Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Currently, IPsec tunnel traffic goes to ip4-input/ip6-input after esp-encrypt.
It is not necessary to check that the new IP header is valid (if it is not
valid then we have otehr issues).
Instead, just send packets straight to ip4-lookup/ip6-lookup after esp-encrypt.
Change-Id: I5e35d500cb0f33f418f8554ed1f4390f02b6647d
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
DPDK Cryptodev support and related IPsec ESP nodes using DPDK Cryptodev APIs.
When DPDK Cryptodev support is enabled, the node graph is modified by adding
and replacing some of the nodes.
The following nodes are replaced:
* esp-encrypt -> dpdk-esp-encrypt
* esp-decrypt -> dpdk-esp-decrypt
The following nodes are added:
* dpdk-crypto-input : polling input node
* dpdk-esp-encrypt-post : internal node
* dpdk-esp-decrypt-post : internal node
Change-Id: I6dca9a890abaf4fb2a4fffce3fd08ac013e4d701
Signed-off-by: Zhang, Roy Fan <roy.fan.zhang@intel.com>
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
Beside performance optimization this change
also introduces rte_mbuf validation in dpdk tx code.
If packet is arrving from non-DPDK source like
self-originated packets or non-dpdk devices (tuntap,
af_packet, netmap, pg) it is not anymore exepcted
that it contains valid rte_mbuf metadata unless it is
explictely stated by setting VNET_BUFFER_RTE_MBUF_VALID
flag.
dpdk-input node sets VNET_BUFFER_RTE_MBUF_VALID on all
packets and that reduces cost of validation in tx node.
Change-Id: I4ad40f398f7b5cf90656a2069a27c0f6fc13efba
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Only consumer was ipsec which is now moved to the new
ip{4,6}-output feature arc.
Change-Id: I06008e67b5449c25eae77f28e1688521af3a23e0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I27accb0c87d6bf2fbbe90d8d1bc074697299e639
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Enqueue buffers into next frame before validating them.
Change-Id: I466518bc6f304678136a2c3d37f136ce878eef05
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
GRE encapsulate layer 2 traffic and IPSec encrypt what is encapsulated by GRE.
The whole point of L2-GRE over IPSec is to tunnel layer 2 over GRE and IPSec by
bridging the physical interface with IPSec-GRE tunnel interface.
Change-Id: Ia4cf9ed407bf663770e0d8905c0ad44ce73bd23b
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I4e43606884ebad9a84abda779b82417192727ef3
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ie9e05e2c74e7843a937870e2c64db0499f03a6a4
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
Change-Id: I22399aa9d55db0d91da7ba6acbbf552c0d201458
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I6d224fe19f1e0dd7ad5659e0734bc96ba37337ff
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I3f5113533b365366cc3f6ef87858e19879f703cf
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
* compiler -march= parameter is changed from native to corei7
so code is always genereted with instructions which are available
on the Nehalem microarchitecture (up to SSE4.2)
* compiler -mtune= parameter is added so code is optimized for
corei7-avx which equals to Sandy Bridge microarchitecture
* set of macros is added which allows run-time detection of available
cpu instructions (e.g. clib_cpu_supports_avx())
* set of macros is added which allows us to clone graph node funcitons
where cloned function is optmized for different microarchitecture
Those macros are using following attributes:
__attribute__((flatten))
__attribute__((target("arch=core-avx2)))
I.e. If applied to foo_node_fn() macro will generate cloned
functions foo_node_fn_avx2() and foo_node_fn_avx512() (future)
It will also generate function void * foo_node_fn_multiarch_select()
which detects available instruction set and returns pointer to the
best matching function clone.
Change-Id: I2dce0ac92a5ede95fcb56f47f3d1f3c4c040bac0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib231642cfead5f5e8e45508361a11c87aad83b51
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Change-Id: I22cb443c4bd0bf298abb6f06e8e4ca65a44a2854
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib246f1fbfce93274020ee93ce461e3d8bd8b9f17
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|