aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2020-07-07ikev2: per thread usage of openssl contextFilip Tehlar3-77/+47
Type: refactor Change-Id: I04af90b4d86c00092ce1732aeb3c0517af1808e0 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-07-06ikev2: add profile dump APIJan Cavojsky6-0/+436
Type: feature Signed-off-by: Jan Cavojsky <Jan.Cavojsky@pantheon.tech> Change-Id: I84776a50b520134e8a3ca6ae41b4cc29009e6319
2020-07-06ikev2: add more ikev2 testsFilip Tehlar1-18/+135
Tests for AES-GCM and AES-CBC with different key lengths Type: test Change-Id: Ie7eeebb0f7e8331a717866475cb4ee00042857ce Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-07-06ip: set ip4 mask for ip_copy and ip_set when dealing with ip4 typejiangxiaoming1-2/+8
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: I3ace7dfe3ddacb4f7fa7a974a2ffe2b3cf902ff9
2020-07-06fib: fix debug preprocessor directivesMatthew Smith4-4/+4
Type: fix Some debugging declarations were wrapped in an 'ifdef CLIB_DEBUG'. This seems to always evaluate true because clib.h defines CLIB_DEBUG to 0 if its not defined. The result is that if a route table is added and a route is added to it and then the table is deleted, VPP exits because the debug function fib_table_assert_empty() gets called whether VPP was started using a debug build or a release build. Change the ifdef to 'if CLIB_DEBUG > 0'. Change-Id: I357dc2c299e81b95244f2f7efaadb8e0de27627a Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-07-02tcp: fix coverity warningFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I60828bc084b9adbb925c306d26060412c410c516
2020-07-02tcp: cli to dump half-open connectionsFlorin Coras1-0/+104
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idf7e483de0afc95a7579145fb16689e1853b10f9
2020-07-02vrrp: fix feature declaration for v6 accept-modeMatthew Smith1-1/+1
Type: fix The v6 accept mode input feature was being declared with the node added to ip4-multicast instead of ip6-multicast. Add to the correct arc. Change-Id: I08f6e5e7dde84a37687fa0af750a7a16fe537ea6 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-07-02ikev2: use remote proposals when installing tunnelFilip Tehlar1-2/+2
Change-Id: Ib9c5dff6c825f495400a73869d429b9c2df670fc Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-07-02tap: fix dump for TUN interfacesMohsin Kazmi2-1/+5
Type: fix Change-Id: I3bcc8ff1cf0a828ce3ba112694d38e3287d38d8d Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-07-02nat: nat66 to pluginOle Troan14-480/+607
Type: refactor Change-Id: I8c1f0c02a4522c1f9e461ddadd59938579ec00c6 Signed-off-by: Ole Troan <ot@cisco.com>
2020-07-02ip: fix the order in ip4 punt redirectMohsin Kazmi1-2/+2
Type: fix Fixes: a84cb715f5a4366dd2f32de18ad92bec566924da Change-Id: Id448d6ae9cfdd3122e8187121c509412835117c5 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-07-01vlib: wake up workers if interrupts are postedBenoît Ganne5-3/+9
Type: fix Change-Id: If8dbbcb46193fd057fe8d704058609a3a8787d6c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-30classify: fix debug CLIDave Barach1-1/+5
unformat_ip6_mask wasn't accounting for customized field names when deciding if it managed to parse at least one field. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I26cab4c6828b510e277079628af5115ac43af3ff
2020-06-30tests: ikev2: add nat traversal & cert based auth testFilip Tehlar6-49/+253
Type: test Change-Id: I3e8e451c5deaf04f519a471369370c383d9cda3b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-30tcp: avoid rcv wnd more than RX fifo can enqueueRyujiro Shibuya2-7/+12
Type: fix Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com> Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie358b731f8ecb1fcaebd6e79f5ce5c10802c2814
2020-06-29gso: fix the l2 pathMohsin Kazmi1-8/+10
Type: fix Change-Id: I4f91175444dec9800d651aa5a5e0472359de63d1 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-27udp: align udp_encap_t_ to 2 cachelinesVadym Martsynovskyy1-4/+4
Based on the comments in the struct, udp_encap_t_ is meant to span 2 cachelines. Due to the 64 bit alignment of dpo_id_t, the struct spanned 3 cachelines. This caused fetching ue_ip_proto to trigger an additional cache miss. This patch rearranges the ordering of the struct fields so that udp_encap_t_ only spans 2 cachelines as intended. before: (gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1 $8 = 128 after: (gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1 $1 = 64 Type: fix Signed-off-by: Vadym Martsynovskyy <vmartsyn@fb.com> Change-Id: I066c08654d4a8ef3e2d3954e957d4c5d382b209f
2020-06-27sr: fix for SID index across segment lists within a sr policyChinmaya Agarwal1-1/+1
Type: fix Signed-off-by: Chinmaya Agarwal <chinmaya.agarwal@hsc.com> Change-Id: I9aa5456bf94356e8702fbfd39b14db4c2e74d3e6
2020-06-27l2: performance enhancement in l2inputZhiyong Yang1-80/+69
Short Load/Stores combined with prefetching in the beginning of the loop place too much pressure on AGUs and memory accesses. The patch interleaves load/store operations with computational operations to alleviate the pain point. vlib_get_buffers is also leveraged. Redefine u8 dst_and_src[12] instead of dst[6] and src[6] in struct l2input_trace_t in order to merge two copys into one. Type: improvement Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> Change-Id: I7d3df7732c476069235e3019c68f0f53bca9637e
2020-06-27vrrp: backup processes priority 255 advertisementMatthew Smith2-1/+381
Type: fix When accept mode is enabled, a backup VR will configure the VR virtual addresses locally and respond to packets sent to those addresses. This did not work when the primary VR is the address owner and sends advertisements using the virtual address as the source address. It also did not work when NAT was configured on the interface with the virtual address as the NAT pool address. In both cases, advertisements from other VRs would arrive and be dropped because they appeared to be spoofed - the source address would be an address that is configured as an interface address on the instance receiving it. When accept mode is enabled for a VR and the VR enters the master state, add an input feature on ip[46]-multicast for the interface which looks for VRRP advertisements, figures out whether they are for a VR which is configured with accept mode and is in the master state and kicks them straight to the VRRP nodes to avoid dropping them. Change-Id: I240ba1ee0b3fd6d693de729698c1181dc71bb08b Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-06-27lacp: add unit testSteven Luong1-0/+364
add test_lacp.py to cover basic lacp unit test Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I6f7f3d801956e54106f3c55cedaca186d81dad25
2020-06-27nat: replace speculative buffer enqueue modelKlement Sekera5-2278/+2107
Replace speculative buffer enqueue coding model with vlib_get_buffers(...)/vlib_buffer_enqueue_to_next(...). Type: improvement Change-Id: I7dbfac2234a7bd754c599857eb1d5b601da5bc7c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-06-27ikev2: add FEATURE.yamlBenoît Ganne1-0/+17
Type: docs Change-Id: Ie7836543e52bee08d12c565fbb6238d3e82ea3ce Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-27flow: add IPSec ESP/AH flowChenmin Sun3-1/+114
This patch adds the IPSec ESP/AH type flow support Have tested on E810 with Intel iAVF driver Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I6ab8e69f67c423cc4e33f3c363881a97cdb98c30
2020-06-27virtio: add tx traceMohsin Kazmi1-2/+60
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I0b1a1ce085ceb75fe139092e40878566682a7986
2020-06-27tap: remove the bridge configurations for TUN interfaceMohsin Kazmi1-9/+10
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ifeae641ec0aa7de74e33e582234505bf6e28ca87
2020-06-27ikev2: remove unused fieldFilip Tehlar1-1/+0
Type: improvement Change-Id: I0893d7cd8b8ab9958f585ac564bd0638bc60e78a Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-26ip: fix the punt redirect for ip4Mohsin Kazmi1-6/+9
Type: fix Change-Id: I39341f201209931392f315ead5adfddd8b567caf Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-25misc: add gdb macrosDave Barach1-2/+3
These gdb macros should prove very helpul when poking around in core files. Pifi (pool_is_free_index) is not straighforward. Best to work it out once. Others: bitmap_get = clib_bitmap_get vl = vec_len pe = pool_elts node_name_from_index, as described vnet_buffer_opaque, prints the primary buffer opaque vnet_buffer_opaque2, prints the secondary buffer opaque Fix vppinfra unit-test compile error Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Id2a2391a47e5a07cf3757f473e3805cc04784161
2020-06-25nat: avoid division by zeroKlement Sekera1-1/+8
Return error instead of dividing by zero. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9f6a942e87ab87e8f1921e744ec1add45884e74a
2020-06-24virtio: fix the vlib buffer flagsMohsin Kazmi1-2/+1
Type: fix Change-Id: I92e8e30e4175229e24dd92471016e9095b5cc83e Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-24nat: deterministic: disallow invalid configKlement Sekera2-5/+20
Prevent overflow if input network prefix is too small and crash on packet #1 due to vector not being allocated/initialized. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I3494cc62ce889df48cc59cc9340b5dd70338c3a8
2020-06-23udp: jump over ip4 optionsFlorin Coras1-3/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4f57a776302e11815fcea433ba8cf6724799ff65
2020-06-23vppinfra: fix u32x4_gather definitionDamjan Marion1-1/+1
Type: fix Change-Id: I3df8d3f277bfadee95bfc329e8ce8b929a986af6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-06-23vlib: debug CLI macro expander, part deuxDave Barach4-16/+51
Deal with circular macro definitions instead of crashing due to stack overflow. Separate macro tables, per CLI session Add documentation to the Sphinx docs Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I55fc9152bd37ad0c15fa3959f38b07b63100e634
2020-06-23nat: fix broken testKlement Sekera1-2/+14
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I04952865b7e2b447763d0b67d120c3d933177646
2020-06-23ip6-nd: punt neighbor advertisementsAlexander Chernavin1-1/+1
With this change, punt received neighbor advertisements instead of drop in order to give other elements of the system an opportunity to handle them. Type: improvement Change-Id: Ie6cde9eebc83e42029967141cb32ebc459fd3680 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-06-22nat: set buf error if can't create userKlement Sekera4-27/+9
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I747d78966a7296dcbae54d54b0c165d407c8863d
2020-06-18ikev2: use both local and remote ID for profile lookupFilip Tehlar2-22/+50
Type: fix Ticket: VPP-1890 Change-Id: I9441d5afc38df7dabf6cccaead69dd32646d2a9e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-18tests: add ikev2 test framework with basic test caseFilip Tehlar2-0/+651
Ticket: VPP-1905 Type: test Change-Id: Ie66fbd8e37eb5e69bd61b701ed3449366bee8c84 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-19build: add cmake dependency from test plugin to apiTom Seidenberg1-0/+3
Type: fix Signed-off-by: Tom Seidenberg <tseidenb@cisco.com> Change-Id: I00fa22733bd293e56eb6b81346fdf2d75ad9d88f
2020-06-19vlib: add recursive macro expander to debug cliDave Barach6-37/+237
All of the pieces have been sitting around for years. Added several debug CLI commands: "define <variable-name> <value>" "undefine <variable-name>" "show macro [noeval]" "echo <whatever>" Macros may refer to other macros. To defer evaluation: "define foo \$(bar)" or some such. The macro evaluator is not smart about "define foo \$(foo)" or more complicated circular definitions, so don't do that. Environment variables are available, simply use $<name-of-environment-vbl> The macro expander has a table of (overrideable) builtin names, which are evaluated by calling functions. Simple example: echo $USER define ip1 192.168.1.1/24 define ip2 192.168.2.1/24 loop create loop create set int ip address loop0 $ip1 set int ip address loop1 $ip2 show int addr show macro undefine ip1 undefine ip2 Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I08a800647bac573d8ae3cfd75c40061d41c5f976
2020-06-19nat: remove unused codeKlement Sekera2-47/+0
Type: refactor Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Icc55276c8a4c256049718610cb131a34dc8d0a80
2020-06-17docs: add more FEATURE.yaml documentationDave Barach3-0/+39
For src/tools/g2, src/vlibapi, and src/vlibmemory Type: docs Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I800c3e3a1ecb011d5e692d78a015e78342706786
2020-06-17docs: add more FEATURE.yaml documentationDave Barach4-0/+104
This patch documents the DNS plugin, vlib packet tracing, vnet feature arcs, and the vppinfra library. Type: docs Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Idb16ec0593d428ce78fe8404374a823a56b4b420
2020-06-17nat: print hash table parameters in CLIKlement Sekera1-2/+13
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Id6ab7e2ca965e860ea3f96145a888e0f3ccf9778
2020-06-17build: multiple yaml file supportDave Barach1-2/+2
Change the yaml file matching pattern from FEATURE.yaml to FEATURE*.yaml, so we can document multiple features in one directory. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic62f9fb4c73330c698724244cd8b362364fce5f9
2020-06-17nat: add more trex test scriptsKlement Sekera3-0/+206
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ia824d663c86d6a7c9bafe0206e9a93f93884739d
2020-06-17build: cmake cross-compilation fixesDamjan Marion2-1/+5
Type: fix Change-Id: I40337c208375b74b4dc3c35102c5e66a6e4568e8 Signed-off-by: Damjan Marion <damarion@cisco.com>