| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
On host interface if a VLAN tagged packet is received, linux kernel removes
the VLAN header from packet byte stream and adds metadata in tpacket2_hdr.
This patch explicitely checks for the presense of VLAN metadata and adds it
in VPP packet.
Change-Id: I0ba35c1e98dbc008ce18d032f22f2717d610c1aa
Signed-off-by: Akshaya N <akshaya@rtbrick.com>
(cherry picked from commit 535f0bfe0274e86c5d2e00dfd66dd632c6ae20a9)
|
|
1. Limit MAC entry update per l2-learn call to reduce update burst
when wall clock advance to the the next minute so all MAC time
stamps are behind current time.
2. Optimize l2-learn node fast path code sequence.
3. Invalidate cache_key when update MAC entry.
4. Change L2 learn hit counter to L2 learn hit-update counter.
5. Increase L2FIB table memory size to 512MB to fit 4M entries
6. Set MAC learn limit at 4M entries
Change-Id: I19572f7f8a4b42a01be025a609fb03af50af16b2
Signed-off-by: John Lo <loj@cisco.com>
|
|
(complete the fix for VPP-935)
The fix for VPP-935 missed the case that hash_acl_add() and hash_acl_delete() may be called
during the replacement of the existing applied ACL, as a result the "applied" logic needs
to be replicated for the hash acls separately, since it is a lower layer.
Change-Id: I7dcb2b120fcbdceb5e59acb5029f9eb77bd0f240
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
The handler was calling the routines with sw_if_index instead of hw_if_index,
fix that by an extra call to vnet_get_sw_interface, and check that the interface
type is VNET_SW_INTERFACE_TYPE_HARDWARE before proceeding.
Change-Id: I4a6f65f44e250ecdb2b72d2693c9d7db5a52b966
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Ice6b3818ee24c7c248bf61e4d6c1ef2a85cb8fb1
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit af8c8e5d9596b4bb1dc6edc5c3675de5304f6456)
|
|
Change-Id: I04589d3613653c402e6628202598972c2fa59d24
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I0db02dd0147dbd47d4296fdb84280d0e7d321f3c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I62939592bd3cb151e02c55a3f1ee6e7d1ce469cb
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
Current optional DPDK PMDs are:
- AESNI MB PMD (SW crypto)
- AESNI GCM PMD (SW crypto)
- MLX4 PMD
- MLX5 PMD
This change will always build DPDK SW crypto PMDs and required SW crypto
libraries, while MLX PMDs are still optional and the user has to build
required libraries.
Now the configure script detects if any of the optional DPDK PMDs were
built and link against their required libraries/dependencies.
Change-Id: I1560bebd71035d6486483f22da90042ec2ce40a1
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
In multithread setup the main thread may send packets,
which may pass through the node with permit+reflect action.
This creates the connection in lists for thread0,
however in multithread there are no interupt handlers there.
Ensure we are not spending too much time spinning in a
tight cycle by suspending the main cleaner thread
until the current iteration of interrupts is processed.
Change-Id: Idb7346737757ee9a67b5d3e549bc9ad9aab22e89
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Id7e0f967cc510f0b45f043f74493854083ac67ae
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
(VPP-936)
When looking at resource utilisation, it is useful to understand
the interactions between the acl-plugin and the rest of VPP.
MACIP ACLs till now could only be dumped via API,
which is tricky when debugging. Add the CLIs to see
the MACIP ACLs and where they are applied.
Change-Id: I3211901589e3dcff751697831c1cd0e19dcab1da
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
portrange matches on the same hash key (VPP-938)
Multiple portranges that land on the same hash key will always report the match
on the first portrange - even when the subsequent portranges have matched.
Test escape, so make a corresponding test case and fix the code so it passes.
Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
interface (VPP-935)
The logic in hash ACL bitmask update was using the vector
of ACLs applied to the interface to rebuild the hash lookup mask.
However, in transient cases (like doing group manipulation with
hash ACLs), that will not hold true. Thus, make
a local copy of for which ACL indices the hash_acl_apply
was called previously, and maintain that one local
to the hash_lookup.c file logic.
Change-Id: I30187d68febce8bba2ab6ffbb1eee13b5c96a44b
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
traffic (VPP-910/VPP-929)
The commit fixing the VPP-910 and separating the memory operations
into separate heaps has missed setting the MHEAP_FLAG_THREAD_SAFE,
which quite obviously caused the issues in the multithread setup.
Fix that.
Also, add the debug CLIs
"set acl-plugin heap {main|hash} {validate|trace} {1|0}"
to toggle the memory instrumentation, in case we ever need it
in the future.
Change-Id: I8bd4f7978613f5ea75a030cfb90674dac34ae7bf
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
The packet that was creating the session was not tracked,
consequently the TCP flags seen within the session record
never got the value for the session to get treated as
being in the established state.
Test-escape, so add the TCP tests which test the
three phases of the TCP session life and make them all pass.
Change-Id: Ib048bc30c809a7f03be2de7e8361c2c281270348
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
- the echo_reply_node is now notifying the cli process on the main thread/vlib_main
- the timestamp for the icmp reply is now acquired in the echo_reply_node and not in the cli process to avoid an off by 10ms error (see 【vpp-dev】delay is error in ping with multi worker thread)
Change-Id: I21d37002b0376b4f2ccab08d8f04c2f2944b9b39
Signed-off-by: Mohammed Hawari <mhawari@cisco.com>
(cherry picked from commit 03a6213fb5022d37ea92f974a1814db1c70bcbdf)
|
|
It was uncaught by make test because the corresponding tests are not there yet - part of 17.10 deliverables
Change-Id: I55456f1874ce5665a06ee411c7abf37cd19ed814
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
(VPP-910)
The further prolonged testing from testbed that reported VPP-910
has uncovered a couple of deeper issues with optimization from
7384, and the usage of subscripts rather than vec_elt_at_index()
allowed to hide a couple of further errors in the code.
Also, the current acl-plugin behavior of using the global
heap for its dynamic data is problematic - it makes
the troubleshooting much harder by potentially spreading
the problem around.
Based on this experience, this commits makes a few changes to fix
the issues seen, also improving the serviceability of the acl-plugin
code for the future:
- Use separate mheaps for any ACL-related control plane
operations and separate for the hash lookup datastructures,
to compartmentalize any memory-related issues for the ACL plugin.
- Ensure vec_elt_at_index() usage throughout the hash_lookup.c file.
- Use vectors rather than raw memory for storing the "ordinary" ACL rules.
- Rework the optimization from 7384 to use a separate tail pointer
rather than overloading the "prev" field.
- Make get_session_ptr() more conservative and adjust is_valid_session_ptr
accordingly
Change-Id: Ifda85193f361de5ed3782a4acd39622bd33c5830
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
(VPP-912)
Fix several threading-related issues uncovered by the CSIT scale/performance test:
- make the per-interface add/del counters per-thread
- preallocate the per-worker session pools rather than
attempting to resize them within the datapath
- move the bihash initialization to the moment of ACL
being applied rather than later during the connection creation
- adjust the connection cleaning logic to not require
the signaling from workers to main thread
- make the connection lists check in the main thread robust against workers
updating the list heads at the same time
- add more information to "show acl-plugin sessions" to aid in debugging
Change-Id: If82ef715e4993614df11db5e9afa7fa6b522d9bc
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Node function pointer was not set on all node runtimes causing crash if
new interface is different type.
Change-Id: I4661fe883befc6cd3fc6dfc14fd44f6fa5faf27c
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit c418e4ac7cf36bd64f3130c258d5f1897c245f2b)
|
|
(VPP-916)
The syntax for debug vhost-user is
debug vhost-user <on | off>
However, currently the code does not reject the invalid command such as below
debug vhost-user
debug vhost-user on blah
debug vhost-user off blah
The fix is to enforece the correct syntax and reject the command when invalid
option is entered.
Change-Id: I1a04ae8ddb6dd299aa6d15b043362964e685ddde
Signed-off-by: Steven <sluong@cisco.com>
|
|
applied as part of many (VPP-910)
change 7385 has added the code which has the first ACE's "prev" entry within the linked list of
shadowed ACEs pointing to the last ACE, in order to avoid the frequent linear list traversal.
That change was not complete and did not update this "prev" entry whenever the last ACE was deleted.
As a result the changes within the applied ACLs which caused the calls to hash_acl_unapply/hash_acl_apply
may result in hitting assert which does the sanity check. The solution is to add the missing update logic.
Change-Id: I9cbe9a7c68b92fa3a22a8efd11b679667d38f186
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I4a529dfab5d0ce6b0bbc0ccbbd89c6b109dbf917
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I84cea7530b01302a0adeef95b4924f54dc2e41ec
Signed-off-by: Eyal Bari <ebari@cisco.com>
(cherry picked from commit 8af1b2fdecc883eadfec6b91434adc6044e24cb2)
|
|
Cleanup mapping of interface output node for the l2-output node
when interface is configured to L2 or L3 modes. The mapping is
now always done in the main thread as part of API/CLI processing,
instead of initiate mapping in the forwarding path which can be
in the worker threads.
Change-Id: Ia789493e7d9f5c76d68edfaf34db43f3e3f53506
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I902f54618c4e1f649af11497c1cb10922e43755a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ief02eb1109a1bc463665d9747e9fa4e0c0e3d7e0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- PCI devices not properly discovered
- vlib_pci_bus_master_enable () not working
Change-Id: I7433ab1b19b890b8900635b43037b9a2017a1921
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ied8b26179cdf4add34440a9c396cb821716cfb8e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Looks like some compiler versions are producing wrong code when we are
copying 9-16 bytes so reverting back to the original code.
Change-Id: I74b5fa54a3b01f6288648f1cb0926030edd3b26f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
In multi-threaded model (e.g. 1 main and 1 worker threads),
after an ethernet interface is deleted (e.g. vhost-user interface),
'show runtime' command produces garbled output and sometimes
leads to vpp crash.
The reason is because vlib_node_rename() frees and reallocates node's
'n->name' vector, however the change is not propagated into copies
of the node on worker threads.
Change-Id: Ibf22422913b7f2df22f70f3b2fe8dafd34c1dd06
Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
|
|
Change-Id: Ia35edcb14eb8d786065ee4ab394f4f1aa52e1625
Signed-off-by: Ed Warnicke <hagbard@gmail.com>
|
|
LLDP packets are dropped at interface output node if each slave's link
is configured as the LLDP interface. The admin state is configured and
managed by the bonded interface, so slave link's state is down by default.
The checking for the admin state UP should be ignored for the slave link.
Change-Id: I06ca250f42fcb8cc50e0ea3a3817a2c5b56865df
Signed-off-by: Steve Shin <jonshin@cisco.com>
(cherry picked from commit 042a621b90c9f521b546cbbf724bb908e36f3b25)
|
|
Change-Id: I21fbc9aff2b97a8b3f4cbed202c00b6d84557a6e
Signed-off-by: Alexander Kotov <kot@yandex.ru>
(cherry picked from commit 28160f38488743b8cee0a7bd62b432a9dd8f4bfd)
|
|
- The result of 0.0/0.0 was being rendered as a lot of
zeroes in the integer portion, as in this example:
DBGvpp# show physmem
0: 16 objects, 576k of 582k used, 3k free, 0 reclaimed, 2k overhead,
16380k capacity
alloc. from small object cache: 0 hits 0 attempts (0.00%) replacements 0
alloc. from free-list: 0 attempts, 0 hits (0.00%), 0 considered (per-attempt 0.00)
alloc. from vector-expand: 16
allocs: 16 73643.06 clocks/call
frees: 0 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000.00 clocks/call
- Add two macros to vppinfra/math.h that use compiler builtins to check
for NaN and Infinity and then use them in format_float().
Change-Id: Iccc03997e6e33d6b888d1e7e20cd78df0cfd02e8
Signed-off-by: Chris Luke <chrisy@flirble.org>
(cherry picked from commit bb18ee6f1c7c172d30cb0c98153499af571777ee)
|
|
Change-Id: I0e6c86bd923fcf7cf16f948b9869a5927e6d3745
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 3d62a7f0b9a4b967ad53f5990729acca932f90b4)
|
|
Add API methods to configure LLDP and set interface to enable/disable.
Also add port description TLV for LLDP.
Change-Id: Ib959d488c2ab8a0069f143558871f41fcc43a5d3
Signed-off-by: Steve Shin <jonshin@cisco.com>
(cherry picked from commit 99a0e60eb6f6acd7eabd5a4cb7ded1e0419ccd54)
|
|
If a bonded interface is in active-backup mode and configured with
IPv4 and/or IPv6 addresses, on slave interface link up/down, send
a GARP packet if configured with an IPv4 address and an unsolcited
NA if configured with an IPv6 address. These packets can help with
faster route convergence in the next hop router/switch.
Change-Id: I68ccb11a4a40cda414704fa08ee0171c952befa2
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit 8b81cb43359380e50d3fc216d93ff05894149939)
|
|
Change-Id: I56bf6b46527f9465d78ed7c08b6e216e50c135ec
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Iaea91a95d58678b8b3c56f3fceab76817e0f63ff
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|
|
Spotted in the output of CLI command "show buffers", the name field
sometimes had trailing garbage, the hall sign of a string not being
terminated. In this case it was being inconsistently used as a cstring
or a vec.
- CLI printf needs %v to print the vec srring
- vlib_buffer_create_free_list_helper tried to use
clib_mem_is_heap_object() to detect a vec object, wheras it should
use clib_mem_is_vec()
Change-Id: Ib8b242a0c5a18924b8af7e8e1432784eebcf572c
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
This is preparation for new C API. Moving common stuff to separate
headers reduces dependency issues.
Change-Id: Ie7adb23398de72448e5eba6c1c1da4e1bc678725
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 58eb866b15a45514dc356170f28640d6c9db8034)
|
|
The "acl_plugin" tests has one of the tests sporadically fail with the following traceback:
r.reply.decode().rstrip('\x00') UnicodeDecodeError: 'ascii' codec can't decode byte
0xd8 in position 20666: ordinal not in range(128)
This occurs in the newly added "show acl-plugin table" debug CLI.
This CLI has only the numeric outputs, so the conclusion is that it is
the incorrect termination (trailing zero) that might be most probably
causing it. The other acl-plugins show commands also
lack the zero-termination termination, so fix all of them.
The particularity of this command vs. the other acl-plugin debug CLIs
is that the accumulator is freed and allocated multiple times,
this might explain the issue is not seen with them.
Change-Id: I87b5c0d6152fbebcae9c7d0ce97155c1ae6666db
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
When applying ACEs, in the new hash-based scheme, for each ACE
the lookup in the hash table is done, and either that ACE is added
to the end of the existing list if there is a match,
or a new list is created if there is no match.
Usually ACEs do not overlap, so this operation is fast, however,
the fragment-permit entries in case of a large number of ACLs
create a huge list which needs to be traversed for every other
ACE being added, slowing down the process dramatically.
The solution is to add an explicit flag to denote the first
element of the chain, and use the "prev" index of that
element to point to the tail element. The "next" field
of the last element is still ~0 and if we touch that
one, we do the linear search to find the first one,
but that is a relatively infrequent operation.
Change-Id: I352a3becd7854cf39aae65f0950afad7d18a70aa
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
show interface rx-placement somtimes displays the wrong interface names.
This happens when there exists subinterfaces in VPP.
The problem is due to the function show_interface_rx_placement_fn is calling
format_vnet_sw_if_index_name with hw_if_index instead of sw_if_index.
VPP has the concept of sw_if_index and hw_if_index. Each serves a different
purpose. When there is no subinterfaces, both hw_if_index and sw_if_index
may happen to have the same value.But don't count on it. When the API calls
for sw_if_index, we must pass the sw_if_index although the hw_if_index has
the same type which the compiler does not catch. Passing hw_if_index for an
API which requires sw_if_index may have an unpredictable result such as
described in the VPP-894 and sometimes it may even crash if the particular
index does not exist.
Change-Id: I76c4834f79b88a1c20684fcba64f14b2da142d77
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: I8cd90820624987dbef848935e2de86fa66a86c17
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
after deleting a sub interface with IP4/IP6 address vpp crash
Change-Id: Ie768ca845b9e2394f61e2a8e9722a80a788746e7
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
(cherry picked from commit 9f5a2b6310ce5c8e59c32ca6f27d8a187b0e4346)
|
|
traffic (VPP-892)
When stacking DPOs the VLIB graph is also updated to add the edge between the nodes, if this edge does not yet exist. This addition should be done with the workers stopped.
Change-Id: I327e4d7d26f0b23eb280f17e4619ff2093ff7940
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
fixed instability in l2bd_multi_instnce test - sometimes failing with extra
packets captured
it appears l2-learn was not updating hit entries but rather a copy of them.
if the ager did not have a chance to run before the test was running the
learning cycle - entries were not updated with the packet's seq num - causing
packets to flood when hitting the stale seq_num in l2-fwd - hence the extra
packets
fixed handling of filter entries
revert workaround for instability in test
Change-Id: I16d918e6310a5bf40bad5b7335b2140c2867cb71
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
Akshaya N
John Lo
Andrew Yourtchenko
Florin Coras
Damjan Marion
Sergio Gonzalez Monroy
Mohammed Hawari
Steven
Neale Ranns
Eyal Bari
Igor Mikhailov (imichail)
Ed Warnicke
Steve Shin
Alexander Kotov
Chris Luke
Klement Sekera
Ole Troan
Ed Warnicke
Dave Barach
Pavel Kotucek