frame == bad performance [VPP-1236]Steven1-6/+8
While https://gerrit.fd.io/r/#/c/11316/ took care of 1 packet/frame for most of the bonding modes, it missed the broadcast mode. This patch is to fix the 1 packet/frame for the broadcast mode. Change-Id: Iac48a2977c7f702f341479cc712a6448090dbc60 Signed-off-by: Steven <sluong@cisco.com>
2018-04-12NAT: disable CLI/API not supported in active mode (VPP-1234)Juraj Sloboda2-3/+215
When in deterministic mode disable nondeterministic CLI/API. When not in deterministic mode disable deterministic CLI/API. Change-Id: Ibf485c14612297e51d3815a6fde541542c8fe7ab Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-04-12Handle DHCP replies with NAT44 forwarding enabledMatthew Smith1-48/+57
When NAT44 forwarding is disabled, if a DHCP server-to- client packet arrives on an outside interface, it is handled correctly by setting the next node to the next feature on the ip4-unicast feature arc, where it can be processed. When NAT44 forwarding is enabled, if a DHCP server-to- client packet arrives, it is not handled any differently than other packets and ends up going to ip4-lookup which results in the packet being dropped. Move the check for DHCP server-to-client packets outside of the block that is executed if forwarding is disabled so DHCP replies will be processed in either case. Change-Id: Ia795cce3fd459f3252c2c17d53bb88ceaeaafca4 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-04-11VPPAPIGEN: Consistent CRC32 on complete file.Ole Troan1-17/+25
Prior to this fix vppapigen would just do a crc32 on the Python representation of the file as a set of dictionaries. That of course was not a good idea. Change-Id: Ie454736ffec02fa4679ab27e684b1d6c6406a0f1 Signed-off-by: Ole Troan <ot@cisco.com>