Vadym Martsynovskyy [Fri, 12 Jun 2020 16:50:50 +0000 (09:50 -0700)]
 
udp: align udp_encap_t_ to 2 cachelines
Based on the comments in the struct, udp_encap_t_ is meant to span 2
cachelines. Due to the 64 bit alignment of dpo_id_t, the struct spanned
3 cachelines. This caused fetching ue_ip_proto to trigger an additional
cache miss. This patch rearranges the ordering of the struct fields
so that udp_encap_t_ only spans 2 cachelines as intended.
before:
(gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1
$8 = 128
after:
(gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1
$1 = 64
Type: fix
Signed-off-by: Vadym Martsynovskyy <[email protected]>
Change-Id: I066c08654d4a8ef3e2d3954e957d4c5d382b209f
Chinmaya Agarwal [Tue, 23 Jun 2020 12:38:23 +0000 (12:38 +0000)]
 
sr: fix for SID index across segment lists within a sr policy
Type: fix
Signed-off-by: Chinmaya Agarwal <[email protected]>
Change-Id: I9aa5456bf94356e8702fbfd39b14db4c2e74d3e6
Zhiyong Yang [Fri, 15 May 2020 14:32:34 +0000 (22:32 +0800)]
 
l2: performance enhancement in l2input
Short Load/Stores combined with prefetching in the beginning of the loop
place too much pressure on AGUs and memory accesses.
The patch interleaves load/store operations with computational operations
to alleviate the pain point.
vlib_get_buffers is also leveraged.
Redefine u8 dst_and_src[12] instead of dst[6] and src[6] in struct
l2input_trace_t in order to merge two copys into one.
Type: improvement
Signed-off-by: Zhiyong Yang <[email protected]>
Change-Id: I7d3df7732c476069235e3019c68f0f53bca9637e
Matthew Smith [Mon, 15 Jun 2020 15:58:23 +0000 (10:58 -0500)]
 
vrrp: backup processes priority 255 advertisement
Type: fix
When accept mode is enabled, a backup VR will configure the VR virtual
addresses locally and respond to packets sent to those addresses. This
did not work when the primary VR is the address owner and sends
advertisements using the virtual address as the source address. It
also did not work when NAT was configured on the interface with the
virtual address as the NAT pool address. In both cases, advertisements
from other VRs would arrive and be dropped because they appeared to
be spoofed - the source address would be an address that is
configured as an interface address on the instance receiving it.
When accept mode is enabled for a VR and the VR enters the master state,
add an input feature on ip[46]-multicast for the interface which looks
for VRRP advertisements, figures out whether they are for a VR which
is configured with accept mode and is in the master state  and kicks
them straight to the VRRP nodes to avoid dropping them.
Change-Id: I240ba1ee0b3fd6d693de729698c1181dc71bb08b
Signed-off-by: Matthew Smith <[email protected]>
Steven Luong [Fri, 15 May 2020 19:21:50 +0000 (12:21 -0700)]
 
lacp: add unit test
add test_lacp.py to cover basic lacp unit test
Type: fix
Signed-off-by: Steven Luong <[email protected]>
Change-Id: I6f7f3d801956e54106f3c55cedaca186d81dad25
Klement Sekera [Wed, 17 Jun 2020 13:46:41 +0000 (13:46 +0000)]
 
nat: replace speculative buffer enqueue model
Replace speculative buffer enqueue coding model with
vlib_get_buffers(...)/vlib_buffer_enqueue_to_next(...).
Type: improvement
Change-Id: I7dbfac2234a7bd754c599857eb1d5b601da5bc7c
Signed-off-by: Klement Sekera <[email protected]>
Benoît Ganne [Wed, 24 Jun 2020 16:03:09 +0000 (18:03 +0200)]
 
ikev2: add FEATURE.yaml
Type: docs
Change-Id: Ie7836543e52bee08d12c565fbb6238d3e82ea3ce
Signed-off-by: Benoît Ganne <[email protected]>
Chenmin Sun [Mon, 22 Jun 2020 10:21:31 +0000 (18:21 +0800)]
 
flow: add IPSec ESP/AH flow
This patch adds the IPSec ESP/AH type flow support
Have tested on E810 with Intel iAVF driver
Type: feature
Signed-off-by: Chenmin Sun <[email protected]>
Change-Id: I6ab8e69f67c423cc4e33f3c363881a97cdb98c30
Mohsin Kazmi [Fri, 26 Jun 2020 13:48:26 +0000 (13:48 +0000)]
 
virtio: add tx trace
Type: improvement
Signed-off-by: Mohsin Kazmi <[email protected]>
Change-Id: I0b1a1ce085ceb75fe139092e40878566682a7986
Mohsin Kazmi [Fri, 26 Jun 2020 13:47:21 +0000 (13:47 +0000)]
 
tap: remove the bridge configurations for TUN interface
Type: fix
Signed-off-by: Mohsin Kazmi <[email protected]>
Change-Id: Ifeae641ec0aa7de74e33e582234505bf6e28ca87
Filip Tehlar [Wed, 24 Jun 2020 20:18:50 +0000 (20:18 +0000)]
 
ikev2: remove unused field
Type: improvement
Change-Id: I0893d7cd8b8ab9958f585ac564bd0638bc60e78a
Signed-off-by: Filip Tehlar <[email protected]>
Mohsin Kazmi [Thu, 25 Jun 2020 11:43:52 +0000 (13:43 +0200)]
 
ip: fix the punt redirect for ip4
Type: fix
Change-Id: I39341f201209931392f315ead5adfddd8b567caf
Signed-off-by: Mohsin Kazmi <[email protected]>
Dave Barach [Tue, 23 Jun 2020 21:36:12 +0000 (17:36 -0400)]
 
misc: add gdb macros
These gdb macros should prove very helpul when poking around in core files.
Pifi (pool_is_free_index) is not straighforward. Best to work it out
once.
Others:
 bitmap_get = clib_bitmap_get
 vl = vec_len
 pe = pool_elts
 node_name_from_index, as described
 vnet_buffer_opaque, prints the primary buffer opaque
 vnet_buffer_opaque2, prints the secondary buffer opaque
Fix vppinfra unit-test compile error
Type: improvement
Signed-off-by: Dave Barach <[email protected]>
Change-Id: Id2a2391a47e5a07cf3757f473e3805cc04784161
Klement Sekera [Wed, 24 Jun 2020 13:13:46 +0000 (13:13 +0000)]
 
nat: avoid division by zero
Return error instead of dividing by zero.
Type: fix
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I9f6a942e87ab87e8f1921e744ec1add45884e74a
Aloys Augustin [Wed, 24 Jun 2020 09:33:20 +0000 (11:33 +0200)]
 
tests: fix deps pinning / patching
This ensures we don't recompute the requirements-{2,3}.txt on each make
test run, and skips patching scapy if it is already patched instead of
failing.
Change-Id: I3da57182ae49f3dd04db139d96734a5d145fedff
Type: fix
Signed-off-by: Aloys Augustin <[email protected]>
Mohsin Kazmi [Wed, 24 Jun 2020 14:19:19 +0000 (16:19 +0200)]
 
virtio: fix the vlib buffer flags
Type: fix
Change-Id: I92e8e30e4175229e24dd92471016e9095b5cc83e
Signed-off-by: Mohsin Kazmi <[email protected]>
Klement Sekera [Tue, 23 Jun 2020 13:12:33 +0000 (13:12 +0000)]
 
nat: deterministic: disallow invalid config
Prevent overflow if input network prefix is too small and crash on
packet #1 due to vector not being allocated/initialized.
Type: fix
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I3494cc62ce889df48cc59cc9340b5dd70338c3a8
Florin Coras [Tue, 23 Jun 2020 21:11:01 +0000 (14:11 -0700)]
 
udp: jump over ip4 options
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I4f57a776302e11815fcea433ba8cf6724799ff65
Damjan Marion [Tue, 23 Jun 2020 17:01:56 +0000 (19:01 +0200)]
 
vppinfra: fix u32x4_gather definition
Type: fix
Change-Id: I3df8d3f277bfadee95bfc329e8ce8b929a986af6
Signed-off-by: Damjan Marion <[email protected]>
Dave Barach [Mon, 22 Jun 2020 14:02:25 +0000 (10:02 -0400)]
 
vlib: debug CLI macro expander, part deux
Deal with circular macro definitions instead of crashing due to stack
overflow.
Separate macro tables, per CLI session
Add documentation to the Sphinx docs
Type: improvement
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I55fc9152bd37ad0c15fa3959f38b07b63100e634
Klement Sekera [Mon, 22 Jun 2020 13:15:41 +0000 (13:15 +0000)]
 
nat: fix broken test
Type: fix
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I04952865b7e2b447763d0b67d120c3d933177646
Alexander Chernavin [Thu, 11 Jun 2020 13:57:33 +0000 (09:57 -0400)]
 
ip6-nd: punt neighbor advertisements
With this change, punt received neighbor advertisements instead of drop
in order to give other elements of the system an opportunity to handle
them.
Type: improvement
Change-Id: Ie6cde9eebc83e42029967141cb32ebc459fd3680
Signed-off-by: Alexander Chernavin <[email protected]>
Klement Sekera [Mon, 22 Jun 2020 12:52:29 +0000 (12:52 +0000)]
 
nat: set buf error if can't create user
Type: fix
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I747d78966a7296dcbae54d54b0c165d407c8863d
Filip Tehlar [Sun, 10 May 2020 05:18:37 +0000 (05:18 +0000)]
 
ikev2: use both local and remote ID for profile lookup
Type: fix
Ticket: VPP-1890
Change-Id: I9441d5afc38df7dabf6cccaead69dd32646d2a9e
Signed-off-by: Filip Tehlar <[email protected]>
John DeNisco [Fri, 19 Jun 2020 19:28:48 +0000 (15:28 -0400)]
 
vpp_config: Updates for 20.05
Added external dependancies package. Updated the startup.conf template.
Fix extras/scripts/check_commit_msg so it accepts '_' characters in
feature names.
Type: fix
Signed-off-by: John DeNisco <[email protected]>
Change-Id: I69c33a24b30d31e5b8081021030bff88cbaeace9
Signed-off-by: Dave Barach <[email protected]>
Dave Barach [Mon, 15 Jun 2020 21:38:12 +0000 (17:38 -0400)]
 
tests: improve lcov stats for memory_api.c
Cover vl_mem_api_dead_client_scan(...), which is not so simple.  Spin
up vpp_api_test using pexpect.spawn, make it bootstrap a private
memory segment, kill vpp_api_test, and wait for the dead client
scanner to run a few times so that it declares the client dead.
The test only runs if GCOV_TESTS=yes is set in the environment.
Type: test
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I3c712fa011df2e23761a2e73c1aba0c7e50123a6
Filip Tehlar [Sun, 26 Apr 2020 18:05:05 +0000 (18:05 +0000)]
 
tests: add ikev2 test framework with basic test case
Ticket: VPP-1905
Type: test
Change-Id: Ie66fbd8e37eb5e69bd61b701ed3449366bee8c84
Signed-off-by: Filip Tehlar <[email protected]>
Tom Seidenberg [Wed, 17 Jun 2020 21:31:44 +0000 (17:31 -0400)]
 
build: add cmake dependency from test plugin to api
Type: fix
Signed-off-by: Tom Seidenberg <[email protected]>
Change-Id: I00fa22733bd293e56eb6b81346fdf2d75ad9d88f
Dave Barach [Thu, 18 Jun 2020 21:04:18 +0000 (17:04 -0400)]
 
vlib: add recursive macro expander to debug cli
All of the pieces have been sitting around for years.
Added several debug CLI commands:
"define <variable-name> <value>"
"undefine <variable-name>"
"show macro [noeval]"
"echo <whatever>"
Macros may refer to other macros. To defer evaluation:
"define foo \$(bar)" or some such.
The macro evaluator is not smart about "define foo \$(foo)" or more
complicated circular definitions, so don't do that.
Environment variables are available, simply use $<name-of-environment-vbl>
The macro expander has a table of (overrideable) builtin names, which
are evaluated by calling functions.
Simple example:
echo $USER
define ip1 192.168.1.1/24
define ip2 192.168.2.1/24
loop create
loop create
set int ip address loop0 $ip1
set int ip address loop1 $ip2
show int addr
show macro
undefine ip1
undefine ip2
Type: feature
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I08a800647bac573d8ae3cfd75c40061d41c5f976
Klement Sekera [Thu, 18 Jun 2020 12:48:42 +0000 (12:48 +0000)]
 
nat: remove unused code
Type: refactor
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Icc55276c8a4c256049718610cb131a34dc8d0a80
Dave Barach [Wed, 17 Jun 2020 20:31:34 +0000 (16:31 -0400)]
 
docs: add more FEATURE.yaml documentation
For src/tools/g2, src/vlibapi, and src/vlibmemory
Type: docs
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I800c3e3a1ecb011d5e692d78a015e78342706786
Dave Barach [Wed, 17 Jun 2020 12:41:22 +0000 (08:41 -0400)]
 
docs: add more FEATURE.yaml documentation
This patch documents the DNS plugin, vlib packet tracing, vnet feature
arcs, and the vppinfra library.
Type: docs
Signed-off-by: Dave Barach <[email protected]>
Change-Id: Idb16ec0593d428ce78fe8404374a823a56b4b420
Klement Sekera [Thu, 11 Jun 2020 14:00:52 +0000 (14:00 +0000)]
 
nat: print hash table parameters in CLI
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Id6ab7e2ca965e860ea3f96145a888e0f3ccf9778
Dave Barach [Wed, 17 Jun 2020 12:05:37 +0000 (08:05 -0400)]
 
build: multiple yaml file support
Change the yaml file matching pattern from FEATURE.yaml to
FEATURE*.yaml, so we can document multiple features in one directory.
Type: improvement
Signed-off-by: Dave Barach <[email protected]>
Change-Id: Ic62f9fb4c73330c698724244cd8b362364fce5f9
Klement Sekera [Tue, 16 Jun 2020 13:28:09 +0000 (13:28 +0000)]
 
nat: add more trex test scripts
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Ia824d663c86d6a7c9bafe0206e9a93f93884739d
Damjan Marion [Tue, 16 Jun 2020 14:05:12 +0000 (16:05 +0200)]
 
build: cmake cross-compilation fixes
Type: fix
Change-Id: I40337c208375b74b4dc3c35102c5e66a6e4568e8
Signed-off-by: Damjan Marion <[email protected]>
Benoît Ganne [Tue, 16 Jun 2020 10:07:09 +0000 (12:07 +0200)]
 
ip-neighbor: fix MLD hash key using stack pointer
Use pointed value (ipv6 address) as hash key instead of pointer value
(pointer to ipv6 address on the stack).
Type: fix
Change-Id: I74a8b6d4bb552b5b344bcb50c8e830700c4ce739
Signed-off-by: Benoît Ganne <[email protected]>
Dave Barach [Tue, 16 Jun 2020 12:40:53 +0000 (08:40 -0400)]
 
misc: fix sonarclound warnings
Type: fix
Ticket: VPP-1888
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I9c2fb926a5e010658088a74051c8c3462ff61734
Damjan Marion [Thu, 21 May 2020 14:47:05 +0000 (16:47 +0200)]
 
vlib: address sanitizer support for stack switch, enable clang
Type: improvement
Change-Id: I81df4b61d1f0b8c1df77c1ee9bebcb491e155b69
Signed-off-by: Damjan Marion <[email protected]>
Benoît Ganne [Tue, 16 Jun 2020 10:05:07 +0000 (12:05 +0200)]
 
build: fix address sanitizer default args
Type: fix
Fixes: 
ec3a3f16e4cd3b33e2a409fb01b8d8826e05f9fa
Change-Id: Iea3acd93a96b4bfc9f335e37ec04c00e8fa5ff27
Signed-off-by: Benoît Ganne <[email protected]>
Dave Barach [Wed, 10 Jun 2020 21:07:32 +0000 (17:07 -0400)]
 
interface: add minimal vpp pkt trace for error-drop
Provide a minimal trace [ip4/ip6 src/dst address] for dropped pkts
when the user specifies "trace add error-drop XXXX", but does not
trace pkts from the original input node.
This is a wireshark dissector problem. Packets thrown at error-drop
may be well-formed, or not. VPP must not crash, no matter what.
The minimal trace capture and decode could be enhanced. Anyone
interested in doing that must consider all of the corner-cases
involved. This version should be at least somewhat useful.
Note that "pcap trace drop ..." - and the packet generator - seem like
the right tools to use when researching more complex issues.
Type: improvement
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I961ca133980ffa2a1e5707879a443b21442ed894
Klement Sekera [Mon, 8 Jun 2020 11:10:55 +0000 (11:10 +0000)]
 
nat: improve outside port selection & perf
Prefer using source port form packet as outside port if possible.
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I5c25f6a42386f38c9a6cc95bd7dda9f090b49817
John Lo [Thu, 11 Jun 2020 04:20:45 +0000 (00:20 -0400)]
 
gtpu: support separate rx-decap and encap-tx teid values
Support separate local and remote TEIDs, with local (or RX) one used
for GTPU tunnel RX/decap and remote (or TX) one used encap/TX.
Updated current gtpu API to support seperate RX/TX TEIDs and added new
gtpu_tunnel_update_tteid API to allow changing TX-TEID of an existing
GTPU tunnel.  The current tunnel field "teid" is used for RX-TEID and
a new field "tteid" is used for TX-TEID.
Type: improvement
Signed-off-by: John Lo <[email protected]>
Change-Id: I549d79750a34bb965036da298c0ca894d15c2c20
Steven Luong [Tue, 19 May 2020 00:12:56 +0000 (17:12 -0700)]
 
virtio: add vhost sw_if_index filter for sw_interface_vhost_user_dump
The filter sw_if_index was in the API sw_interface_vhost_user_dump. But
it was never implemented in the backend. This patch is to add the backend,
vat, and custom dump support for the filter.
Type: feature
Signed-off-by: Steven Luong <[email protected]>
Change-Id: Iaa41a7e11bfbcbb4c60092375e4b0dcf0950077b
Mohsin Kazmi [Wed, 10 Jun 2020 10:35:05 +0000 (12:35 +0200)]
 
gso: fix the udp checksum in test
Type: fix
Change-Id: I7005e4763e73f3679c40f94bdab26d439cd23188
Signed-off-by: Mohsin Kazmi <[email protected]>
Benoît Ganne [Tue, 21 Jan 2020 17:33:14 +0000 (18:33 +0100)]
 
api: check id is valid for bounce checking
If the id is invalid we cannot check whether we must free the message or
not, free it anyway.
Type: fix
Change-Id: Ie4426f601390d1e5e14c739f670e8c1e6e3aaf1e
Signed-off-by: Benoît Ganne <[email protected]>
Simon Chatterjee [Mon, 15 Jun 2020 17:17:18 +0000 (17:17 +0000)]
 
build: remove un-needed script
The move to cmake obviates the need for this build script (and its terminology).
Type: make
Signed-off-by: Simon Chatterjee <[email protected]>
Change-Id: Ie17429bfdf5a4b02ce2b70ba3568a7445c162d38
Florin Coras [Mon, 15 Jun 2020 14:59:40 +0000 (07:59 -0700)]
 
vcl: move helper functions out of header file
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I3889fd80b145cf80f76f6054d63247e76bdf20ff
Yichen Wang [Tue, 9 Jun 2020 00:13:01 +0000 (17:13 -0700)]
 
build: fix the build on centos8
Add missing dependencies and correct the building to support CentOS8
Type: make
Change-Id: Ie15b9b1174fa9b6d5ae02bace36ebc77e17d770c
Signed-off-by: Yichen Wang <[email protected]>
Zhiyong Yang [Wed, 10 Jun 2020 13:23:50 +0000 (13:23 +0000)]
 
vxlan: remove judgement with always true
if ((A | B) == false)  it means both A and B are false, so for
the following code
if (PREDICT_FALSE (!good_udp1))
      {
        if ((flags1 & VNET_BUFFER_F_L4_CHECKSUM_COMPUTED) == 0)
          {
              ...
          }
      }
if ((flags1 & VNET_BUFFER_F_L4_CHECKSUM_COMPUTED) == 0) is always
true if the code run it. Remove it.
Type: improvement
Signed-off-by: Zhiyong Yang <[email protected]>
Change-Id: I6bd1e9340c7a00089fc1c9ae49773add832d309e
Benoît Ganne [Mon, 15 Jun 2020 10:24:36 +0000 (12:24 +0200)]
 
buffers: fix non-default sized buffers initialization
Type: fix
Change-Id: I4a93e1d9936414c514cb237a22624986b3ef5b3d
Signed-off-by: Benoît Ganne <[email protected]>
Benoît Ganne [Tue, 2 Jun 2020 14:33:26 +0000 (16:33 +0200)]
 
dpdk: cryptodev: fix non-null terminated strings
Type: fix
Change-Id: Ib6f423e24f1a8d8439cd7e8893e4605e10984d48
Signed-off-by: Benoît Ganne <[email protected]>
Filip Tehlar [Sat, 6 Jun 2020 18:45:15 +0000 (18:45 +0000)]
 
ikev2: announce both 'ESN' and 'No ESN'
Type: fix
Change-Id: If73b88b9478b9314df6d9163c3a13724d4253c80
Signed-off-by: Filip Tehlar <[email protected]>
Steven Luong [Thu, 11 Jun 2020 06:38:41 +0000 (23:38 -0700)]
 
vlib: node recyling and node deletion missing triggering graph node sync
When recycling a graph node vnet_register_interface, it is missing an
explicit call to vlib_worker_thread_node_runtime_update(). However,
there is an implicit call to vlib_worker_thread_node_runtime_update()
via vnet_sw_interface_set_flags_helper() if it enables a new feature on
the interface for the first time. But that implicit call is not
guaranteed. For example, if an interface is created, deleted, and
created, then it may skip the implicit call to
vlib_worker_thread_node_runtime_update(). When that happens, the graph
nodes on thread 0 are not sync'ed to the worker threads. So the worker
thread's graph nodes are out of sync momentarily with the main thread's
graph nodes until some other event happens which calls for a sync is
needed. During this window, the worker thread's graph node is
vulnerable and may experience a crash.
When deleting a graph node, we never trigger a sync to the worker
thread. A patch was committed 3 years ago via
https://gerrit.fd.io/r/c/vpp/+/7523 to fix a show run crash. In
hindsight, the approach taken by 7523 is not orthogonal. While at it,
let's fix it right for both issues with a call to
vlib_worker_thread_node_runtime_update() in the appropriate place and
remove 7523.
Type: fix
Ticket: VPPSUPP-86
Fixes: gerrit 7523 / 
19e9d954bd9eb4f04d48640d6540198e84ef65d7
Signed-off-by: Steven Luong <[email protected]>
Change-Id: Ic9472bd2d3a212dbfeceb526506ed0400983a142
Mohsin Kazmi [Wed, 3 Jun 2020 16:20:17 +0000 (18:20 +0200)]
 
virtio: interface type based improvements
Type: improvement
Change-Id: I220ea6ab609e3c1628f5210be441d0d5e825a32c
Signed-off-by: Mohsin Kazmi <[email protected]>
Dave Barach [Thu, 11 Jun 2020 12:57:52 +0000 (08:57 -0400)]
 
ip: allocate ip4 mtrie pages in htlb memory
No change in default behavior. To use htlb pages for the ip4 mtrie,
use the "ip" command-line option "mtrie-hugetlb".
Type: improvement
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I5497e426a47200edff2c7e15563ed6a42af12e7f
Filip Tehlar [Sat, 6 Jun 2020 01:19:31 +0000 (01:19 +0000)]
 
ikev2: don't add DH group in ESP transform proposals
Type: fix
Anouncing DH group in esp transform proposals will enable PFS which is
not suppored now. This fixes issue during rekey when using strongswan as
responder.
Change-Id: Ib9f586113ae0ab9dc67e6ceadff43f8aac463820
Signed-off-by: Filip Tehlar <[email protected]>
Klement Sekera [Thu, 11 Jun 2020 10:35:52 +0000 (10:35 +0000)]
 
nat: properly scale out2in-ed hash on init
Type: fix
Fixes: 
a1018c166a468f7692ab621c743503914266f508
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I86592f73a60fd146d3764e474f975881e940c244
Klement Sekera [Fri, 27 Mar 2020 10:54:53 +0000 (11:54 +0100)]
 
nat: simplify bihash buckets/mem config
Derive reasonable values from max translations/max users.
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I41a96ab63ab138b4160cd60bd6df24fc73791c86
Klement Sekera [Tue, 9 Jun 2020 14:17:45 +0000 (14:17 +0000)]
 
vapi: memset allocated messages to zero
This avoids using dirty data from shared memory by client.
Type: fix
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I96eecf655bf344ec29609cedbd8dc891b572e207
zhengdelun [Fri, 22 May 2020 07:42:28 +0000 (15:42 +0800)]
 
ip: reassembly: LRU algorithm should eliminate the longest unused nodes
Type: fix
Signed-off-by: zhengdelun <[email protected]>
Change-Id: I3f6240b4c0798f85960acc55a193a0cbf0c67ea4
Klement Sekera [Mon, 8 Jun 2020 11:28:53 +0000 (11:28 +0000)]
 
nat: optimize prefetching
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Iea1748e8e39d213fcb3f3b52379bd37a6dd6aa3d
Mohsin Kazmi [Fri, 5 Jun 2020 12:43:38 +0000 (14:43 +0200)]
 
tap: enable gso/csum offload for tun
Type: improvement
Change-Id: I5b9d5ea192776f14a45bf909acc4bef7793521e8
Signed-off-by: Mohsin Kazmi <[email protected]>
Mohsin Kazmi [Tue, 2 Jun 2020 13:21:03 +0000 (15:21 +0200)]
 
vxlan: fix the inner packet checksum calculation
Type: fix
Change-Id: I1da4ace9f3e548af4b5b3373d695e4214c5df2ff
Signed-off-by: Mohsin Kazmi <[email protected]>
Mohsin Kazmi [Tue, 2 Jun 2020 13:12:30 +0000 (15:12 +0200)]
 
misc: add code styling for vxlan encap and vxlan_packet files
Type: style
Change-Id: Id363ccd0e51c61388fb45ef10685929f629cccbd
Signed-off-by: Mohsin Kazmi <[email protected]>
Florin Coras [Sun, 7 Jun 2020 20:06:56 +0000 (20:06 +0000)]
 
tcp: improve rtt estimation with rate sampling
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I25043da84b2f2b3f37024ecfedac535df3004ea5
Dave Barach [Mon, 8 Jun 2020 15:17:19 +0000 (11:17 -0400)]
 
vlib: stop inlining vlib_add_trace(...)
Packet tracing performance doesn't justify inlining
vlib_add_trace(...) over 500 times.
It makes a 15% text-segment size difference in a representative use-case:
Inline:
$ size .../vnet_skx.dir/ipsec/ipsec_input.c.o
   text    data     bss     dec     hex filename
   6831      80       0    6911    1aff .../vnet_skx.dir/ipsec/ipsec_input.c.o
Not inline:
$ size .../vnet_skx.dir/ipsec/ipsec_input.c.o
   text    data     bss     dec     hex filename
   5776      80       0    5856    16e0 .../vnet_skx.dir/ipsec/ipsec_input.c.o
Retain the original code as vlib_add_trace_inline, instantiate once as
vlib_add_trace.
Type: refactor
Signed-off-by: Dave Barach <[email protected]>
Change-Id: Iaf431dbf00c4aad03663d86f9dd1322e84d03962
Dave Barach [Mon, 8 Jun 2020 13:40:36 +0000 (09:40 -0400)]
 
vlib: Coverity fix
Fix a nit warning: we're not likely to create a vlib process with more
than 4gb of stack.
Type: fix
Ticket: VPP-1888
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I8bc7f64287c2802b0c286ce3d04443ac723a9a33
Vladimir Isaev [Thu, 21 May 2020 13:34:17 +0000 (16:34 +0300)]
 
vxlan: Fixed checksum caclculation offset
VXLAN uses csum_offload for IPv6 packets.
But without gso node we have csum calculated only for inner
packet.
This patch adds support for outer header csum calculation.
Checksum for inner packet should be calculated before
interface-output node (for example in vxlan node).
Type: fix
Signed-off-by: Mohsin Kazmi <[email protected]>
Signed-off-by: Vladimir Isaev <[email protected]>
Change-Id: Ica68429ede4426293769207cd83c791ebe72fe56
Klement Sekera [Tue, 19 May 2020 17:47:23 +0000 (17:47 +0000)]
 
nat: more long read after short write optimization
Replace whitespread (mis)use of snat_session_key_t by proper function
arguments where applicable and inline functions to calculate hash keys
instead of using structs for that. Make all hash tables use same network
byte order port so that there is no longer a discrepancy between static
mappings using host byte order while in2out/out2in tables using network
byte order.
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I80786d2f947c67824c101a13bb608f1fe1080f34
Dave Barach [Sun, 7 Jun 2020 13:18:26 +0000 (09:18 -0400)]
 
mactime: print error if feature not enabled
Type: fix
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I8fbc4baefecf512573126c5085ed7a6e2e360fbe
Dave Barach [Fri, 5 Jun 2020 13:42:50 +0000 (09:42 -0400)]
 
fib: fix multiple dpo pool expand cases
Add dpo_pool_barrier_sync/release, use them to clean up
thread-unsafe pool expansion cases.
Type: fix
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I09299124a25f8d541e3bb4b75375568990e9b911
Dave Barach [Fri, 5 Jun 2020 11:06:21 +0000 (07:06 -0400)]
 
fib: fix adj pool expand cases
adj_alloc (...) is not thread safe when the adj pool or combined
counter vectors expand.
Type: fix
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I55710de6ecc083b7434e11798659cca9250c9131
Jieqiang Wang [Thu, 4 Jun 2020 06:09:57 +0000 (14:09 +0800)]
 
build: add libssl-dev library for ubuntu 20.04
Add the libssl-dev library for ubuntu 20.04 in Makefile.
Type: fix
Signed-off-by: Jieqiang Wang <[email protected]>
Change-Id: I4187cb041997e7457734ffdb18bdbec98a051669
Dave Barach [Wed, 3 Jun 2020 12:05:15 +0000 (08:05 -0400)]
 
fib: add barrier sync, pool/vector expand cases
load_balance_alloc_i(...) is not thread safe when the
load_balance_pool or combined counter vectors expand.
Type: fix
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I7f295ed77350d1df0434d5ff461eedafe79131de
Klement Sekera [Thu, 4 Jun 2020 12:41:43 +0000 (12:41 +0000)]
 
nat: fix coverity warning
Type: fix
Change-Id: I0e87021b11009a955f5839bdb68af897145816c1
Signed-off-by: Klement Sekera <[email protected]>
Filip Tehlar [Sun, 10 May 2020 22:13:55 +0000 (22:13 +0000)]
 
ikev2: session cleanup after profile is deleted
Type: fix
Change-Id: I3198461f3dfc13cd3cedf2b8611dc80bb6f959c8
Signed-off-by: Filip Tehlar <[email protected]>
Damjan Marion [Wed, 3 Jun 2020 18:13:59 +0000 (20:13 +0200)]
 
dpdk: cleanup, add rx queue struct
Type: improvement
Change-Id: I3defde103ab245404de42d2be7abcb2c43d49a60
Signed-off-by: Damjan Marion <[email protected]>
Filip Varga [Wed, 3 Jun 2020 13:26:41 +0000 (15:26 +0200)]
 
nat: fixed input validation
Ticket: VPP-1887
Type: fix
Change-Id: I341ac7b455926a106d736f4de6771aae655db82e
Signed-off-by: Filip Varga <[email protected]>
Klement Sekera [Wed, 27 May 2020 12:41:34 +0000 (12:41 +0000)]
 
nat: add tracing for nat44-hairpinning
Type: improvement
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Ife437f959e29d3de88bd7ee77221ada86fb03e80
Dave Barach [Tue, 2 Jun 2020 12:57:36 +0000 (08:57 -0400)]
 
docs: improve handoff queue writeup
Type: docs
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I4d63a0fbbdb3cc00eac9116f122e5b831d059e33
Damjan Marion [Wed, 3 Jun 2020 10:20:41 +0000 (12:20 +0200)]
 
vlib: improve node interrupt handling
 - add ability to pass data together with interrupt
 - avoid locking for local interrupts (same thread)
Type: improvement
Change-Id: I73a2ab2e716bb887a1f02c87788ae83e329f9b40
Signed-off-by: Damjan Marion <[email protected]>
Ole Troan [Wed, 3 Jun 2020 09:47:55 +0000 (11:47 +0200)]
 
nat: refactor mss_clamping to not depend on snat_main_t
Type: refactor
Signed-off-by: Ole Troan <[email protected]>
Change-Id: I1110e425859a4f1f07952c91b50f263cb7323836
Andrew Yourtchenko [Wed, 29 Apr 2020 16:48:24 +0000 (16:48 +0000)]
 
bash: functions to set up csit and sandbox env
Type: test
Change-Id: Iceaebfe2faf29a893b9571069212e951273c3d2b
Signed-off-by: Andrew Yourtchenko <[email protected]>
Signed-off-by: John DeNisco <[email protected]>
Signed-off-by: Dave Wallace <[email protected]>
Filip Tehlar [Mon, 25 May 2020 21:35:55 +0000 (21:35 +0000)]
 
ikev2: remove unused hash computation
Type: improvement
Change-Id: I99c2383dd0d30efd1837f3d10ff2e4cf3a784283
Signed-off-by: Filip Tehlar <[email protected]>
Andreas Schultz [Tue, 12 May 2020 12:41:16 +0000 (14:41 +0200)]
 
ip: fix IPv6 mask to prefix length conversion
make sure we don't pass a 0 (zero) to log2.
Type: fix
Signed-off-by: Andreas Schultz <[email protected]>
Change-Id: Ib3386ad4686835d3836f48294cee4058e897847a
Dave Barach [Fri, 29 May 2020 20:34:50 +0000 (16:34 -0400)]
 
nat: update ip4-udp src port for checksum == 0 pkts
Otherwise, the out2in path will discard return-path traffic with
probability 1.0.
Type: fix
Fixes: gerrit 23963 / 
f126e746fc01c75bc99329d10ce9127b26b23814
Signed-off-by: Dave Barach <[email protected]>
Change-Id: I621ed99329c04ef358035747dde599c0016b58f5
Paul Vinciguerra [Fri, 29 May 2020 23:01:18 +0000 (19:01 -0400)]
 
lisp: fix api_format reference
Type: fix
Ticket: VPP-1885
Change-Id: I474fffd4d36f439a19d475a8cb20171ca88274ec
Signed-off-by: Paul Vinciguerra <[email protected]>
Matthew Smith [Fri, 29 May 2020 17:29:45 +0000 (12:29 -0500)]
 
bonding: Revert adjust link state
This reverts commit 
9121c415a91904be50071ec55143d9c89b2f1b91.
Reason for revert: causes deadlock with multiple worker threads
Type: fix
Change-Id: Icf3d6d343d99d887abacbaa03acbf04d4628514e
Signed-off-by: Matthew Smith <[email protected]>
Florin Coras [Fri, 29 May 2020 16:18:57 +0000 (16:18 +0000)]
 
lisp: fix api_format
Type: fix
Ticket: VPP-1885
Fixes: 
58db6e1
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I6431e49b315e09490fed8fd70ac53872836c6a09
Florin Coras [Thu, 28 May 2020 18:01:26 +0000 (18:01 +0000)]
 
lisp: fix custom dump
Type: fix
Ticket: VPP-1886
Fixes: 
58db6e1
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ic40018a756e57bfec05ffbc5e30d18f4feb315db
Neale Ranns [Fri, 29 May 2020 14:19:41 +0000 (10:19 -0400)]
 
fib: Safe adj walk
Type: fix
the hash walk does not give the same guarantees as the bihash so
walk in a safe manner.
Change-Id: Idfe48c3a84ab3a341d887f7d196bc81ba34ae8b0
Signed-off-by: Neale Ranns <[email protected]>
Mohsin Kazmi [Thu, 28 May 2020 18:49:46 +0000 (20:49 +0200)]
 
gso: add checksum and payload size testing
Type: test
Change-Id: I9e4f7cf44d465712aa26e5dd6a0ff38588964a39
Signed-off-by: Mohsin Kazmi <[email protected]>
Mohsin Kazmi [Thu, 28 May 2020 18:56:43 +0000 (20:56 +0200)]
 
gso: fix flag for inner header
Type: fix
Change-Id: Ic3fc488521636f7f7c9402a20db45fdb599adaae
Signed-off-by: Mohsin Kazmi <[email protected]>
John DeNisco [Thu, 21 May 2020 13:00:04 +0000 (09:00 -0400)]
 
docs: Minor updates to feature.yaml files
Type: docs
Signed-off-by: John DeNisco <[email protected]>
Change-Id: Iba106d33d34766b91e46980e7237fbdfc3710b8b
John DeNisco [Fri, 29 May 2020 12:56:38 +0000 (08:56 -0400)]
 
docs: Minor fixes in publish_docs.sh and sanitizer.rst
Fix a warning in sanitizer.rst and publish_docs.sh
Type: fix
Signed-off-by: John DeNisco <[email protected]>
Change-Id: I66d724f52a7b724a97a894e1cd35c1239aeedcdf
Elias Rudberg [Tue, 26 May 2020 23:03:46 +0000 (01:03 +0200)]
 
misc: ipfix-export unformat u16 collector_port fix
Use %U and unformat_udp_port instead of %u for unformat() call for
u16 collector_port number in set_ipfix_exporter_command_fn() to
avoid corruption of other variables which can happen if unformat()
with %u is used with a 16-bit variable. This avoids crash due to
corrupted fib_index value.
Type: fix
Signed-off-by: Elias Rudberg <[email protected]>
Change-Id: Id54273fcc458a7f9c5aa4025aa91711f160c1c1a
Mohsin Kazmi [Thu, 28 May 2020 10:37:56 +0000 (12:37 +0200)]
 
misc: fix the pretty print for api trace
Type: style
Change-Id: I4ef8ba30be2696e8f63d5305027d2aa629cbdb88
Signed-off-by: Mohsin Kazmi <[email protected]>
Andrew Yourtchenko [Thu, 21 May 2020 17:05:41 +0000 (17:05 +0000)]
 
misc: Avoid sample.md from in the VPP docs, clean up the extraneous copy
I had cleaned up the sample.md previously for 20.01, but when later
that was merged to master, the file was renamed. So, fix this issue.
Change-Id: I6347685af216901fbfdd445606735b9bf79f8fe5
Type: docs
Signed-off-by: Andrew Yourtchenko <[email protected]>
(cherry picked from commit 
e2e3c38be6d91c3deb15373992cd5a764e773060)
Mohsin Kazmi [Tue, 26 May 2020 12:34:34 +0000 (14:34 +0200)]
 
tap: fix rx queue index
Type: fix
Change-Id: I5601bdeb47d08118476ff7bd29435d2c1dba34b9
Signed-off-by: Mohsin Kazmi <[email protected]>