Ray Kinsella [Tue, 7 Sep 2021 12:44:23 +0000 (13:44 +0100)]
stats: revert enable/disable segments polls
This reverts commit
034bd1067eddb700c6d2bc67974056fe00012310.
Type: refactor
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: Icce6052d6cf9616f7eac3185b4c9aace234aa59f
Benoît Ganne [Thu, 9 Sep 2021 10:00:00 +0000 (12:00 +0200)]
session: fix non-NULL terminated string
vlib_unix_recursive_mkdir () expects a NULL-terminated C-string.
Type: fix
Change-Id: I412b48443d0792307d611c466747c0aa5e423417
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Klement Sekera [Wed, 8 Sep 2021 13:15:59 +0000 (15:15 +0200)]
flowprobe: simplify test logic
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9a3923ec1ff1371e870bc57ade4035de07bfbbcb
Benoît Ganne [Thu, 9 Sep 2021 09:56:58 +0000 (11:56 +0200)]
linux-cp: fix non-NULL terminated string
lip->lip_host_name is a non-NULL terminated vector.
Type: fix
Change-Id: Ic154ad7f57f0b507204e55f78995cc0e89132e57
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Pim van Pelt [Thu, 12 Aug 2021 19:35:06 +0000 (21:35 +0200)]
linux-cp: Complete interface creation logic
Linux Control Plane interface creation logic is currently only able to
create untagged interfaces, and dot1q VLAN sub-interfaces. This change
makes it possible to create dot1ad VLAN sub-ints, and Q-in-AD as well
as Q-in-Q sub-interfaces as well.
It makes the plugin a bit more robust by catching a few common errors,
such as creating an lcp on a sub-interface without its parent having
one, and creating an lcp on a sub-interface that is not exact-match.
This change has a bunch of smaller improvemnets as well. I documented
my work in this post:
https://ipng.ch/s/articles/2021/08/12/vpp-1.html
It shows that after the change is merged, all VPP interface types now
create and operate cleanly as LCP interfaces as well.
Type: improvement
Signed-off-by: Pim van Pelt <pim@ipng.nl>
Change-Id: I322669f7316d44c227090b83d6a574fb9c00e76a
Pim van Pelt [Thu, 26 Aug 2021 13:49:17 +0000 (15:49 +0200)]
linux-cp: fix crash on failed vlib_buffer_copy
Type: fix
Signed-off-by: Pim van Pelt <pim@ipng.nl>
Change-Id: I390282ecc63600728cf11413510c0169178e305c
Matthew Smith [Wed, 25 Aug 2021 22:09:34 +0000 (17:09 -0500)]
vrrp: fix source address on advertisements
Type: fix
Advertisements are dropped by anti spoofing check in some situations.
When a VR has "accept mode" enabled, we must add the virtual IP addresses
to the interface when the VR transitions to master state. When this
happens, fib_sas4_get() starts selecting the newly added virtual IP
address as the source address for packets sent on the interface, so
advertisements are sent with that source address.
When the virtual IP address is being used as a NAT pool address on a peer
in the backup state, the peer sees the address as a local address and
drops incoming advertisements with that source address.
RFC 5798 section 5.1.1.1 says advertisements should use the primary
IPv4 address of the interface they are being sent on as the source
IP address. Since the virtual IP address is only temporarily added
while the VR is in the master state, the virtual IP address should
probably not be considered the primary address of the interface. The
definition of Primary IP Address in section 1.6 says that selecting
the first address is a valid selection algorithm. Do that instead of
calling fib_sas4_get().
Change-Id: Id92f0e3237c7fd491dd8d695bb27307d494f8573
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Steven Luong [Mon, 26 Jul 2021 20:38:05 +0000 (13:38 -0700)]
interface: add custom interface name support
add CLI "set interface name <current-int-name> <new-int-name>
and the corresponding binary API to allow custom interface name
setting for any interface.
Type: feature
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I2b39da59879fd4526bcb5aa5854b6bd21e72ea73
Zachary Leaf [Tue, 17 Aug 2021 09:12:01 +0000 (04:12 -0500)]
perfmon: sort 'show perfmon bundle' output
This patch sorts 'show perfmon bundle' output in alphabetical order.
Type: improvement
Signed-off-by: Zachary Leaf <zachary.leaf@arm.com>
Change-Id: I26b379b5d6766b9f87f9a3a5013ea92b207fb5d4
Mohammed Hawari [Wed, 8 Sep 2021 09:30:21 +0000 (11:30 +0200)]
interface: fix coverity issue
Change-Id: I5bb1ab3a57097bf03e7de5541cc8496655bc728f
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
Fixes:
5b22339973feaa3eba48ead1e9fb428b1816c0cc
Ray Kinsella [Wed, 9 Jun 2021 10:35:26 +0000 (11:35 +0100)]
perfmon: add membw-bound bundle
Added memory bandwidth boundedness bundle, closely related to cache-hierarchy.
This bundle works on ICX only, due to an ICX specific counter.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: Id385bd5f4e645ac020774e311c623afb64b79b1e
Ray Kinsella [Tue, 7 Sep 2021 15:26:58 +0000 (16:26 +0100)]
perfmon: adding support for papi TMAM
Adding support for Linux papi TMAM on Intel Snowridge. Adds the ability to
indicate that a bundle should be thread or node bundle type based on available
cpu features (rdpmc support).
Type: feature
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: Ib871b2644fdb2410fbb580e0d21c3a8e2be13aba
Klement Sekera [Tue, 29 Jun 2021 10:58:34 +0000 (12:58 +0200)]
nat: remove unusued parameters and use correct parameter types
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4f7b3d5354a7658d7271c28444f2f4641f05b28b
Klement Sekera [Thu, 1 Jul 2021 12:55:46 +0000 (14:55 +0200)]
tests: fix DEBUG=attach multiple worker config
Type: fix
Change-Id: Ie7920c0c699904de0f68ddb749725887b569f295
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Mohammed Hawari [Wed, 8 Sep 2021 08:39:14 +0000 (10:39 +0200)]
dpdk: fix coverity
Coverity does not seem happy about exotic control
flows in switch/case statements
Change-Id: Ie006190058f811aacf85125ebc58330d9c53510f
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
Fixes:
0b42ac565b970c186a9ad734f980b440f56fb25b
Mohammed Hawari [Mon, 6 Sep 2021 09:48:17 +0000 (11:48 +0200)]
devices: restore regular af-packet tx path
This change restores the af_packet tx path prior
in use prior to Change
Idf0bdd88990254a614962c2f7bc3e0292ccfd61a but
fixes the stalling issue by ensuring that the next
tx frame pointer is only incremented when a new tx
frame is used. This change also enables the
af_packet PACKET_QDISC_BYPASS option, for better
performance.
Change-Id: I65dde648ed66d21654847a900ceda5a8980ae6ec
Type: improvement
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Mohammed Hawari [Wed, 12 May 2021 10:31:01 +0000 (12:31 +0200)]
dpdk: lro support
Change-Id: Ifa09dcdfd567ac3c2afab4bd3bd468260f766e1d
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: improvement
Maxime Peim [Thu, 6 May 2021 10:17:25 +0000 (12:17 +0200)]
interface: full poll vector on adaptive mode
When an input supports adaptive mode and enters
in polling, some rx queues may be missing from
the node's rx_poll_vector. To solve the issue,
a full poll vector is being computed in
vnet_hw_if_update_runtime_data, and returned
by vnet_hw_if_get_rxq_poll_vector when the
node is polling in adaptive mode.
Type: fix
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Change-Id: I249bcb20ae0dd28afb0a5ca32993092bafd2f6b1
Ahmed Abdelsalam [Fri, 3 Sep 2021 16:48:04 +0000 (16:48 +0000)]
sr: fixing typo in srv6 End.AS Proxy documentation
Type: docs
Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com>
Change-Id: I0cbc1b21f156425e067e9ce90769a62983ca5d01
Filip Varga [Mon, 9 Aug 2021 12:45:12 +0000 (14:45 +0200)]
nat: NAT44 ED improvements and fixes
Fixed FIB entry per interface, pool and
static mapping registrations in NAT control plane.
Improved FIB configuration handling in NAT -
added functions to generalize handling of FIB & NAT,
cleaned up interface callback functions. Changed "is_"
macros to inline functions for easier debugging.
Type: improvement
Change-Id: I68a17761a975dd819139ae94e52a8a85d3f27ffc
Signed-off-by: Filip Varga <fivarga@cisco.com>
liuyacan [Fri, 20 Aug 2021 02:25:43 +0000 (10:25 +0800)]
udp: fill rmt info if session is connection less
The app may send packet to different remote via sendto() with
same socket (without calling connect()). In such scenario, remote
address need to be filled in.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I49deb308668c05442f237e97acc9bfa239782482
Florin Coras [Tue, 31 Aug 2021 20:29:41 +0000 (13:29 -0700)]
vcl: ignore rx events for sessions in epoll lt list
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I75f935cda00c335d0aefe02bff6fa8505dd931a8
Dave Barach [Wed, 1 Sep 2021 13:02:13 +0000 (09:02 -0400)]
classify: improve "show classify table" output
Print header for each table.
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I54ca04d6000a98afb4ad3d2f24caae3349548f23
Florin Coras [Thu, 12 Aug 2021 15:38:02 +0000 (08:38 -0700)]
vcl: switch part of the tests to sock api
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I427af3be604783d36080c284ed32fb1df525bf54
fangtong [Sat, 24 Jul 2021 06:55:02 +0000 (14:55 +0800)]
vlib: fixed the issue of vpp crash caused by interface up/down
When the interface status changes, the api of vnet_hw_interface_set_flags_helper calls the event processing function (vlib_process_signal_event_helper) for event processing. When the opinter data_vec is NULL, the _ven_len operation of an illegal address will cause vpp crash.
Type:fix
Signed-off-by: fangtong <fangtong2007@163.com>
Change-Id: I7106b2aed7a1fc17f74bf6cb513912af97584f45
Steven Luong [Tue, 1 Jun 2021 21:09:28 +0000 (14:09 -0700)]
vmxnet3: set RX interrupt pending only when needed
When an RX thread handles more than one RX queue and has a mix of
queues in interrupt mode and polling mode, the RX input routine is
naturally in polling mode. In that case, there is no need to set RX
interrupt pending when descriptor is available in the queue for
interrupt mode.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Iedbe57941eca3152c0e8ab9096cc81f315e0a915
Ole Troan [Tue, 31 Aug 2021 12:21:03 +0000 (14:21 +0200)]
vat2: coverity errors in print_template
Dereferencing null pointer fix.
Add checking of return values for all calls in print_template()
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I00073b29ab2e76d5d06af9bd3f5ae2846de4d46d
Ole Troan [Tue, 31 Aug 2021 08:47:45 +0000 (10:47 +0200)]
stats: check epoch in python vpp_stats ls
The VPP Stats Python binding was missing checking epoch.
Resulting it would not pick up changes in the directory.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I3226d71c77be2e80e24b5cd48fc9820833f7d30e
Signed-off-by: Ole Troan <ot@cisco.com>
Sivaprasad Tummala [Tue, 31 Aug 2021 06:53:23 +0000 (12:23 +0530)]
misc: fix build error in handoffdemo
fix to pass right arguments to vlib_buffer_enqueue_to_thread
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: I2521ac8d33135843263e8f99318988ec78effbaa
Piotr Bronowski [Fri, 2 Jul 2021 09:20:03 +0000 (09:20 +0000)]
flow: add esp spi rss type
Type: feature
This patch adds IPsec ESP SPI as RSS key for better IPsec
inbound processing scaling. With this feature enabled,
The NIC will use the packets' SPI index as the RSS key
to distribute them to different queues.
The dpdk-input is also updated to support this feature.
Sample CLI command to enable Ipsec ESP SPI as RSS key:
test flow add src-ip any dst-ip any rss types esp
test flow enable eth0 index 0
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I8b7d01cfc065e9099fad33042ce76898e16ddbf0
Fan Zhang [Thu, 12 Aug 2021 16:23:01 +0000 (17:23 +0100)]
dpdk: bump to 21.08
Type: feature
This patch bumps dpdk version from 21.05 to 21.08
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: I8f655dae1489c11e7fb2ff86f8a91b597383bd99
Ray Kinsella [Wed, 26 May 2021 14:41:59 +0000 (15:41 +0100)]
stats: enable/disable segments polls
Add an enable/disable field to stats segments poll. The is used by the
perfmon plugin to only poll for stats on an active bundle.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I6404a7db50d8e922afea5da8ec15fdabe3d97157
Ray Kinsella [Thu, 27 May 2021 14:59:39 +0000 (15:59 +0100)]
stats: stat_validate_counter_vector3 non-static
Make stat_validate_counter_vector3 usable outside of stats segement. Is
used by the perfmon plugin to allocate a 2-dimension array of values.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: If4be2e14ba718c20bf939d162e580880eab1a6cb
Tianyu Li [Thu, 26 Aug 2021 02:03:43 +0000 (10:03 +0800)]
session: fix prefetch out of struct bound on Arm
CLIB_PREFETCH (s->tx_fifo, 2 * CLIB_CACHE_LINE_BYTES, LOAD);
sizeof(svm_fifo_t) is 128 bytes
Note on 64B cacheline size Arm machine,
CLIB_CACHE_LINE_BYTES 128
CLIB_CACHE_PREFETCH_BYTES 6
above CLIB_PREFETCH () macro will be expand to
__builtin_prefetch(s->tx_fifo)
__builtin_prefetch(s->tx_fifo + 64)
__builtin_prefetch(s->tx_fifo + 128) << prefetch out of range
__builtin_prefetch(s->tx_fifo + 192) << the same here
Solution:
Change to CLIB_PREFETCH (s->tx_fifo, sizeof (*(s->tx_fifo)), LOAD);
Type: fix
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Change-Id: I745cbce3dbe5afcab53c39189d18392f569df5aa
liuyacan [Mon, 30 Aug 2021 05:24:53 +0000 (13:24 +0800)]
vcl: fix vlsh conversion error
vlsh may not belong to the current vcl worker.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I75f962313e538fcd2b1cc6dffca53997648ca43e
Florin Coras [Fri, 13 Aug 2021 01:12:09 +0000 (18:12 -0700)]
session: close app wrk socket on delete
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I54fa6e8f12bb52988888e7019a88d6891017944c
Ofer Heifetz [Sun, 25 Jul 2021 16:37:46 +0000 (19:37 +0300)]
tls: use default OpenSSL built-in DH parameters
Type: improvement
Motivation for this addition is to add support for cipher suites
that use Diffie-Hellman Ephemeral (DHE) for key exchange.
Using ephemeral DH key exchange yields forward secrecy as the
connection can only be decrypted when the DH key is known.
Configure OpenSSL to use the default built-in DH parameters for the
SSL_CTX object.
Change-Id: I31aadad047a6394ddf8bfa08471c239e0d1cd63c
Signed-off-by: Ofer Heifetz <oferh@marvell.com>
liuyacan [Mon, 16 Aug 2021 02:51:13 +0000 (10:51 +0800)]
tcp: Allow accepting session to send custom packet
Tcp may want to send acks in established, but the app
has not called accept() yet.
Type: improvement
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I43b8cd386e533ca95c8ec260a0a1f695ea140358
Mohsin Kazmi [Fri, 27 Aug 2021 16:57:16 +0000 (18:57 +0200)]
vppinfra: add compress functions for u64, u16 and u8
Type: improvement
Change-Id: I2640148b8959f9a8303520ba2815fe02f1e47928
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Steven Luong [Sat, 21 Aug 2021 02:14:16 +0000 (19:14 -0700)]
vlib: vpp banner is outputted to non-interactive vppctl session
Running a batch file which contains many vppctl commands, occasionally,
VPP may spit out the banner for some of the commands. This happens
when VPP erroneously views the vppctl session as interactive.
A simple way to recreate the problem is to run a batch script as followed
while [ 1 ]
do
vppctl create loopback interface
vppctl delete loopback interface intfc loop0
done
We have two processes which may display the banner,
unix_cli_new_session_process and unix_cli_process. Normally,
unix_cli_process parses the input tokens and displays the banner after
it negotiates the terminal type with the vppctl app.
unix_cli_new_session_process only displays the banner just in case the
client fails to negotiate terminal type. It runs on a timer and expires
in 1 second to display the banner if by then the terminal type is still
not yet negotiated.
The problem is when the session is killed or exitted, VPP does not remove
the element that was enqueued for cli_new_session_process. The index
for the connection (cf) is recycled. The timer for the queue element
continues to run. When the timer expires for the queue element, it
finds the wrong new session due to index recycling. If the new
session has not had negotiated the terminal type, the banner is printed
erroneously to the new session from cli_new_session_process.
The fix is to clean up the queue element to stop cli_new_session_process
from processing the wrong connection when the session is killed.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ife2f1b1c95661e442f0fc6b73505e330e6641fc1
Sivaprasad Tummala [Sun, 22 Aug 2021 09:39:35 +0000 (15:09 +0530)]
snort: fix incorrect data length for snort inspection
set the right data length to decode the packet properly.
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: I6a35fa54851496d0a958f1a64a547b7f08bb4c19
Benoît Ganne [Tue, 9 Mar 2021 14:37:49 +0000 (15:37 +0100)]
bufmon: add buffer monitoring plugin
This plugin allow to keep track of buffer usage in VPP graph nodes. The
main use is to detect buffer leakages.
Type: feature
Change-Id: Iadcf4ab98207fab6e2fa375060879bc2a25b711e
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Sivaprasad Tummala [Tue, 10 Aug 2021 20:24:15 +0000 (01:54 +0530)]
snort: fix snort hang issue when interrupted
fix vpp daq to break out-of-loop when interrupted.
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: I04594a0b872d16f803d7d7c3b7d9bb60e94bc707
Steven Luong [Mon, 23 Aug 2021 21:31:16 +0000 (14:31 -0700)]
vhost: migrate to new TX infra
Take advantage of the new TX infra and support manual thread placement
Type: improvement
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Id8023846a2eb59125fcf2f80f4f11eb681cf14dc
Benoît Ganne [Mon, 14 Dec 2020 18:31:16 +0000 (19:31 +0100)]
ikev2: check for valid cipher + integrity
Type: improvement
Change-Id: Ic09b2c777a7c82e8d7074164280f817f9141529b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 25 Aug 2021 17:01:59 +0000 (19:01 +0200)]
ikev2: fix DNS resolution overflow
VPP DNS resolver expects NULL-terminated C string, whereas the ikev2
plugin only uses non-NULL terminated vectors.
Type: fix
Change-Id: I4a2afffb9e1b6b5dd11842621d5f13bc5a145862
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 25 Aug 2021 14:53:22 +0000 (16:53 +0200)]
af_xdp: fix stale rx/tx pointers in xsk objects
xsk objects keep pointers to the rx and tx objects. If we re-allocate
the rx and tx vectors after initializing the associated xsk object, the
pointers in the xsk object will be staled.
To avoid this, we allocate the vectors to the max expected size instead
of growing them.
Type: fix
Change-Id: If30433a28c186787d66c12dbab34bf210c95b519
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Ahmed Abdelsalam [Tue, 24 Aug 2021 15:59:39 +0000 (15:59 +0000)]
sr: extend the srv6 sid list structure
Extend the srv6 sid list structure with policy type to support
different SR policy types
Type: feature
Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com>
Change-Id: I6a8cf82b1269e1c46f3757df0047b306f613112b
Tianyu Li [Thu, 26 Aug 2021 01:43:42 +0000 (09:43 +0800)]
acl: fix prefetch out of struct bound on Arm
fa_session_t *sess;
CLIB_PREFETCH (sess, 2 * CLIB_CACHE_LINE_BYTES, STORE);
sizeof(fa_session_t) is 128 bytes
i) on 64B cacheline size Arm machine,
above CLIB_PREFETCH () macro will be expand to
__builtin_prefetch(sess)
__builtin_prefetch(sess + 64)
__builtin_prefetch(sess + 128) << prefetch is out of range of *sess.
__builtin_prefetch(sess + 192) <<
ii) on 128B cacheline size Arm machine, CLIB_PREFETCH () expands to
__builtin_prefetch(sess)
__builtin_prefetch(sess + 128) << still out of bound
Solution:
Change to CLIB_PREFETCH (sess, sizeof(*sess), STORE);
Type: fix
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Change-Id: I4b3d4fc55747f3d9ad1bcf24f8834601a03ef55e
jxm [Mon, 21 Jun 2021 04:53:59 +0000 (04:53 +0000)]
fib: fix source address get error for p2p if
Type: fix
Signed-off-by: jxm <jiangxiaoming@outlook.com>
Change-Id: I5a6a1ce9f232d4ed0fd4707cd5aa9b46cc8a2a5a
arikachen [Mon, 23 Aug 2021 05:45:21 +0000 (13:45 +0800)]
af_xdp: fix xsk_socket__delete left un-cleanup
Type: fix
while xsk fd closed by clib_file_del_by_index fisrt,
xsk_get_mmap_offsets will get wrong off in xsk_socket__delete,
so munmap wrong place.
Signed-off-by: arikachen <eaglesora@gmail.com>
Change-Id: I95464e9b4eec99814bd32d7402c0d60a0605cef5
Stanislav Zaikin [Fri, 20 Aug 2021 14:25:31 +0000 (16:25 +0200)]
ip: check if interface has link-local address
Type: fix
Change-Id: I9d3344374738f8cf883cffb4715c76b50bb4bfce
Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
Matthew Smith [Thu, 19 Aug 2021 20:47:06 +0000 (15:47 -0500)]
build: include vat2 in RPM file list
Type: fix
Building an RPM with 'make pkg-rpm' fails because /usr/bin/vat2 is
installed but is not included in %files. Add it.
Change-Id: I686b291e4419d39141f0f87da963b413d11ab0f8
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Benoît Ganne [Tue, 22 Jun 2021 13:39:16 +0000 (15:39 +0200)]
ikev2: fix use-after-free
Type: fix
Change-Id: Ia3bacefdad674807de873b5c457b8470f66193f3
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 7 Jul 2021 12:58:06 +0000 (14:58 +0200)]
rdma: decrease inlining
Remove aggressive inlining outside of the main loop to improve build
time (from 146s to 22s).
Type: refactor
Change-Id: I3824516a85b5e8d02894e66f19d891569c1a68fb
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Tue, 20 Jul 2021 14:51:39 +0000 (16:51 +0200)]
vppinfra: fix clib_random_buffer_get_data caching
When using cached bytes:
- do not overflow
- do not return the same bytes twice
Type: fix
Change-Id: I2a87b47a79300e56a2201b8fc3cb6cb15b592e28
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Thu, 27 May 2021 15:43:34 +0000 (17:43 +0200)]
buffers: fix buffer linearization
vlib_buffer_chain_linearize() truncates partial data in chained buffers
in corner cases when current_data is negative.
Strengthen test cases to reproduce the errors and fix it.
Type: fix
Change-Id: Ida621923711c5755508224bdc3842b31003c6c0b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Thu, 5 Aug 2021 09:47:52 +0000 (11:47 +0200)]
perfmon: fix perf event user page read
When mmap()-ing perf event in userspace, we must adhere to the kernel
update protocol to read consistent values.
Also, 'offset' is an offset to add to the counter value, not to apply
to the PMC index.
Type: fix
Change-Id: I59106bb3a48185ff3fcb0d2f09097269a67bb6d6
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Tue, 20 Jul 2021 14:49:13 +0000 (16:49 +0200)]
vlib: add format_vnet_buffer_no_chain
- add format_vnet_buffer and format_vnet_buffer_no_chain to mirror
format_vlib_buffer and format_vlib_buffer_no_chain
- format_vnet_buffer used to be the "no chain" version, replace all of
its current use with the corresponding format_vnet_buffer_no_chain
- add a function to dump vnet buffer details from gdb
Type: improvement
Change-Id: I143ce845f80e7ef937ea33a557b6e3b5988c5b8f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 7 Jul 2021 12:45:10 +0000 (14:45 +0200)]
ikev2: decrease inlining
IKEv2 is not optimized for dataplane processing and do not really
benefit from aggressive inlining. Let the compiler decide to improve
build time (from 205s to 30s).
Type: refactor
Change-Id: I5286880b35d338d669ec9382bf049d4486c04947
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Thu, 19 Aug 2021 13:17:03 +0000 (15:17 +0200)]
build: fix external plugin build
Type: fix
Fixes:
88b2e3682be6303973fc59c3c62141d64a9e10d7
Change-Id: I4b29924246e2cdc307cf238c5cb8624f14317452
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Matthew Smith [Tue, 10 Aug 2021 17:22:14 +0000 (12:22 -0500)]
nat: handle ED in2out ICMP errors with workers
Type: fix
With endpoint dependent NAT44, When there are multiple workers we look
for a flow which matches the packet in order to figure out which worker
should handle the packet. If the packet is an ICMP error, it may be
associated with an existing flow by inspecting the L3/L4 headers that
are included in the message payload.
This was not being done for in2out packets in
nat44_ed_get_in2out_worker_index(), so some packets which were related
to an open session were not being associated with that session and were
being passed to a different thread than the one where the session was
created. Later on, when the packet was processed by the fast path in2out
node, the L3/L4 headers in the payload are inspected and the fast path
node finds the existing session. Since that session is owned by a
different thread than the one the packet is being processed by, the
in2out fast path node can potentially access the wrong session and/or
memory adjacent to the session pool. This can cause a SEGV.
Make nat44_ed_get_in2out_worker_index() look at the inner headers when
processing an ICMP error. THis is already done in
nat44_ed_get_out2in_worker_index() and in the fast path in2out node.
Change-Id: Icdc1abebcbce452ee7be7cb23fc563e09bf575f2
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Andrew Yourtchenko [Fri, 13 Aug 2021 13:59:50 +0000 (13:59 +0000)]
acl: add API call for setting the toggle to select between linear and bihash-based lookups
In some cases (ACL of a few lines long with a lot of different subnet masks), linear lookup
may be more efficient than the hash-based lookup. Expose the API to allow the control plane
to choose what lookup algorithm to use.
Type: improvement
Change-Id: I540dd1b4ce63c5106a556d550f911f3a578b33e0
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Steven Luong [Wed, 21 Apr 2021 16:54:34 +0000 (09:54 -0700)]
vhost: interrupt mode support with mq
vhost interrupt mode support with mq does not work when coalesce frame
is not configured to 0.
When packed-ring is configured, we were also setting the wrong flag
for want-interrupt.
No need to trigger an interrupt to RX infra if there is at least one
queue in the same thread that is doing polling.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I8e64250f2aa6bf611a777a53e4d2c1076d83305f
Ole Troan [Tue, 17 Aug 2021 10:57:00 +0000 (12:57 +0200)]
vat2: add shared memory argument
Add prefix argument to specifiy shared memory segment.
Add long arguments.
Add argument to dump apis.
Add help.
Add template argument
E.g:
vat2 --template sw_interface_add_del_address
{
"_msgname": "sw_interface_add_del_address",
"sw_if_index": 0,
"is_add": false,
"del_all": false,
"prefix": "0.0.0.0"
}
Usage: vat2 [OPTION] <message-name> <JSON object>
Send API message to VPP and print reply
-d, --debug Print additional information
-p, --prefix Specify shared memory prefix to connect to a given VPP instance
-f, --file File containing a JSON object with the arguments for the message to send
--dump-apis List all APIs available from connected VPP instance
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I2d32483a727bc16990c9a30dfa9bc1fa7b1fa85a
Signed-off-by: Ole Troan <ot@cisco.com>
Alexander Chernavin [Tue, 6 Jul 2021 10:08:26 +0000 (06:08 -0400)]
nat: fix counters increment for output feature
Type: fix
The NAT plugin stores packet counters and a counter represents a vector
indexed by interface index. When an interface is assigned a NAT role,
the counters are validated to be long enough for the given interface
index.
When a packet traverses NAT in2out and output feature is disabled, the
appropriate counters are updated by the RX interface index. In this
case, translation happens on the inside interface and its index was
ensured to be valid in all of the counters during NAT role assignment.
When a packet traverses NAT in2out and output feature is enabled, the
appropriate counters are updated by the RX interface index too. In this
case, translation happens on the outside interface and the packet could
be received on any interface, even with no NAT role assigned. If that's
the case and its index is greater than the greatest index validated in
the counters, a new counter value will be written to memory that does
not belong to the counter. As a result, a crash will occur at some
point.
With this change, use TX interface index to update the counters when
output feature is enabled. TX interface is an actual interface where
translation happens and its index is always valid in the counters.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I53a52af949fe96419e1b5fef4134ab4062198f51
Dave Wallace [Tue, 17 Aug 2021 19:11:43 +0000 (15:11 -0400)]
docs: fix missing dependency on pip-tools for docs-venv
Type: fix
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: Iadb72fd0cb434a7ca2f6cbda7d78209f0746f0c6
Klement Sekera [Mon, 2 Aug 2021 14:14:15 +0000 (16:14 +0200)]
ip: reassembly cleanup
Remove unused parameters and fix warnings.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2d0e7b84b56817999283ecb6be606159dcb26a28
Mohammed Hawari [Mon, 16 Aug 2021 12:37:21 +0000 (14:37 +0200)]
build: install ethernet/ethernet_types_api.h
ip/ip_types_api.h is already installed by the build system
Change-Id: Iec43e0ad50e32473d93ea8f7281b5a6477ddc87f
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: improvement
Andrew Yourtchenko [Mon, 16 Aug 2021 10:49:19 +0000 (12:49 +0200)]
build: remove dh-systemd from dependencies
b8e7a45d56be9f3e11b07b82fd899160e2af1bf1 has removed dh-systemd from the DEB_DEPENDS,
however this causes the make pkg-deb to fail on a clean lxd or docker install of debian10 as follows:
dpkg-buildpackage: info: source package vpp
dpkg-buildpackage: info: source version 21.10-rc0~
252-g76b19ceaf
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by fd.io VPP <vpp-dev@fd.io>
dpkg-buildpackage: info: host architecture amd64
dpkg-source --before-build .
dpkg-checkbuilddeps: error: Unmet build dependencies: dh-systemd
dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
dpkg-buildpackage: warning: (Use -d flag to override.)
FAILED: CMakeFiles/pkg/CMakeFiles/pkg-deb
cd /root/t/t/vpp/build-root/build-vpp-native/vpp/CMakeFiles && dpkg-buildpackage -us -uc -b
ninja: build stopped: subcommand failed.
make[1]: *** [/root/t/t/vpp/build-data/packages/vpp.mk:46: vpp-package-deb] Error 1
Thanks to Nick Brown for the help!
Type: fix
Fixes:
b8e7a45d56be9f3e11b07b82fd899160e2af1bf1
Change-Id: I08b3a1efcdf6e6096b4ab28263764c1d66be43ef
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Matthew Smith [Fri, 2 Jul 2021 20:30:37 +0000 (15:30 -0500)]
dpdk: patch i40e PMD to disable source pruning
Type: improvement
X710/XL710 devices have source pruning enabled by default and DPDK
provides no option to disable it. This prevents VRRP from working
properly.
Disable source pruning while setting up the main VSI.
Change-Id: Iaf89f7dae8992e3bd0b9fae83878daa27a5bb931
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Pim van Pelt [Tue, 10 Aug 2021 21:44:44 +0000 (23:44 +0200)]
ip: Fix crash in ip address add on sub-int without exact-match
Type: fix
Creating a sub-int without exact-match set, and subsequently adding an
IPv4 or IPv6 address will crash VPP. This fix catches this situation and
refuses to allow the caller to add an IPv4 or IPv6 address on an
ethernet sub-int that does not have exact-match set.
TESTED:
Before this change, the following crashes VPP:
```
DBGvpp# cre sub TenGigabitEthernet3/0/0 1 dot1q 10
TenGigabitEthernet3/0/0.1
DBGvpp# set interface ip address TenGigabitEthernet3/0/0.1 2001:db8::1/64
<crash>
```
After the change, VPP refuses to act:
```
DBGvpp# cre sub TenGigabitEthernet3/0/0 1 dot1q 10
TenGigabitEthernet3/0/0.1
DBGvpp# set interface ip address TenGigabitEthernet3/0/0.1 192.0.2.1/30
set interface ip address: sub-interface without exact-match doesn't support IP addressing
DBGvpp# set interface ip address TenGigabitEthernet3/0/0.1 2001:db8:1/64
set interface ip address: sub-interface without exact-match doesn't support IP addressing
```
Signed-off-by: Pim van Pelt <pim@ipng.nl>
Change-Id: I42997db314225cd186ebb54013b5717ace7f7bd6
Nathan Skrzypczak [Tue, 10 Aug 2021 13:05:29 +0000 (15:05 +0200)]
ip: punt redirect add nh in api
Type: feature
Change-Id: Ia970f444ba2f38b7a42ea94942c906f1b541511b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Ole Troan [Wed, 11 Aug 2021 11:54:14 +0000 (13:54 +0200)]
ip: source address selection
Implement a simple source address selection algorithm
for IPv4 and IPv6.
IPv6 does not yet implement RFC6724 but supports link-locals.
ping now chooses correct source address for link-local destination.
Added ping support for link-local multicast (e.g. allnodes).
Type: feature
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I1a3382c1f7d4ace0386c2c19e4e47b045b73a3ed
Signed-off-by: Ole Troan <ot@cisco.com>
Dave Wallace [Thu, 12 Aug 2021 22:36:02 +0000 (18:36 -0400)]
tests docs: upgrade python packages
- Upgrade python package requirements for test & docs
- Clean up docs generation warnings
- Consolidate python requirements for docs in test
requirements specs.
- Upgrade pip
Type: make
Change-Id: I74a3924b43ed93d15b32ec9f6fc41ed1ba95b69b
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Gabriel Oginski [Thu, 12 Aug 2021 13:04:03 +0000 (14:04 +0100)]
wireguard: add flag to check hmac for decryption
Type: fix
Originally the decryption doesn't check the hmac for chacha20-poly1305.
This patch fixes the problem by adding flag to crypto op to check hmac.
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I63e06fc011b288b1c9dc1b96a92923f224ef656b
Andrew Yourtchenko [Wed, 26 May 2021 14:52:41 +0000 (14:52 +0000)]
misc: 21.06 Release Notes
Change-Id: Iedd1263a971e50aceb2d579982484dd8873814dc
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
(cherry picked from commit
fc83f8cc67e65c734df3c47518f724c1617e1a5c)
Filip Varga [Mon, 26 Jul 2021 18:59:21 +0000 (20:59 +0200)]
nat: NAT44ED configuration refactor
Refactoring and cleaning up address allocation functions &
ip table update callbacks.
Type: refactor
Change-Id: I9a11700a5f335b64d0d84e04d8e16d040624e01b
Signed-off-by: Filip Varga <fivarga@cisco.com>
Alexander Skorichenko [Fri, 2 Jul 2021 17:10:52 +0000 (13:10 -0400)]
nat: correct pool ops when disable nat44 plugin
Type: fix
Replace vec ops with pool ops when iterating over pool of
interfaces in plugin_disable() functions.
With this change plugin disabling function and interface role
disabling functions iterate over identical sets of registered
interfaces, preventing 'interface couldn't be found' errors.
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Change-Id: I4e191bcc5322ff1f9f7730c6fda5e6af86a8eec9
Florin Coras [Wed, 11 Aug 2021 21:55:49 +0000 (14:55 -0700)]
session vcl: cert key add/del with socket api
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I70791285cbf427479d2dcbf70ffdce2253add2fb
Ofer Heifetz [Mon, 26 Jul 2021 11:17:33 +0000 (14:17 +0300)]
tls: add start_listen openssl API return value check
Type: improvement
Check SSL_CTX_use_* API return value and exit on error.
Check BIO_new return code.
Release allocated BIO on error cases.
Change-Id: I9c48e91727e0eeba5d7d74d06fc37634e3c20978
Signed-off-by: Ofer Heifetz <oferh@marvell.com>
Nick Brown [Tue, 10 Aug 2021 08:20:32 +0000 (09:20 +0100)]
build: consistent debhelper 10 support
Type: fix
debian/compat contents were set to 10, but debhelper build dependency,
which is the same thing, was set to only 9. Both are not needed,
debian/compat being deprecated, so use only the latter.
At compat level 10, dh-systemd is integrated directly into debhelper, so
build dependency not needed (And in Debian Bullseye dh-systemd
transitional package is completely removed).
See: https://manpages.debian.org/testing/debhelper/debhelper.7.en.html#COMPATIBILITY_LEVELS
Signed-off-by: Nick Brown <nickbroon@gmail.com>
Change-Id: I5809b739334076d7fa8389b076a97f1648726e6e
Florin Coras [Tue, 10 Aug 2021 23:56:34 +0000 (16:56 -0700)]
svm: make more fifo segment header fields private
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idab0f455b52a38efd2cf3781497d8cc7f57bfa42
Neale Ranns [Tue, 10 Aug 2021 14:37:11 +0000 (14:37 +0000)]
fib: Compiile time option to use 8-8-8-8 stride tries for FIB rather
than 16-8-8-8
Type: feature
the memory trade-off is:
for 8-8-8-8 tries
DBGvpp# sh ip fib mtrie mem
ipv4-VRF:0 mtrie:8068 hash:3499
totals: mtrie:8068 hash:3499 all:11567
for 16-8-8
DBGvpp# sh ip fib mtrie mem
ipv4-VRF:0 mtrie:333056 hash:3499
totals: mtrie:333056 hash:3499 all:336555
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I5271a4322d786de6e47613cff9bd432762dbed2a
Neale Ranns [Tue, 10 Aug 2021 07:39:18 +0000 (07:39 +0000)]
fib: A 16-8-8 and a 8-8-8-8 versions of an ip4_fib_t
Type: feature
The difference being the MTRIE type they contain.
THE FIB continues to use the 16-8-8 version.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I5a54d4e6e6cc639f18a3fb65ef2925507a7ef1de
Neale Ranns [Fri, 6 Aug 2021 13:12:00 +0000 (13:12 +0000)]
ip: [re]introduce the 8-8-8-8 stride MTRIE
Type: improvement
there's a time-space trade-off between the 16-8-8 and 8-8-8-8 stride.
FIB continues to use the 16-8-8. Other features are now free to make the
choice.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6691a163486ce62e75e629f6ef0c990f253df8e5
Neale Ranns [Fri, 6 Aug 2021 12:24:14 +0000 (12:24 +0000)]
ip: Rename the ip4 mtrie function to be 16_8_8 specific
Type: improvement
the existing mtrie functions use the existing 16_8_8 mtrie. Rename them
to make that explicit. Then we can add the 8_8_8_8 types and functions
alongside.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: If5ce7a282d5d3742dc65bcd0523220235d9c510d
Nathan Skrzypczak [Fri, 6 Aug 2021 10:03:11 +0000 (12:03 +0200)]
vppinfra: Fix bihash del warning
Type: fix
When freeing an uninstantiated bihash
created with dont_add_to_all_bihash_list = 1
we get a warning. This removes the
warning & the search for the bihash on
cleanup.
Change-Id: Iac50ce7e30b97925768f7ad3cb1d30af14686e21
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Florin Coras [Fri, 6 Aug 2021 00:34:40 +0000 (17:34 -0700)]
tls: picotls optimize rx path
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0dfa8d60739bc781c37e0d8fced8280b9af93367
Florin Coras [Thu, 5 Aug 2021 01:20:24 +0000 (18:20 -0700)]
tls: picotls optimize writes
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I76a1cd516849cfe5bc87ed2b3707c6f2257126d2
Benoît Ganne [Thu, 15 Jul 2021 17:21:31 +0000 (19:21 +0200)]
misc: do not capture tx packets twice
When a packet goes through interface-output, whether it should be
captured or not will be evaluated twice: in interface-output and in
interface-output-template (<interface_name>-out) node.
interface-output should only capture packets if there is an interface
filter, otherwise it should defer evaluation to
interface-output-template.
Type: fix
Change-Id: Ia720c5d184a236335e1d7d44d8c04caf87af5630
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Neale Ranns [Tue, 10 Aug 2021 12:35:57 +0000 (12:35 +0000)]
ip: Use the IP4 lookup functions
Type: refactor
as opposed to wrtiing out the mtrie steps one by one each time.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I1248861350f9189f9a67ac6e68940813af279e03
Neale Ranns [Tue, 10 Aug 2021 12:21:07 +0000 (12:21 +0000)]
ip: Remove the 'test lookup' CLI command
Type: fix
There's no such thing as a conflict between the FIB and adj tables. This
is code that should have been removed way back in 16.04.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I4524e7921b03b89106dd1f35aa1171d0945367cf
Ole Troan [Fri, 6 Aug 2021 07:58:09 +0000 (09:58 +0200)]
ip6-nd: only respond to RS if sending RA is enabled
Even when periodic RAs are disabled VPP would respond to
router solicitations. Making it impossible to have an IPv6
enabled interface with hosts connected to it without VPP
acting as a default router.
This change drops RS messages if the radv_info->send_radv is
off.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9a68f8e12c93c1c00125b54f8fd454f48fa22caa
Signed-off-by: Ole Troan <ot@cisco.com>
Florin Coras [Fri, 6 Aug 2021 19:54:20 +0000 (12:54 -0700)]
tls: avoid picotls buffer allocs on rx
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6cf0c141ab4a4f5a46feb6119fa142148366f0a6
Florin Coras [Fri, 6 Aug 2021 20:07:34 +0000 (13:07 -0700)]
tls: avoid ptls ctx free on transport close
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0537fa590b11abddf05550e42c7258549729f8a7
Benoît Ganne [Wed, 4 Aug 2021 16:48:41 +0000 (18:48 +0200)]
classify: fix parsing for l4 match
l4 match parsing should not try to consume the whole input, otherwise
it breaks cli such as:
'classify session ... match l4 dst_port 22 action set-ip4-fib-id 2'
Type: fix
Change-Id: I81a1b5779811f7df8286a371f85fafe09c947b87
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Thu, 5 Aug 2021 13:06:36 +0000 (15:06 +0200)]
ip: fix ip punt redirect cli
- restore fib paths support for ip4
- initialize payload_proto to the relevant default protocol so that
'via <dev>' paths are supported
- fix 'rx all'
- fix temp path vector mem leak
Type: fix
Change-Id: I564d88dc4dce86884ff6791af69974e6d70ff7ca
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Filip Varga [Mon, 26 Jul 2021 10:48:26 +0000 (12:48 +0200)]
nat: nat44-ed disable protection for api/cli
Return unsupported error if user calls one
of the configuration functions that can
run only after nat44-ed plugin is
enabled via appropriate api/cli
call.
Type: fix
Change-Id: I0d4ab0684ba5ae23fc2ecc668554a34537c2904a
Signed-off-by: Filip Varga <fivarga@cisco.com>
Mohsin Kazmi [Tue, 3 Aug 2021 17:56:05 +0000 (17:56 +0000)]
vppinfra: fix the array mask function
Type: fix
Fixes:
0ec7dad7a00852663eb88554561347987f87bb53
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I7fab80b3c7e86ac712a34c24ea3e526b0b5bb7ad
Code Review / vpp.git / log