Matus Fabian [Wed, 20 Sep 2017 06:26:13 +0000 (23:26 -0700)]
 
NAT: don't call ipfix rpc when disabled (VPP-988)
Change-Id: Id98b523f7b20f82291a34e73762978fa65e24140
Signed-off-by: Matus Fabian <[email protected]>
Matus Fabian [Tue, 19 Sep 2017 12:42:38 +0000 (05:42 -0700)]
 
NAT: move session and user lookup tables to per thread data (VPP-986)
Change-Id: I41a51bb36e31e05c76fef0b34fe006afbee27729
Signed-off-by: Matus Fabian <[email protected]>
Dave Barach [Tue, 19 Sep 2017 18:36:46 +0000 (14:36 -0400)]
 
format_sockaddr: add trivial support for AF_LOCAL sockets
There isn't anything useful to print. Return a unique name since the
unix cli uses the returned string to create a node name.  Node names
must be unique, or vpp will quit abruptly.
Change-Id: I8f85ae8fececdbfd26c729bc32c2c2007c06d1ea
Signed-off-by: Dave Barach <[email protected]>
Klement Sekera [Mon, 12 Jun 2017 04:49:33 +0000 (06:49 +0200)]
 
Add C++ API
Change-Id: Iff634f22d43470e2dc028387b3816257fd7b4156
Signed-off-by: Klement Sekera <[email protected]>
Florin Coras [Thu, 14 Sep 2017 07:08:00 +0000 (03:08 -0400)]
 
session/tcp: improve preallocated segment handling
- add preallocated segment flag
- don't remove pre-allocated segments except if application detaches
- when preallocating fifos in multiple segments, completely fill
  a segment before moving to the next
- detach server application from segment-managers when deleting app
- batch syn/syn-ack/fin (re)transmissions
- loosen up close-wait and time-wait times
Change-Id: I412f53ce601cc83b3acc26aeffd7fa2d52d73b03
Signed-off-by: Florin Coras <[email protected]>
Neale Ranns [Tue, 19 Sep 2017 01:04:10 +0000 (18:04 -0700)]
 
Treat label=0 as an invalid next-hop-via-label
Change-Id: I831226111d26f5c8a795e0773e23fddcddfb1613
Signed-off-by: Neale Ranns <[email protected]>
Filip Tehlar [Tue, 5 Sep 2017 13:46:09 +0000 (15:46 +0200)]
 
LISP: support for neighbor discovery
Change-Id: I0f1a051dd3b5786dc7c457bc6fc7ce4fcd0f530c
Signed-off-by: Filip Tehlar <[email protected]>
Matthew Smith [Thu, 14 Sep 2017 14:05:35 +0000 (09:05 -0500)]
 
Set RX sw_if_index on decrypted routed IPsec buffers
For routed IPsec, set the RX sw_if_index on inbound packets
to the index of the IPsec interface. When a packet is
decrypted into a new buffer, bring along the RX sw_if_index
of the encrypted packet to the new buffer.
Change-Id: I093e9d37def2082c8d2f1deb96b1c5b97126e023
Signed-off-by: Matthew Smith <[email protected]>
Neale Ranns [Tue, 19 Sep 2017 13:25:13 +0000 (06:25 -0700)]
 
Fix MPLS table create CLI
Change-Id: I1f3c0f879f636e587aa518c41e5ad99af65129a7
Signed-off-by: Neale Ranns <[email protected]>
Klement Sekera [Thu, 4 May 2017 04:15:18 +0000 (06:15 +0200)]
 
Add new C API
Change-Id: I717ce3cd7c867c155de149ec56623269d26d0ff7
Signed-off-by: Klement Sekera <[email protected]>
John Lo [Mon, 18 Sep 2017 04:20:05 +0000 (00:20 -0400)]
 
Implement VXLAN encap tx checksum offload
Checksum offload is implemented in VXLAN encap over both IPv4 and
IPv6. It is enabled, however, only for VXLAN over IPv6 because UDP
checksum is needed only for IPv6 and optional for IPv4.
Change-Id: Ib879f4f6da7346ba5e079d321c1dfd630f5058b8
Signed-off-by: John Lo <[email protected]>
Pavel Kotucek [Thu, 14 Sep 2017 07:50:52 +0000 (09:50 +0200)]
 
ACL plugin enable macip for ip4/ip6 traffic
Plus fixed problem with acl heap.
Change-Id: I3d91db549ebe4595f1dab9b8780f90722540024b
Signed-off-by: Pavel Kotucek <[email protected]>
Alberto Rodriguez-Natal [Sat, 9 Sep 2017 21:15:15 +0000 (14:15 -0700)]
 
Remove associated lisp-gpe entries when removing lisp local mapping.
Change-Id: Ifda4d22c9d1de210165932a0996f75cc8428ae7a
Signed-off-by: Alberto Rodriguez-Natal <[email protected]>
Chris Luke [Mon, 18 Sep 2017 12:51:22 +0000 (08:51 -0400)]
 
Fixes for issues Coverity has reported (VPP-972)
177117: fstat() returns -1 on error; the code is
        checking for any positive value instead
175142: final return could never be reached; simple
        refactoring
175235,175236: Warning suppressed with an explicit
        cast to (void)
174817: Final return couldn't be reached; is
        is_in_order is 0 then 'rv' is already returned
        above
172095,172093: If is_is_set does not get set to 1,
        then return 0 has already been invoked
174405: Re-kill this (nothing sets rv)
171136: Looks like a cmd line flag to set test_bytes
        was missing; added it, and refactored the
        argc/argv processing to avoid two other
        potential segv's
176813: Add range checking for term width/height.
        First stab at a reasonable range is 1-512
        for both.
175350: Fix implicit casting in shift operation
174272: Not a c+p error; try using a coverity
        annotation to ignore it
174273,175320: Annotated FORWARD_NULL
Change-Id: I58d0f860fc2209f59f8d1b6b344d631b8d429ace
Signed-off-by: Chris Luke <[email protected]>
Eyal Bari [Wed, 13 Sep 2017 09:29:08 +0000 (12:29 +0300)]
 
L2BD,ARP-TERM:fix arp query report mechanism+test
previous mechanism was emitting duplicates of last event, when handling multiple arp queries.
tests:
* arp events sent for graps
* duplicate suppression
* verify no events when disabled
Change-Id: I84adc23980d43b819261eccf02ec056b5cec61df
Signed-off-by: Eyal Bari <[email protected]>
Pavel Kotucek [Tue, 12 Sep 2017 08:32:35 +0000 (10:32 +0200)]
 
ACL-plugin: fix coverity issue
Fix coverity CIDs 176805, 176806, 176811, 176812
Change-Id: I73591c922307e7a98d38d5d92ebf37c8b2ff0145
Signed-off-by: Pavel Kotucek <[email protected]>
Dave Wallace [Fri, 15 Sep 2017 22:47:44 +0000 (18:47 -0400)]
 
Add multi-vm Vagrantfile for vcl-test.
- Existing Vagrantfile is symbolic link to the
  default Vagrantfile.
- In order to run the multi-host vcl test,
  change Vagrantfile -> Vagrantfile.vcl_test
- Fix socket_test.sh & vppcom bugs.
Change-Id: I965b7f799135c86e989c08bf6c5909677ef38dea
Signed-off-by: Dave Wallace <[email protected]>
Damjan Marion [Fri, 15 Sep 2017 16:22:01 +0000 (18:22 +0200)]
 
dpdk: display EAL init args on startup
Change-Id: I83ea1eae73cb41353cacd1c1b910339d10900502
Signed-off-by: Damjan Marion <[email protected]>
Florin Coras [Tue, 12 Sep 2017 00:54:15 +0000 (20:54 -0400)]
 
dpdk: cli to check for buffer leakage
Use buffer pre_data and existing buffer trace trajectory code to
find out dpdk buffer leakages.
Change-Id: I26a5d8bd2f23d01cb6070ffc3ddcc6d3d863b575
Signed-off-by: Florin Coras <[email protected]>
Matej Perina [Thu, 14 Sep 2017 14:14:14 +0000 (16:14 +0200)]
 
jvpp: add vpe_pid to ConnectionInfo
ConnectionInfo now contains pid of vpp process
pid is aquired through initial control ping during
connection creation
Change-Id: I68457770e07792d11c47bc7d8cbd0d2fd722d9b4
Signed-off-by: Matej Perina <[email protected]>
Damjan Marion [Thu, 14 Sep 2017 17:04:50 +0000 (19:04 +0200)]
 
vppinfra: add clib_mem_vm_ext_alloc function
Change-Id: Iff33694fc42cc3bcc73cf1372339053a6365039c
Signed-off-by: Damjan Marion <[email protected]>
Billy McFall [Fri, 8 Sep 2017 20:11:58 +0000 (20:11 +0000)]
 
VPP-958: RPM Update wipes out local changes to 80-vpp.conf
Changed the %config to %config(noreplace) for the two files in the
vpp.spec file that use it, 80-vpp.conf and startup.conf. Any local
changes to these files will now remain. If a newer version of the file
is published, the new version will be copied over as {filename}.rpmnew,
and the changes will not be applied without manual intervention.
Change-Id: I00b2c7abca20bc33f82479374dd184fc57a9abc5
Signed-off-by: Billy McFall <[email protected]>
Jerome Tollet [Thu, 14 Sep 2017 11:53:56 +0000 (12:53 +0100)]
 
Update of free text tag patch for BD
Change-Id: Ia886ff2bfa2cf33ffbaa35ec89494d4300ec2769
Signed-off-by: Jerome Tollet <[email protected]>
Jakub Grajciar [Thu, 14 Sep 2017 12:12:10 +0000 (14:12 +0200)]
 
libmemif: Jumbo frames support
Change-Id: I2b316358dcd2de7168a860541bcca35c3dd44649
Signed-off-by: Jakub Grajciar <[email protected]>
dongjuan [Fri, 15 Sep 2017 02:21:07 +0000 (10:21 +0800)]
 
Modify return value of snat_out2in_lb(VPP-985)
in order to trace session_index
Change-Id: I4433155fbe21635f8a997523e2c7900c6a7569af
Signed-off-by: dongjuan <[email protected]>
Damjan Marion [Mon, 11 Sep 2017 14:52:11 +0000 (16:52 +0200)]
 
clib_socket: add sendmsg / recvmsg with ancillary data support
Change-Id: Ie18580e05ec12291e7026f21ad874e088a712c8e
Signed-off-by: Damjan Marion <[email protected]>
Matus Fabian [Thu, 14 Sep 2017 06:00:53 +0000 (23:00 -0700)]
 
NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)
generated random ports overlap between threads
Change-Id: I7a13785e3f98b87e475426b0bd7f6bf2d9c1336c
Signed-off-by: Matus Fabian <[email protected]>
Keith Burns (alagalah) [Tue, 12 Sep 2017 22:12:17 +0000 (15:12 -0700)]
 
Stats refactor
- added per-interface simple/combined counters
- refactored fib/nbr API to use common registration scheme
- refactored "want_stats" and "want_interface" to use
  per interface registration scheme
- fixed issues with SEGV when client disconnects abruptly.
Change-Id: Ib701bd8e4105d03548259217bfc809bd738b7c72
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Jakub Grajciar [Wed, 30 Aug 2017 08:13:25 +0000 (10:13 +0200)]
 
Shared memory packet interface (memif) library
Change-Id: I5097462ae85acd705f19e92517c01094dba7565f
Signed-off-by: Jakub Grajciar <[email protected]>
Florin Coras [Wed, 13 Sep 2017 00:24:00 +0000 (20:24 -0400)]
 
gpe: initialize fib index for native forward entries
Change-Id: I972e6e645c3ae9cba4bb2b4e32c0272dfd67e87b
Signed-off-by: Florin Coras <[email protected]>
Neale Ranns [Tue, 12 Sep 2017 16:45:04 +0000 (09:45 -0700)]
 
Add a name to the creation of an IP and MPLS table
Change-Id: I4b4648831551519b2ffb6f93255d28a4b8726c22
Signed-off-by: Neale Ranns <[email protected]>
Dave Barach [Tue, 12 Sep 2017 21:06:56 +0000 (17:06 -0400)]
 
API message table inspection utilities
Add doxygen tags for show/clear commands
Change-Id: Ic939c561b15b0b720a8db1ecacc17e3d74419e1d
Signed-off-by: Dave Barach <[email protected]>
Steven [Wed, 13 Sep 2017 13:18:46 +0000 (06:18 -0700)]
 
devices: Fix coverity discovered 9/13/2017
Missing a break statement in the case
Change-Id: I1b1e198748343bc116ee0eaf9012abc3be15c40a
Signed-off-by: Steven <[email protected]>
flyingeagle23 [Fri, 8 Sep 2017 07:32:59 +0000 (15:32 +0800)]
 
lb_vip_command_fn param redundancy when unformat ip address(VPP-977)
Change-Id: I92de5b9ed42cda6c0438b8dc71892d322b642a70
Signed-off-by: flyingeagle23 <[email protected]>
Ole Troan [Wed, 13 Sep 2017 07:28:48 +0000 (09:28 +0200)]
 
STATS: Refactor missed adding messages to CRC dictionary.
Change-Id: I0d74856d4fd999dd9ca5886b8375ab8dd700b8a9
Signed-off-by: Ole Troan <[email protected]>
flyingeagle23 [Wed, 13 Sep 2017 11:03:56 +0000 (19:03 +0800)]
 
nat lb: del lb static mapping existed vec mem leak(VPP-983)
Change-Id: Id7306b432a33bb0fa594b6949e65ca528d8c0916
Signed-off-by: flyingeagle23 <[email protected]>
Dave Barach [Wed, 13 Sep 2017 13:18:08 +0000 (09:18 -0400)]
 
VPP-972: fix coverity warnings in the stats scraper
Change-Id: I8843e57105c6c29bcdaf1e6e3bf8e9caf6bfd2ec
Signed-off-by: Dave Barach <[email protected]>
Ole Troan [Thu, 31 Aug 2017 11:18:44 +0000 (13:18 +0200)]
 
VPP-960: Python API add more information in exception for invalid arguments to API calls.
Change-Id: I266eef8419fd98b9b900573ac9b032a62600ab86
Signed-off-by: Ole Troan <[email protected]>
Thomas F Herbert [Tue, 29 Aug 2017 20:07:51 +0000 (16:07 -0400)]
 
Add option to build without multi-buffer crypto.
JIRA VPP-498
This patch also allows RPMs to be built without multi-
buffer crypto for some RPM based downstream distros that
don't have sufficiently new nasm or don't have an USA
export license for multi-buffer crypto.
The default is to build WITH multi-buffer crypto
for x86-64. This patch allows optional building without
multi-buffer crypto.
To build without multi-buffer crypto, set the AESNI
environment variable to n.
To build rpm packages without multi-buffer crypto,
build the rpms with the option turned off.
make build AESNI=n
or..
make pkg-rpm --without aesni
---How to test this patch on a Centos build.---
Build as above and verify that nasm isn't executed during
the build process.
vpp may be installed and the dpdk plugin may be inspected to
verify that the multi-buffer code isn't present.
Change-Id: I8c5cfd4cdd9eb2b96772a687eaa54560806e001b
Signed-off-by: Thomas F Herbert <[email protected]>
Damjan Marion [Tue, 12 Sep 2017 13:34:17 +0000 (15:34 +0200)]
 
physmem: remove debug leftovers
Change-Id: I5a5dc0794d3398e749b64b07dfd1e2fc2230089b
Signed-off-by: Damjan Marion <[email protected]>
Matus Fabian [Tue, 12 Sep 2017 11:15:30 +0000 (04:15 -0700)]
 
NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)
Change-Id: I6c5eccd4193c44604da3fd27c108defe71b38a4b
Signed-off-by: Matus Fabian <[email protected]>
Florin Coras [Tue, 5 Sep 2017 18:03:37 +0000 (14:03 -0400)]
 
tcp: horizontal scaling improvments
- do not scale syn-ack window
- fix the max number of outstanding syns in builtin client
- fix syn-sent ack validation to use modulo arithmetic
- improve retransmit timer handler
- fix output buffer allocator leakeage
- improved debugging
Change-Id: Iac3bc0eadf7d0b494a93e22d210a3153b61b3273
Signed-off-by: Florin Coras <[email protected]>
Steven [Thu, 27 Jul 2017 21:54:44 +0000 (14:54 -0700)]
 
devices: Display VhostEthernet instead of UnknownEthernet for dpdk net_vhost driver
Added a new macro VNET_DPDK_PORT_TYPE_VHOST_ETHER for dpdk net_vhost driver
to display VhostEthernet instead of UnknownEthernet.
Change-Id: Ie407d83ebbbd60e4d11be79f0ebc44e2867a5f3b
Signed-off-by: Steven <[email protected]>
Shachar Beiser [Mon, 11 Sep 2017 08:06:18 +0000 (08:06 +0000)]
 
net/mlx5: fix warning message
Add support for Mellanox provider id and vendor id
Change-Id: Ib2451e69fbe949f01bcb1ee556aa3020da225610
Signed-off-by: Shachar Beiser <[email protected]>
flyingeagle23 [Tue, 12 Sep 2017 07:10:46 +0000 (15:10 +0800)]
 
Fix issue in nat Bisearch algorithm (VPP-980)
Change-Id: I39b1d1ec6fb9a10e2a0e67d36b01c0bf2522d07f
Signed-off-by: flyingeagle23 <[email protected]>
Andrew Yourtchenko [Mon, 11 Sep 2017 15:22:03 +0000 (17:22 +0200)]
 
acl-plugin: add startup-config section "acl-plugin" and heap/hash parameters
This adds the ability to tweak the memory allocation parameters of the ACL plugin
from the startup config. It may be useful in the cases involving higher limit
of the connections than the default 1M, or the high number of cores.
Change-Id: I2b6fb3f61126ff3ee998424b762b6aefe8fb1b8e
Signed-off-by: Andrew Yourtchenko <[email protected]>
flyingeagle23 [Mon, 11 Sep 2017 08:02:40 +0000 (16:02 +0800)]
 
nat lb mapping command existed array out of bounds(VPP-979)
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70
Signed-off-by: flyingeagle23 <[email protected]>
Pavel Kotucek [Thu, 7 Sep 2017 06:17:31 +0000 (08:17 +0200)]
 
ACL-plugin add "replace" semantics for adding a new MacIP acl
Change-Id: Ia5c869b2d8b8ad012b9e89fb6720c9c32d9ee065
Signed-off-by: Pavel Kotucek <[email protected]>
Neale Ranns [Mon, 11 Sep 2017 17:34:33 +0000 (10:34 -0700)]
 
replace uint32_t with u32
Change-Id: I6cab79c266837a8731adcf78c9e093dfa6be0ead
Signed-off-by: Neale Ranns <[email protected]>
Florin Coras [Fri, 8 Sep 2017 20:22:38 +0000 (16:22 -0400)]
 
arp/glean: fix hash computation
Change-Id: Ifef8a9328bb865f6ddb041bafe3699153f89755a
Signed-off-by: Florin Coras <[email protected]>
Colin Tregenza Dancer [Wed, 6 Sep 2017 19:23:24 +0000 (20:23 +0100)]
 
Recombine diags and minimum barrier open time changes (VPP-968)
Support logging to both syslog and elog
Also include DaveB is_mp_safe fix, which had been lost
Change-Id: If82f7969e2f43c63c3fed5b1a0c7434c90c1f380
Signed-off-by: Colin Tregenza Dancer <[email protected]>
Steven [Fri, 8 Sep 2017 22:40:32 +0000 (15:40 -0700)]
 
memif: mode ip is not settable from binary API
While mode ip is supported via the CLI for creating a memif interface,
it is not settable from the binary API due to missing code.
While at it, update the help usage to include the missing keyword secret.
Change-Id: Ia9c71f4017210a5e1733ce4992fbb566b7d20c1a
Signed-off-by: Steven <[email protected]>
Neale Ranns [Sun, 10 Sep 2017 11:39:11 +0000 (04:39 -0700)]
 
FIB table add/delete API
part 2;
  - this adds the code to create an IP and MPLS table via the API.
  - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass.
Change-Id: Id124d884ade6cb7da947225200e3bb193454c555
Signed-off-by: Neale Ranns <[email protected]>
Brian Brooks [Wed, 6 Sep 2017 18:19:48 +0000 (13:19 -0500)]
 
Improved arm64 chip detection
Use ARMv8 Main ID Register (exposed thru /proc/cpuinfo) to identify
the CPU implementor and part number. For further details, see the
ARMv8 ARM D7.2.66.
Change-Id: I2b0d0b165cda4ab9fc57c645af90e9e354b73f44
Signed-off-by: Brian Brooks <[email protected]>
Signed-off-by: Jeremy Linton <[email protected]>
Signed-off-by: Ola Liljedahl <[email protected]>
Reviewed-by: Song Zhu <[email protected]>
Matus Fabian [Mon, 11 Sep 2017 05:17:47 +0000 (22:17 -0700)]
 
NAT: fixed hairpinning for in2out translation as an output feature (VPP-976)
Test whether the hairpinning flag is set only for packets from NAT inside interface.
Change-Id: I4a4fdd2084a76a70ce9dfe3e2b8332c02fa2eccd
Signed-off-by: Matus Fabian <[email protected]>
Damjan Marion [Fri, 8 Sep 2017 17:52:02 +0000 (19:52 +0200)]
 
move unix_file_* code to vppinfra
This will allow us to use this code in client libraries without vlib.
Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Fri, 8 Sep 2017 17:21:00 +0000 (19:21 +0200)]
 
physmem: make fake allocation non-fatal if we cannot pick numa node
Change-Id: I563c043ed82e3ef199fc3d47931108f31cc01728
Signed-off-by: Damjan Marion <[email protected]>
Keith Burns (alagalah) [Fri, 8 Sep 2017 17:58:44 +0000 (10:58 -0700)]
 
gitignore update for IDE
Change-Id: I95096e8d507f9bcb0f808d0da0355655b474d29a
Signed-off-by: Keith Burns (alagalah) <[email protected]>
dongjuan [Thu, 7 Sep 2017 06:58:56 +0000 (14:58 +0800)]
 
Initialize ip4_reass_lock of map_main to zero (VPP-975)
Change-Id: I0f58100a944e36f5b530101178303d4595b3207f
Signed-off-by: dongjuan <[email protected]>
Gabriel Ganne [Wed, 6 Sep 2017 08:44:07 +0000 (10:44 +0200)]
 
add apr-devel to rpm dependency list for centos-7
Error mesasge:
...
rpmbuild -bb \
  --define "_topdir /home/gannega/vpp" \
  --define "_version 17.10" \
  --define "_release rc0~269_g030ab48" \
  vpp.spec
error: Failed build dependencies:
        apr-devel is needed by vpp-17.10-rc0~269_g030ab48.x86_64
Change-Id: I7c09b65dcc9e57cae3da396c0165b8a4c85a8c2b
Signed-off-by: Gabriel Ganne <[email protected]>
Damjan Marion [Fri, 8 Sep 2017 10:26:12 +0000 (12:26 +0200)]
 
vlib: move linux-specific code to vlib/linux
Change-Id: Id79d2c2be7a98e15416a537c890a8f2dd6d4464d
Signed-off-by: Damjan Marion <[email protected]>
Marco Varlese [Fri, 8 Sep 2017 08:40:34 +0000 (10:40 +0200)]
 
PUNT: Missing include for readv()
The missing header include was generating a compile-time error;
src/vnet/ip/punt.c:460:10: error: implicit declaration of function 'readv'
Change-Id: I3f74294e7824ea3602b8d416c86fdada1aac1906
Signed-off-by: Marco Varlese <[email protected]>
Steven [Thu, 7 Sep 2017 16:20:56 +0000 (09:20 -0700)]
 
memif: fix coverity warnings as of 9/7
1. coverity complains about "buffer not null terminated" for strncpy because we
pass the size of the destination to the call which is equal to the true size
of the destination. We subtract 1 for the size to accommodate the null like all
other places are already doing it.
2. Add a check to tx_queues in memif_interface_tx_inline to avoid "divide by zero".
3. To avoid null pointer dereference in memif_create_if, change the goto done
rather than goto error and spit a more meaningful error rather than silent about it.
4. Shuffle a line to avoid "check after use" in vl_api_memif_delete_t_handler.
Change-Id: Icba7ecd5362c012a48ac35795d31aab356617420
Signed-off-by: Steven <[email protected]>
Pavel Kotucek [Thu, 7 Sep 2017 12:44:52 +0000 (14:44 +0200)]
 
ACL-plugin MACIP ACLs tests
Change-Id: Ie40c837358454cfe9475cb2c14fdf20b24fa6602
Signed-off-by: Pavel Kotucek <[email protected]>
Andrew Yourtchenko [Thu, 7 Sep 2017 11:49:07 +0000 (13:49 +0200)]
 
acl-plugin: add hitcount to applied hash-acl entries
Add a counter incremented upon the ACL check,
so it is easier to see which kind of traffic
is being checked by the policy, add the corresponding
output to the debug CLI "show acl-plugin tables" command.
Change-Id: Id811dddf204e63eeceabfcc509e3e9c5aae1dbc8
Signed-off-by: Andrew Yourtchenko <[email protected]>
Dave Wallace [Wed, 6 Sep 2017 05:59:43 +0000 (01:59 -0400)]
 
Fix socket_test.sh vagrant based multi-host tests.
Change-Id: I8ef75a0c702098030c6814c127d3443820122327
Signed-off-by: Dave Wallace <[email protected]>
Chris Luke [Thu, 7 Sep 2017 11:40:13 +0000 (07:40 -0400)]
 
Fixes for issues reported by Coverity (VPP-972)
Change-Id: I25238debb7081b4467aec4620dfdef33fbef3295
Signed-off-by: Chris Luke <[email protected]>
Keith Burns (alagalah) [Sun, 6 Aug 2017 15:26:29 +0000 (08:26 -0700)]
 
Allow individual stats API and introduce stats.api
- want_interface_simple_stats
- want_interface_combined_stats
- want_ip4|6_fib|nbr_stats
Change-Id: I4e97461def508958b3e429c3fe8859b36fef2d18
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Damjan Marion [Thu, 20 Jul 2017 16:10:35 +0000 (18:10 +0200)]
 
vlib physmem rework
This patch adds supprot support for multiple numa-aware physmem regions.
Change-Id: I5c69a6f4da33c8ee21bdb8604d52fd2886f2327e
Signed-off-by: Damjan Marion <[email protected]>
Filip Tehlar [Mon, 4 Sep 2017 16:54:33 +0000 (18:54 +0200)]
 
LISP: add neighbor discovery and CP protocol separation APIs
Change-Id: Ia2fc4621f0e199b0d02ac4d2104b54bdb49c14dd
Signed-off-by: Filip Tehlar <[email protected]>
Filip Tehlar [Wed, 6 Sep 2017 08:07:39 +0000 (10:07 +0200)]
 
LISP: Add APIs for enable/disable xTR/P-ITR/P-ETR modes
Change-Id: Ieeb3b7eaabb568180320fe54d3eae2d26f3e4704
Signed-off-by: Filip Tehlar <[email protected]>
Marco Varlese [Sun, 3 Sep 2017 17:04:46 +0000 (19:04 +0200)]
 
The missing variable (added with this patch) was causing the build on AARCH64
platforms to default to lib (instead of lib64) when not explicitely defining
the --libdir through the configure script.
This patch fixes that.
Change-Id: Ia4c152e0f40acab7f098885d672ff9385f57b0fe
Signed-off-by: Marco Varlese <[email protected]>
Steven [Sun, 30 Jul 2017 17:29:26 +0000 (10:29 -0700)]
 
Devices: Set interface rx-mode may cause SIGSEGV with nonexistent queue
When I type in set interface rx-mode with a nonexistent queue, I got a crash with the following
traceback. It looks like the vm is NULL when vlib_node_get_runtime is called.
DBGvpp# sh int rx
Thread 0 (vpp_main):
  node dpdk-input:
    TenGigabitEthernet5/0/0 queue 0 (polling)
    TenGigabitEthernet5/0/1 queue 0 (polling)
    TenGigabitEthernet7/0/0 queue 0 (polling)
    TenGigabitEthernet7/0/1 queue 0 (polling)
  node vhost-user-input:
    VirtualEthernet0/0/2 queue 0 (adaptive)
DBGvpp# set interface rx-mode VirtualEthernet0/0/2  queue 1 polling
Thread 1 "vpp_main" received signal SIGSEGV, Segmentation fault.
0x00007ffff6d4e0bc in vlib_node_get_runtime (vm=0x0, node_index=125)
    at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:92
92	  vlib_node_t *n = vec_elt (nm->nodes, node_index);
(gdb) where
    at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:92
    at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:112
    vnm=0x6f0fa0 <vnet_main>, hw_if_index=7, queue_id=1, mode=0x7fffb62099e8)
    at /home/sluong/vpp/build-data/../src/vnet/devices/devices.c:307
    hw_if_index=7, queue_id=1, mode=VNET_HW_INTERFACE_RX_MODE_POLLING)
    at /home/sluong/vpp/build-data/../src/vnet/interface_cli.c:1192
    vm=0x7ffff7b9d440 <vlib_global_main>, input=0x7fffb6209ef0,
    cmd=0x7fffb61d5d14)
    at /home/sluong/vpp/build-data/../src/vnet/interface_cli.c:1288
    vm=0x7ffff7b9d440 <vlib_global_main>,
    cm=0x7ffff7b9d630 <vlib_global_main+496>, input=0x7fffb6209ef0,
    parent_command_index=18)
    at /home/sluong/vpp/build-data/../src/vlib/cli.c:588
    vm=0x7ffff7b9d440 <vlib_global_main>,
    cm=0x7ffff7b9d630 <vlib_global_main+496>, input=0x7fffb6209ef0,
    parent_command_index=12)
The fix is to add a check for vec_len(hw->input_node_thread_index_by_queue)
and vec_len (hw->rx_mode_by_queue) to reject the command if the queue_id is
out of bound. While at it, I notice inputting queue_id=-1 is being interpreted
as all queues. An easy fix is to not overload the queue_id variable with -1 to
mean something else.
Change-Id: Id70ec3e7d06ccc67635e6d28ef53420bdac4a988
Signed-off-by: Steven <[email protected]>
Andrew Yourtchenko [Thu, 7 Sep 2017 11:22:24 +0000 (13:22 +0200)]
 
test: factor out "L4_Conn" into a class within util.py (VPP-931)
It seems a useful abstraction for the purposes of writing
fine-grained tests, to be able to create a "connection" object
which would be bound to two VPP interfaces, and hold some
information about the state, allowing to send the packets
back and forth with minimal amount of arguments.
Change-Id: Idb83b6b82b38bded5b7e1756a41bb2df4cd58e3a
Signed-off-by: Andrew Yourtchenko <[email protected]>
Matus Fabian [Thu, 7 Sep 2017 10:50:49 +0000 (03:50 -0700)]
 
NAT: fixed bug in snat_get_worker_out2in_cb (VPP-832)
Change-Id: Id9c977634a1259865e3403ba0d90aecaca85207d
Signed-off-by: Matus Fabian <[email protected]>
Jan Gelety [Wed, 6 Sep 2017 07:24:44 +0000 (09:24 +0200)]
 
Update CSIT tests 170814 -> 170906
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: I23c6b5cb9bab6e295ff145531eabc2d51df49a94
Signed-off-by: Jan Gelety <[email protected]>
Andrew Yourtchenko [Thu, 10 Aug 2017 15:02:58 +0000 (17:02 +0200)]
 
acl-plugin: match index set to first portrange element if non-first portrange matches on the same hash key (VPP-937)
Multiple portranges that land on the same hash key will always report the match
on the first portrange - even when the subsequent portranges have matched.
Test escape, so make a corresponding test case and fix the code so it passes.
(the commit on stable/1707 has erroneously mentioned VPP-938 jira ticket)
Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1
Signed-off-by: Andrew Yourtchenko <[email protected]>
(cherry picked from commit 
fb088f0a201270e949469c915c529d75ad13353e)
Signed-off-by: Andrew Yourtchenko <[email protected]>
Ole Troan [Thu, 7 Sep 2017 08:04:41 +0000 (10:04 +0200)]
 
Punt socket: Fix coverity error for pathname length mismatch between API and sun_path.
Change-Id: I69d67707540e075afe7bad0a70e57d9d80b1bc8e
Signed-off-by: Ole Troan <[email protected]>
Dave Wallace [Wed, 6 Sep 2017 20:45:04 +0000 (16:45 -0400)]
 
Add fd/socket name to clib_socket_* error msgs.
Change-Id: Ifcc9df04e7b224dfc9e9be53a30df5bbccbe05b4
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Wed, 6 Sep 2017 05:20:02 +0000 (01:20 -0400)]
 
Fix session connect_* api message handling.
Change-Id: If7fd125989c90240de12953658d10007b9eb4f07
Signed-off-by: Dave Wallace <[email protected]>
Jerome Tollet [Tue, 5 Sep 2017 11:13:22 +0000 (12:13 +0100)]
 
Support for bridge domain free text tag
Change-Id: I9a75fdafd0c1d87b6f071fda5b77ff5f6b79deb7
Signed-off-by: Jerome Tollet <[email protected]>
Florin Coras [Tue, 5 Sep 2017 23:15:49 +0000 (16:15 -0700)]
 
make test: disable L2BD Multi-instance test 5
Change-Id: Iba44aec60a74ada5add41ecf00b25dc44f3ad3a3
Signed-off-by: Florin Coras <[email protected]>
Dave Wallace [Thu, 31 Aug 2017 19:54:11 +0000 (15:54 -0400)]
 
Set uid/gid on ssvm segment file.
Change-Id: I482bb9654f4dfe240bace5c2b61056cfd04cf018
Signed-off-by: Dave Wallace <[email protected]>
Dave Barach [Fri, 1 Sep 2017 23:12:11 +0000 (19:12 -0400)]
 
Improve "show segment-manager segments"
Clean up private-segment fifo preallocation
Change-Id: I53c630ed81d48f2832a204992d73635536926983
Signed-off-by: Dave Barach <[email protected]>
Chris Luke [Tue, 5 Sep 2017 15:59:55 +0000 (11:59 -0400)]
 
Fixes for issues raised by Coverity (VPP-972)
Change-Id: I4b1f27b95d67d48b7a13750ff8754c344ed7afa7
Signed-off-by: Chris Luke <[email protected]>
Matus Fabian [Mon, 4 Sep 2017 09:17:18 +0000 (02:17 -0700)]
 
NAT: Destination NAT44 with load-balancing (VPP-954)
added load-balancing static mappings with unequal load support
Change-Id: Ie505e41f24d46f812b94dd28bdafe3dc170a6060
Signed-off-by: Matus Fabian <[email protected]>
Sergio Gonzalez Monroy [Tue, 5 Sep 2017 12:47:21 +0000 (13:47 +0100)]
 
dpdk/ipsec: fix setup when using master core only
Change-Id: I62b7aa896dfe218358f11a5197b1228a3dd67152
Signed-off-by: Sergio Gonzalez Monroy <[email protected]>
Pierre Pfister [Fri, 28 Jul 2017 02:57:34 +0000 (22:57 -0400)]
 
Add pidfile cmdline option
Change-Id: Ibaa61b624eb6683b1be6901a7b29f5f73aad27b2
Signed-off-by: Pierre Pfister <[email protected]>
Colin Tregenza Dancer [Mon, 4 Sep 2017 14:27:49 +0000 (15:27 +0100)]
 
Refork worker thread data structures in parallel (VPP-970)
Change the rebuilding of worker thread clone datastructures
to run in parallel on the workers, instead of serially
on main.
Change-Id: Ib76bcfbef1e51f2399972090f4057be7aaa84e08
Signed-off-by: Colin Tregenza Dancer <[email protected]>
Ole Troan [Tue, 16 May 2017 12:59:29 +0000 (14:59 +0200)]
 
PUNT socket: External control plane processes connected via UNIX domain sockets.
An external (to VPP) process can register (over the VPP binary API) to
receive control plane packets over a UNIX domain socket. The packets are
prepended with a packet descriptor containing meta-data (if_index of
interface, etc).
Currently only UDP is supported.
The socket supports sending of packets/frames as well.
The sent packet is prepended with a descriptor, telling VPP to
route the packet (via ip4-lookup, ip6-lookup) or as an pre-formed
Ethernet frame that is sent directly to interface-output.
The intended use case for this is for an external DHCP client or
a RIP implementation.
New configuration option:
punt { socket <socket path> }
To register use the punt_socket API message.
TODO:
  - Add support for pre-routing. I.e send L3 packet to given
    TX interface, but do ARP/ND (ip[46]-rewrite)
  - Add test scripts
  - Support for abstract names (starting with \0)
  - Add rate limiting (COP)
  - Support for other protocols, e.g. IPv6 ND
Change-Id: I4a0afc8020deebb3d9d74686dde694ee5bcb8d0f
Signed-off-by: Ole Troan <[email protected]>
Filip Tehlar [Mon, 14 Aug 2017 17:15:36 +0000 (19:15 +0200)]
 
LISP: re-fetch mapping before it expires
Change-Id: I0581a1bddad55d8d573c546ec84b0b2760abab3d
Signed-off-by: Filip Tehlar <[email protected]>
John Lo [Sat, 2 Sep 2017 12:27:36 +0000 (08:27 -0400)]
 
Improve L2FIB PDR/NDR performance (VPP-963)
1. Limit MAC entry update per l2-learn call to reduce update burst
   when wall clock advance to the the next minute so all MAC time
   stamps are behind current time needing update.
2. Optimize l2-learn node fast path code sequence.
3. Invalidate cache_key when update MAC entry.
4. Change L2 learn hit counter to L2 learn hit-update counter.
5. Increase L2FIB table memory size to 512MB to fit 4M entries
6. Set MAC learn limit at 4M entries
Change-Id: I3075ee8fb59645a56850126bac2e3e6d341cef4d
Signed-off-by: John Lo <[email protected]>
Marco Varlese [Fri, 1 Sep 2017 12:47:53 +0000 (14:47 +0200)]
 
The build system still builds the DPDK plugin when the option
vpp_uses_dpdk is set to "no" in build-data/platforms/vpp.mk causing the
build to fail.
This patch addresses that issue.
Change-Id: Icc1aaa508e730c9b8715119e1259e4c82f974048
Signed-off-by: Marco Varlese <[email protected]>
Dave Barach [Tue, 29 Aug 2017 15:43:37 +0000 (11:43 -0400)]
 
Add fixed-size, preallocated pool support
Simply call pool_init_fixed(...) before using the pool. Note that
fixed, preallocated pools live in individually-mmap'ed address
segments, except for the free element bitmap. A large fixed pool can
exceed 4gb.
Fix tcp buffer allocator leak, remove broken assert
Change-Id: I4421082e12a77c41c6e20f7747f3150dcd01fc26
Signed-off-by: Dave Barach <[email protected]>
Ole Troan [Thu, 31 Aug 2017 10:59:43 +0000 (12:59 +0200)]
 
VPP-959: Python API require minimum CFFI version.
Change-Id: I328689b7d4efe6017412de43630a5e9f3633dd71
Signed-off-by: Ole Troan <[email protected]>
Sergio Gonzalez Monroy [Thu, 31 Aug 2017 14:12:00 +0000 (15:12 +0100)]
 
dpdk/ipsec: update doc regarding startup.conf
Change-Id: Ie449072ab1efec081235b508f1def60a1287ff5f
Signed-off-by: Sergio Gonzalez Monroy <[email protected]>
Steven [Sat, 29 Jul 2017 15:56:08 +0000 (08:56 -0700)]
 
vhost: Disallow interrupt mode config if driver opts out interrupt support
According to the spec, supporting interrupt mode from the driver is optional,
not a must. When interrupt mode is configured on the interface, we should
check to make sure that the driver didn't opt out for the kickfd support and
reject the configuration if it did.
Change-Id: I7d3dbaddde65458e1a6a802754a3768ae8685a0e
Signed-off-by: Steven <[email protected]>
Thomas F Herbert [Thu, 31 Aug 2017 14:22:57 +0000 (10:22 -0400)]
 
Add explicit check for Fedora.
Change-Id: I0a5aece190ccc82f0f840e3bc75e1d27433f5b47
Signed-off-by: Thomas F Herbert <[email protected]>
Damjan Marion [Thu, 31 Aug 2017 09:33:34 +0000 (11:33 +0200)]
 
Do arithemtric comparison in Makefile without using bc
Change-Id: I245f56814ba3911b832e7450d42c58f235bc6dc2
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Thu, 31 Aug 2017 09:23:10 +0000 (11:23 +0200)]
 
Revert "add bc to dependency list"
Adding new dependency is not right solution to this problem.
This reverts commit 
e58c93b2764eb306d286531a2b920c6de080cb77.
Change-Id: I08f2af5cf9c26c4302b0dbaccebbb52f0614f80f
Signed-off-by: Damjan Marion <[email protected]>