summaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2018-01-25NAT: nat.c refactor (split out CLI) (VPP-1140)Matus Fabian1-2/+12
Moved CLI from nat.c to nat44_cli.c Split "show nat44" to: show nat44 addresses show nat44 interfaces show nat44 static mappings show nat44 interface address show nat44 sessions detail show nat44 deterministic mappings show nat44 deterministic timeouts show nat44 deterministic sessions show nat workers Change-Id: I2d1be8941dd0e4a9e037f4a4d2cd192389beb8ed Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-25make test: verify that /dev/shm is big enoughKlement Sekera2-0/+31
Verify that /dev/shm size is >= 512M, which should be enough for `make test' needs. If the verification fails, try to enlarge it automatically. This helps avoid docker vpp/make test crashes (seen as SIGBUS). Change-Id: I4e23d59ff8bf8befc320fa229fb6c9bfeb809a8f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-01-24SCTP stack (RFC4960)Marco Varlese1-0/+91
== CONTENT == * SCTP chunks definition as per RFC4960; * Helper functions to set/get values to/from the corresponding chunks; * Hooks to the session/application layers; * Complete state-machine handling; * Implementation for unexpected chunk received in a certain state (state-machine error handling) * Support for 1-single connection; * Sample application to test receive/transmit data-path; * Test to validate SCTP stack; Change-Id: I1b55c455ab400be9513f4e094dadfc3181d2ebc9 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-01-24Improve the error reporting for a IP multicast RPF miss.Neale Ranns1-0/+9
now we get: 00:00:04:288925: pg-input ... 00:00:04:289345: ethernet-input ... 00:00:04:289524: ip6-input ... 00:00:04:289553: ip6-mfib-forward-lookup ... 00:00:04:289584: ip6-mfib-forward-rpf entry 14 itf 2 flags Forward, 00:00:04:289754: ip6-drop UDP: 2002::1 -> ff01:2::255 tos 0x00, flow label 0x0, hop limit 64, payload length 21 UDP: 1234 -> 1234 length 21, checksum 0x90d1 00:00:04:289802: error-drop ip4-input: Multicast RPF check failed 08:36:44,517 Count Node Reason 182 ip4-input Multicast RPF check failed 8 ip6-icmp-input neighbor advertisements sent 8 ip6-icmp-input router advertisements sent 8 arp-input ARP replies sent Change-Id: I1b29cda4ec77a88db45bfb25c7473cd64bbf501a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-24NAT44: asymmetrical static mapping and one-armed NAT (VPP-1138)Matus Fabian1-0/+64
One-armed NAT should work for asymmetrical static mappings without adding external address to the NAT44 pool. Change-Id: Ie886b75b55c3b552d1029a50bd967625fde80f09 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-23For DHCP client configuration control the setting of the broadcast flag in theNeale Ranns2-4/+107
DISCOVER message sent. According to RFC2131: In the case of a client using DHCP for initial configuration (before the client's TCP/IP software has been completely configured), DHCP requires creative use of the client's TCP/IP software and liberal interpretation of RFC 1122. The TCP/IP software SHOULD accept and forward to the IP layer any IP packets delivered to the client's hardware address before the IP address is configured; DHCP servers and BOOTP relay agents may not be able to deliver DHCP messages to clients that cannot accept hardware unicast datagrams before the TCP/IP software is configured. To work around some clients that cannot accept IP unicast datagrams before the TCP/IP software is configured as discussed in the previous paragraph, DHCP uses the 'flags' field [21]. The leftmost bit is defined as the BROADCAST (B) flag. The semantics of this flag are discussed in section 4.1 of this document. The remaining bits of the flags field are reserved for future use. They MUST be set to zero by clients and ignored by servers and relay agents. Figure 2 gives the format of the 'flags' field. this changes means VPP conforms to the: "SHOULD accept and forward to the IP layer any IP packets delivered to the client's hardware address before the IP address is configured" with the caveat that VPP allows DHCP packets destined to the stanard client DHCP port to be delivered. With this enhancement the control-plane is now able to choose the setting of the broadcast flag. Change-Id: Ia4eb2c9bb1e30c29f9192facc645e9533641955a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-22svm: queue sub: Add conditional timed waitMohsin Kazmi2-16/+24
On reviece side svm queue only permits blocking and non-blocking calls. This patch adds timed wait blocking functionality which returns either on signal/event or on given time out. It also preserves the original behavior, so it will not hurt client applications which are using svm queue. Change-Id: Ic10632170330a80afb8bc781d4ccddfe4da2c69a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-01-22NAT44: asymmetrical static mapping rule (VPP-1135)Matus Fabian2-4/+106
add option to NAT44 static mapping API/CLI to make rule asymmetrical (rule match only out2in direction) Change-Id: If262a3ff375a24d3059f0de1f1ac387a4fe09475 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-17LD_PRELOAD: stateless LDPDave Wallace1-0/+9
- Refactor LDP to be stateless. - Use upper bit of fd to identify tag as VCL session. - Clean up debug output. - Add VCOM config env vars for app name and sid bit. - Add VCL get/set attributes - Add VCL poll implementation. Change-Id: I4603ae88254c460a024fdb79fe91c6d1ef9bc7b9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-01-11NAT44: asymmetrical load balancing static mapping rule (VPP-1132)Matus Fabian2-0/+117
Add option to NAT44 load balancing static mapping API/CLI to make rule asymmetrical (rule match only in out2in direction). Change-Id: I325ecef5591e4bf44ce4469a24d44fe56c3bb2e9 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-11Add basic support for DS-Lite CE (VPP-1059)Juraj Sloboda2-0/+115
Change-Id: Ifcca60da3f77c0a4959f98b3365c846badbdc2d0 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-09DVR: run L3 output featuresNeale Ranns3-22/+52
- rename l2_bridged to is_dvr. Including on the ip.api this was new in the 18.01 release so no compatability issues. - steal the free space in vnet_buffer_opaque_t for use with flags. - run the ipX-output feature arc from the DVR DPO Change-Id: I040e5976d1dbe076fcdda3a40a7804f56337ce3f Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-09BIER: missing endian swap for imposition object in API returnNeale Ranns2-2/+7
Change-Id: Iddd754d00ace3d042336e5c2c40431566275051a Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-01-09test: consolidate the multiple versions of send_and_*Neale Ranns10-207/+31
Change-Id: I7fa7d0ebf73dab8264a2e5ddbd412600d78ead05 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-08NAT64: IPFix (VPP-1106)Matus Fabian2-26/+483
Change-Id: Ib90dc5613c9fdac0344b3bd7f163e2f7163c64d8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-06VPP-1110 BVI reply ARP that doesn't request BVI loacl IP.zhaoqingling1-1/+13
Change-Id: I66ae618edaa12c2b4e4afe276da689673b02c9cd Signed-off-by: zhaoqingling <zhao.qingling@zte.com.cn>
2018-01-05Add support for 464XLAT NAT44 mode (VPP-1045)Juraj Sloboda2-12/+231
Change-Id: I24e7a26972bbbfcea100292b212b29ae7a349335 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-12-22tcp: add builtin server/client transfer testFlorin Coras2-2/+76
Change-Id: Iab0baabf2f27bc7ad7fbf2d2789a493752b07d8a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-12-20L2 EmulationNeale Ranns2-28/+226
L2 Emulation is a feautre that is applied to L2 ports to 'extract' IP packets from the L2 path and inject them into the L3 path (i.e. into the appropriate ip[4|6]_input node). L3 routes in the table_id for that interface should then be configured as DVR routes, therefore the forwarded packet has the L2 header preserved and togehter the L3 routed system behaves like an L2 bridge. Change-Id: I8effd7e2f4c67ee277b73c7bc79aa3e5a3e34d03 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-12-20fix kubeproxy some testsGabriel Ganne1-2/+6
* NAT46: fix test cleanup, missing del keyword * NAT66: fix kube-proxy vip, is ipv6 * add some missing kp_put_writer_lock * wipe flowtable after each unit test * Add new cli api: "test kube-proxy flowtable flush" to flushes everything * Call this new cli function after the end of each kube-proxy unit test. * same as commit b3d1b203579226ca5136b9d6a2744577d07cfcc6 for the lb plugin Change-Id: I4146f44841328ec96eb66729e3bae3d40f33e4aa Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-12-20Translate matching packets using NAT (VPP-1069)Juraj Sloboda2-4/+87
Add API function which enables forwarding of packets not matching existing translation or static mapping instead of dropping them. When forwarding is enabled matching packets will be translated while non-matching packets will be forwarded without translation. Change-Id: Ic13040cbad16d3a1ecdc3e02a497171bef6aa413 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-12-19NAT: Twice NAT44 (VPP-969)Matus Fabian2-9/+190
Translation of both source and destination addresses and ports for 1:1 NAT session initiated from outside network (ExternalIP K8 use case). Change-Id: Ic0000497cf71619aac996d6d580844f0ea0edc14 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-18Support kube-proxy data planeHongjun Ni1-0/+203
This plugin provides kube-proxy data plane on user space, which is used to replace linux kernal's kube-proxy based on iptables. The idea is largely inspired from VPP LB plugin. Currently, kube-proxy plugin supports three service types: 1) Cluster IP plus Port: support any protocols, including TCP, UDP. 2) Node IP plus Node Port: currently only support UDP. 3) External Load Balancer. Please refer to kp_plugin_doc.md for details. Change-Id: I36690e417dd26ad5ec1bd77c7ea4b8100416cac6 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-12-16PAPI: Add docstrings to unit tests.Ole Troan1-0/+17
Change-Id: I0e20100c9e2ca4e951f605a79d48c04ff47864cb Signed-off-by: Ole Troan <ot@cisco.com>
2017-12-16GRE tunnel key includes the FIB tableNeale Ranns2-2/+21
- GRE tunnels with the same src,dst addresses are not the same tunnel - Two data-plane improvements: - the cached key was never updated and so useless - no need to dereference the tunnel's HW interface to get the sw_if_index Change-Id: I2f2ea6e08c759a810b753cec22c497e921a2ca01 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-12-16Use crc32 wrapper (VPP-1086)Gabriel Ganne1-1/+1
This allows arm platforms to also take advantage of crc32 hardware acceleration. * add a wrapper for crc32_u64. It's the only one really used. Using it instead of a call to clib_crc32c() eases building symmetrical hash functions. * replace #ifdef on SSE4 by a test on clib_crc32c_uses_intrinsics. Note: keep the test on i386 * fix typo in lb test log Change-Id: I03a0897b70f6c1717e6901d93cf0fe024d5facb5 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-12-15make test: disable tests which require CXX >= 5.3 on rhelGabriel Ganne1-1/+1
same as commit d3e671e0dbb879d90f00bdee608ee0bb5f6357ae did for centos Change-Id: If57765490d1ef41042a42db433b704af2f0c0ffd Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-12-15ESP_AH_test_automation_scripts rev1“mystarrocks”4-1/+829
Change-Id: I941abdc4a02e4c52c66b9d299e380b27caca7c1d Signed-off-by: “mystarrocks” <mystarrocks@yahoo.com>
2017-12-14BIER disposition default routeNeale Ranns1-0/+25
Change-Id: I7196ad8bf6afaf356674789c05e23ac000bc038e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-12-13IP bi-direction multicast - same cable check on egressNeale Ranns1-3/+43
Change-Id: I655382f7f74181dd7c795a2b22f151f76b50e793 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-12-13make "test-all" target pass againGabriel Ganne3-116/+15
The "test-all" target is still never called as part of any continuous test (as it probably should) but at least it can now be expected to succeed. VXLAN-GPE: * decapsulate Ethernet to "l2-input" instead of "ethernet-input" otherwise the inner mac address get checked against the interface one (external) and packet gets dropped (mac mismatch) * set packet input sw_if_index to unicast vxlan tunnel for learning TEST: * VXLAN: * reduce the number of share tunnels: => reduce test duration by half => no functional change * VXLAN-GPE: * fix test TearDown() cli: command is "show vxlan-gpe" only * remove vxlan-gpe specific tests as the were a duplicated of the BridgeDomain one and already inherited. * disable test_mcast_rcv() and test_mcast_flood() tests * P2PEthernetAPI: * remove test: "create 100k of p2p subifs" there already is a "create 1k p2p subifs" so this one is a load test and not a unit test. See: lists.fd.io/pipermail/vpp-dev/2017-November/007280.html Change-Id: Icafb83769eb560cbdeb3dc6d1f1d3c23c0901cd9 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-12-13GRE: fix single loop decap and add testNeale Ranns2-0/+34
Change-Id: I64e8a76a17057ae69de72a5a80c0a194cd0c21cb Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-12-13NAT64: multi-thread support (VPP-891)Matus Fabian1-3/+3
Change-Id: Iebf859b6d86482e4465423bad598eecf87e53ec4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-13NAT: DS-Lite AFTR tunnel endpoint address respond to ICMPv6 echo request ↵Matus Fabian1-0/+14
(VPP-1090) Change-Id: I361c043979274eac1aefcd95abdf1624a3ef2756 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-12tcp/session: add make testsFlorin Coras3-0/+67
Change-Id: Icb93ab80c5a6432d7b2b698a47e8b612c6f06fbd Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-12-11acl-plugin: unapply/reapply the classifier-based inacls when performing ↵Andrew Yourtchenko1-19/+15
macip_acl_add_replace on an existing MACIP ACL The classifier tables layout might (and most always will) change during the MACIP ACL modification. Furthermore, vnet_set_input_acl_intfc() is quite a picky creature - it quietly does nothing if there is an existing inacl applied, even if the number is different, so a simple "reapply" does not work. So, cleanly remove inacl, then reapply when the new tables are ready. Also, fix the testcase which was supposed to test this exact behavior. Thanks to Jon Loeliger for spotting this issue. Change-Id: I7e4bd8023d9de7e914448bb4466c1b0ef6940f58 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-12-09BIER in non-MPLS netowrksNeale Ranns4-35/+230
as decsribed in section 2.2 ihttps://tools.ietf.org/html/draft-ietf-bier-mpls-encapsulation-10 with BIFT encoding from: https://tools.ietf.org/html/draft-wijnandsxu-bier-non-mpls-bift-encoding-00 changes: 1 - introduce the new BIFT lookup table. BIER tables that have an associated MPLS label are added to the MPLS-FIB. Those that don't are added to the BIER table 2 - BIER routes that have no associated output MPLS label will add a BIFT label. 3 - The BIER FMask has a path-list as a member to resolve via any possible path. Change-Id: I1fd4d9dbd074f0e855c16e9329b81460ebe1efce Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-12-08VOM: prefix bit fiddlingNeale Ranns1-1/+39
Change-Id: I4fbf4a574f455628d56e78cefc1a76adc06bc801 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-12-02VOM: l2fib: Add bvi flag supportMohsin Kazmi1-4/+46
Change-Id: I03d7508649e80a538fcf9541815e2c29224bc87a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2017-11-30NAT44: identity NAT (VPP-1073)Matus Fabian2-0/+107
Identity mapping translate an IP address to itself. Change-Id: Icc0ca5102d32547a4b0c75720b5f5bf41ed69c71 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-29VOM: logging, populate and stats fixesNeale Ranns1-3/+1
logging: allow a client to register a callback handler to recieve log messages that way the client can maintain a correctly sequenced log populate: fix the creation of interface and the setting of the handle stats: the reset promise idea is not defined behaviour. Use an eanble/disable command pair Change-Id: I347720bb65df2874c7619e722d593bc863ee2bf1 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-25VCL: improve debug outputDave Wallace1-2/+10
- Refactor debug output to include vpp handle associated with session id where appropriate. - Fix vcom_connect return value on error. - Refactor vcom_socket_epoll_pwait(). - Fix sock_test_server/client connect failure handling. Change-Id: I2649596aa4b8a77d9bd876409a76810cb2785797 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-24VOM: Additions to allow uses to UT applications that use VOMNeale Ranns1-2/+2
- find object by key - compare objects Change-Id: I36ec8612be9482bcef7ceced2a59f7403f77b3e8 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-21VCL: close-on-empty state transition refactoring.Dave Wallace1-1/+1
- Refactor session disconnect/close state transitions. Only remove session state when app calls close(). Add HUP/reset feedback by returning ECONNRESET. - Update debug messages. - Use VCL_LOCK_AND_GET_SESSION macro more extensively Change-Id: I23d372834b901a6726e6d6c1061df73ad967882f Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-17Replace tap interface using general interfaceHongjun Ni1-2/+2
Change-Id: Icd73f00162fb6aabe296c8bb6f2174ad4f6a17b7 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-11-16Add Support of DHCP VSS Type 0 where VPN-ID is ASCIIJohn Lo2-175/+307
Enhence support of DHCP VSS (Virtual Subnet Selection) to include VSS type 0 where VSS info is a NVT (Network Virtual Terminal) ASCII VPN ID where the ASCII string MUST NOT be terminated with a zero byte. Existing code already support VSS type 1, where VSS information is a RFC 2685 VPN-ID of 7 bytes with 3 bytes OUI and 4 bytes VPN index, and VSS type 255 indicating global VPN. Change-Id: I54edbc447c89a2aacd1cc9fc72bd5ba386037608 Signed-off-by: John Lo <loj@cisco.com>
2017-11-15vxlan extended tests - fix scapy-related issuesGabriel Ganne2-1/+12
- Add vxlan-gpe binding on udp port 4790 (taken from scapy upstream) - VXLAN.VNI -> VXLAN.vni Change-Id: If7ad38fa04fbfec01e01c81a06e88ffe70183672 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-11-15VOM: interface RD update reconfigures L3 bindingsNeale Ranns1-0/+87
Change-Id: I273e1ea28c3c146e4a88d031c790c1cc56dccf00 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-14VOM: bridge-domain learning mode and route help commandsNeale Ranns1-3/+3
Change-Id: I2fa219d6530f1e7a3b8ae32d35a0c60ba57c5129 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-11ACLs: Use better error return codes than "-1" everywhere.Jon Loeliger1-5/+5
Added two new errors: ACL_IN_USE_INBOUND ACL_IN_USE_OUTBOUND Update ACL tests to expect new, precise return values. Change-Id: I644861a18aa5b70cce5f451dd6655641160c7697 Signed-off-by: Jon Loeliger <jdl@netgate.com>