Klement Sekera [Tue, 31 Mar 2020 07:48:02 +0000 (09:48 +0200)]
nat: use correct data types for memory sizes
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Id2d181385f109163d4c806eecda166c2087c4b92
Mohsin Kazmi [Tue, 7 Apr 2020 14:42:57 +0000 (16:42 +0200)]
virtio: fix the tcp/udp checksum offloads
Some vhost-backend calculates the wrong checksum in
case of tcp/udp offload when driver resets tcp/udp
checksum field to '0'.
Type: fix
Change-Id: I1d2a9b95b3d5cc1decac38027104a04df2af4680
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Neale Ranns [Wed, 8 Apr 2020 12:28:06 +0000 (08:28 -0400)]
ip: do not clear the locally-originated flag
Type: fix
- doing so in MTU dec, means mtu_inc is broken
- there's no need to. if a packet encounters ipX-rewrite a second time then it went through a tunnel the first time and is still locally originated.
Change-Id: I0f279c2837b608c1677485fe93f63398ab2737b3
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Mon, 6 Apr 2020 07:37:47 +0000 (07:37 +0000)]
acl: fix unresolved symbol for format_fib_prefix in vat plugin
Type: fix
Change-Id: I5bf8d6043a49985b9241df8ff24774892678b557
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Sun, 5 Apr 2020 08:22:47 +0000 (10:22 +0200)]
nat: ED: global session LRU list
Maintain a global session LRU allowing reuse of expired session instead
of relying on a scavenging mechanism to periodically walk sessions.
Whenever a new session is being allocated in slow path, also attempt to
free an expired session from global LRU list.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9edde9ec138de67c9a4888e915b0490ec16415fa
Klement Sekera [Wed, 1 Apr 2020 18:58:15 +0000 (20:58 +0200)]
nat: preallocate pools
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I1be559a98f74c28a9c83fe320c8ce02459793e66
Tetsuya Murakami [Tue, 7 Apr 2020 20:59:26 +0000 (13:59 -0700)]
sr: Fix the coverity issue
Fix the coverity issue on srv/vnet/srv6/sr_localsid.c
Type: fix
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I4aeef31cfd67cc1801ab57b94bf4f5ff3d13fd49
Simon Zhang [Tue, 31 Mar 2020 12:56:22 +0000 (20:56 +0800)]
session: alloc exact number of bufs for multi-seg deqs
Type: refactor
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I11cf806e22158e021a9a405eb4487a9ed6fdbccf
Florin Coras [Tue, 7 Apr 2020 22:31:06 +0000 (22:31 +0000)]
session: add more session errors
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9b246eb8a99020de9e5859147c456096fe2e3389
Dave Barach [Tue, 7 Apr 2020 14:52:43 +0000 (10:52 -0400)]
l2: handle complete clone fail in l2_flood
vlib_buffer_clone(...) may not manage to produce any buffer clones at
all.
vlib_buffer_clone_256 should not smash the original buffer reference
count if no clones are produced.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I14d9d53637a220485c7a0036cfc75a4149b264ea
Klement Sekera [Thu, 20 Feb 2020 11:40:50 +0000 (11:40 +0000)]
nat: ED: port re-use algorithm
Type: fix
Change-Id: I11440c855eb35d2a6095dfe135e4ab5090f11ff3
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Ray Kinsella [Tue, 7 Apr 2020 15:35:22 +0000 (16:35 +0100)]
vat: fix vat strncpy stringop-overflow
Fix GCC 9.0 barf on vat strncpy.
Type: fix
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I5e41225d6ac9673a9d953046720df55e7b69c479
Signed-off-by: Dave Barach <dave@barachs.net>
Klement Sekera [Sun, 5 Apr 2020 15:07:32 +0000 (17:07 +0200)]
nat: don't drop packet for expired session
If session is expired, the packet which we just received might be a one,
which legitimely creates a new session, process it in slow path instead
to decide the outcome.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I45628f52d37ae9dee5e8aa58171ff0b86f91f5dd
Florin Coras [Tue, 7 Apr 2020 17:30:13 +0000 (17:30 +0000)]
udp: move cli to separate file
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2057ebb4b6a4af3ef8fd9b73aadfa00d63bae618
Aloys Augustin [Tue, 7 Apr 2020 13:43:33 +0000 (15:43 +0200)]
tests: pin sphinx and sphinx-rtd-theme
Add these two packages to requirements.txt so that their version and
the version of their dependencies are pinned to limit the risk of
unexpected breakage.
Change-Id: If330404f2e840af3d2628f997ce406cd14e7e128
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Florin Coras [Tue, 7 Apr 2020 04:14:45 +0000 (04:14 +0000)]
tcp: fix conf mtu parsing
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4f0628b0484e32facbeb163993cc25d637167936
Florin Coras [Tue, 7 Apr 2020 03:46:07 +0000 (03:46 +0000)]
udp session: allow dgram ip fragmentation
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ida8f9e759b4990ea6e34e71dc45bdb3b5eabc27f
Florin Coras [Mon, 6 Apr 2020 21:28:59 +0000 (21:28 +0000)]
udp session: jumbo frames and configurable mtu
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6b750bef5df0f8544e05177ccd480f87a020832d
Filip Tehlar [Tue, 31 Mar 2020 05:59:41 +0000 (05:59 +0000)]
ikev2: make liveness params configurable
Introduce new cli for setting liveness check period and max retries for
a peer to consider its partner dead.
ikev2 set liveness <period-in-seconds> <max-retires>
Type: improvement
Change-Id: Iadae1de245d34fe3ee85e09b570f9df8c401772b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Ignas Bacius [Mon, 6 Apr 2020 13:31:27 +0000 (16:31 +0300)]
sr: fix byte-order in steering API
Type: fix
Change-Id: Ib25e5324e4ba360cd91b92abc78c994f86148148
Signed-off-by: Ignas Bacius <ignas@noia.network>
Tetsuya Murakami [Mon, 23 Mar 2020 23:10:28 +0000 (16:10 -0700)]
sr: Support uSID function.
1. Add uSID function in VNET SRv6
2. Add test case for uSID
Type: feature
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I354fc687192ed713ceb81fccc9f7b69b6777f6f6
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Dave Barach [Mon, 6 Apr 2020 14:19:18 +0000 (10:19 -0400)]
vat: fix static analysis warning
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia46f865082dcf0cf06af99a7c958c4a5b02193ce
Florin Coras [Sun, 5 Apr 2020 19:25:44 +0000 (19:25 +0000)]
vcl session: enforce full dgram reads/writes
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4a3861e31ca42faf0b59f8f09393fb10413bf3af
Florin Coras [Sat, 4 Apr 2020 22:45:34 +0000 (22:45 +0000)]
session udp: shared local endpoints
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie7102355b95eefb233ec7d146e61819051a7bf07
Andrew Yourtchenko [Mon, 6 Apr 2020 13:36:50 +0000 (13:36 +0000)]
docs: pin down sphinx to avoid crash with Sphinx 3.0.0
The vpp-make-test-docs-verify jobs started to fail. The last successful run of it shows:
reating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/vpp_vxlan_gbp_tunnel.rst.
Creating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/vpp_vxlan_tunnel.rst.
Creating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/vrf.rst.
Creating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/modules.rst.
sphinx-build -b html -d /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/.sphinx-cache /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api -c /w/workspace/vpp-make-test-docs-verify-master/test/doc /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/html
Running Sphinx v2.4.4
making output directory... done
building [mo]: targets for 0 po files that are out of date
building [html]: targets for 161 source files that are out of date
updating environment: [new config] 161 added, 0 changed, 0 removed
reading sources... [ 0%] bfd
reading sources... [ 1%] debug
reading sources... [ 1%] debug_internal
reading sources... [ 2%] discover_tests
The failing jobs show:
Creating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/vpp_vxlan_tunnel.rst.
Creating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/vrf.rst.
Creating file /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api/modules.rst.
sphinx-build -b html -d /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/.sphinx-cache /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/api -c /w/workspace/vpp-make-test-docs-verify-master/test/doc /w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc/html
Running Sphinx v3.0.0
making output directory... done
building [mo]: targets for 0 po files that are out of date
building [html]: targets for 161 source files that are out of date
updating environment: [new config] 161 added, 0 changed, 0 removed
reading sources... [ 0%] bfd
Exception occurred:
File "/usr/lib/python3.6/inspect.py", line 516, in unwrap
raise ValueError('wrapper loop when unwrapping {!r}'.format(f))
ValueError: wrapper loop when unwrapping scapy.fields.BitEnumField
The full traceback has been saved in /tmp/sphinx-err-n84dadfq.log, if you want to report the issue to the developers.
Please also report this if it was a user error, so that a better error message can be provided next time.
A bug report can be filed in the tracker at <https://github.com/sphinx-doc/sphinx/issues>. Thanks!
Makefile:39: recipe for target 'html' failed
make[2]: *** [html] Error 2
make[2]: Leaving directory '/w/workspace/vpp-make-test-docs-verify-master/test/doc'
Makefile:274: recipe for target '/w/workspace/vpp-make-test-docs-verify-master/build-root/build-test/doc' failed
Type: fix
Change-Id: Id98c0f94104e455ea819aacec62f605e53db13ce
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Steven Luong [Mon, 6 Jan 2020 23:14:46 +0000 (15:14 -0800)]
bonding: Add GSO support
Add GSO support, configurable from the CLI.
Type: feature
Ticket: VPP-1820
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I65885a071b24c74437e6cfe5eff237b01bc1744b
(cherry picked from commit
a06f68556e506a6ff7f31a617a036614c84f71c0)
Paul Vinciguerra [Fri, 3 Apr 2020 16:18:40 +0000 (12:18 -0400)]
misc: fix python sonarcloud BLOCKER level issues
Fix of the top 11 python issues flagged as BLOCKER.
Ticket: VPP-1856
Type: fix
Change-Id: Icf4691e62f4a69d6ee196b6d6e2ab52d961b5c76
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Filip Tehlar [Tue, 31 Mar 2020 17:54:49 +0000 (17:54 +0000)]
ikev2: fix wrong index computation
Type: fix
Change-Id: Ia7b07b4ec9e5681946f3f5c01c230c1f814e2cf6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Klement Sekera [Mon, 30 Mar 2020 14:59:38 +0000 (16:59 +0200)]
ip: reassembly: don't set error if no error
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9d25129fbf1ea880121b281f41750155286fb489
Dave Barach [Sat, 4 Apr 2020 22:34:41 +0000 (18:34 -0400)]
misc: strcpy be gone
Causes static analysis "vulnerability" warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I272fa69251d70f62178e6dff0423c16f99937af1
Florin Coras [Mon, 23 Mar 2020 15:34:22 +0000 (15:34 +0000)]
session tls: support tls descheduling
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ieb8bb9c6deb92479fdd3e045778fe5ae4782d1ea
Florin Coras [Thu, 27 Feb 2020 04:32:51 +0000 (04:32 +0000)]
session tls: improve app transports tx scheduling
Type: improvement
- allow apps to request rescheduling of tx events via
SESSION_F_CUSTOM_TX flag
- limit max burst per session custom tx dispatch
In tls
- use the new infra to reschedule tx events
- use max burst bytes as upper limit to number of bytes to be encrypted
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I544a5a3337af7ebdff3406b776adf30cf96ebf3c
Dave Barach [Sat, 4 Apr 2020 14:05:48 +0000 (10:05 -0400)]
misc: sprintf be gone
Along with related static analysis warnings...
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I2c6949c7a2250b8f76a63508c7c210daecfe0f91
Dave Wallace [Fri, 3 Apr 2020 23:48:48 +0000 (19:48 -0400)]
vcl: fix vcl_test.py sonarcloud issue
- Updated comment to indicate the original
intermittent test failure still occurs when
running make test with TEST_JOBS > 1.
- The original workaround has been retained
until the root cause can be determined to
avoid test failures in the LF CI infra
with patches containing non-vcl code changes.
Type: test
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I2645acd4bf2b16fbb2b0e297c8c2919fc6199c13
Florin Coras [Mon, 21 Oct 2019 23:07:46 +0000 (16:07 -0700)]
session: improve error reporting
Type: improvement
Change-Id: I9dd850a1ce85b0adb5136233f176117e0ee38817
Signed-off-by: Florin Coras <fcoras@cisco.com>
Dave Wallace [Fri, 3 Apr 2020 17:50:57 +0000 (17:50 +0000)]
misc: fix sonarcloud html issue
Type: fix
Change-Id: I3691c310fa6336bf2c103c42bccd94c27aab4878
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Florin Coras [Fri, 3 Apr 2020 17:23:42 +0000 (17:23 +0000)]
session: init port_proto_type asap
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idc9b1423846edb46755a255ecc14070e9250d192
Florin Coras [Fri, 3 Apr 2020 00:58:48 +0000 (00:58 +0000)]
session udp: fix transport flags and migration
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I840d43e79b1f826380bd56485441510e45bdfc7f
Florin Coras [Thu, 2 Apr 2020 23:00:13 +0000 (23:00 +0000)]
session: remove obsolete apis
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia14800710aca7c1bc315b6da3c69d623f79a5b63
Paul Vinciguerra [Fri, 3 Apr 2020 05:30:15 +0000 (01:30 -0400)]
docs: 80-vpp.conf fix transposition error in comments
Type: docs
Change-Id: I0d75c7673d85c5bd8ae10f48e7189ee28a31240e
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Jakub Grajciar [Wed, 1 Apr 2020 13:42:06 +0000 (15:42 +0200)]
ip: remove vl_api_address_family_t byte order swap
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I8074db3623ee4b37ac70ce8ea0d1912b97e5c059
Steven Luong [Thu, 2 Apr 2020 04:50:10 +0000 (21:50 -0700)]
dpdk: VM VHOST tests with rxq>1 failing
DPDK recently added a check in the virtio driver to make sure that
rxmode->mq_mode == ETH_MQ_RX_NONE. We were passing ETH_MQ_RX_RSS
and the device initialization was not accepted.
The reason for the change in DPDK was that there is no controls
(algorithm, redirection table, hash function). So they thought ETH_MQ_RX_NONE
was the best choice for the value of mq_mode.
Type: fix
Ticket: VPP-1853
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ifa0fc4206cedc56a851f94f6434a2a7500bbd419
Florin Coras [Wed, 18 Mar 2020 21:26:41 +0000 (21:26 +0000)]
tcp: explicit use of timer wheel in timer apis
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I06120d43c15b2fa3f437ef235bf5f83ec2beb45e
Matthew Smith [Thu, 2 Apr 2020 12:45:49 +0000 (07:45 -0500)]
ipsec: provide stat index in sa details
Type: improvement
When IPsec SAs are dumped, include the index that can be used to
find byte & packet counters for the SA in the stat segment.
Removed the field total_data_size from the details since it was not
being populated and put the stat index field in its place.
Change-Id: If73efc230542a11944551b6e710b57b575450da3
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Dave Barach [Thu, 2 Apr 2020 14:44:09 +0000 (10:44 -0400)]
misc: fix static analysis warnings
One actual bugfix.
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Icef25167f97a70cc795c0a481174de319ed79ad5
Florin Coras [Wed, 18 Mar 2020 20:31:34 +0000 (20:31 +0000)]
tcp: move features to separate files
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia477b8dba9266f47907967e363c11048e5cd95ab
Paul Vinciguerra [Wed, 11 Mar 2020 17:28:27 +0000 (13:28 -0400)]
docs: Fix venv under python3
See ticket for output under containers for each distro.
Ticket: VPP-1851
Type: docs
Change-Id: I0d80dabeb30d92d09edffa503b05d5eef08313dc
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Wed, 1 Apr 2020 23:16:11 +0000 (23:16 +0000)]
udp session vcl: add udp iperf test
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib4bc2ce781887a84055a4d5cdb7f453fc7d52c79
Florin Coras [Thu, 26 Mar 2020 02:45:39 +0000 (02:45 +0000)]
tcp: count zero wnd enqueue attempts
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If22bad96a9102bc4058d52fc8565bd6a14c3c66c
Dave Barach [Wed, 1 Apr 2020 22:04:32 +0000 (18:04 -0400)]
docs: add a timebase precision section
Type: docs
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I47434cb305f291a6221780ff4ee9a2c1bb041286
Dave Barach [Wed, 1 Apr 2020 20:54:00 +0000 (16:54 -0400)]
vppinfra: fix vppinfra test code build
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I921adae4ad797bf80cfcdb05d2a89ace9183a89a
Florin Coras [Sun, 29 Mar 2020 18:54:04 +0000 (18:54 +0000)]
session udp: support connect on listeners
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6aaaec20a2b6d4c6ddfbe659d9402acc1be2f7e2
Dave Barach [Wed, 1 Apr 2020 18:34:39 +0000 (14:34 -0400)]
vppinfra: add tw_timer_2t_2w_512sl variant
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I72cacfb5696dca74335f31415c0df795467615a5
Florin Coras [Wed, 1 Apr 2020 04:31:21 +0000 (04:31 +0000)]
vcl: support sendto for dgrams
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2a0fdced6a3ae262b30cda6a51f1fa96c1d44665
Florin Coras [Wed, 1 Apr 2020 04:05:41 +0000 (04:05 +0000)]
session: allow rx events independnt of state
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ica1d4e149f4750517e0bd3ccf2572f6f15f63622
Florin Coras [Wed, 1 Apr 2020 02:50:13 +0000 (02:50 +0000)]
udp: improvements to cli
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2180e8d5cae6f94a256f3b62950cf66b6ee0e59a
Florin Coras [Wed, 1 Apr 2020 00:11:16 +0000 (00:11 +0000)]
udp: track connection port sharing
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I822ed0596944a554595eb62a45841d216d1ab611
Aloys Augustin [Wed, 1 Apr 2020 17:50:17 +0000 (19:50 +0200)]
session: fix fifos display
This prevents a crash with quic listeners, and enables the display
of udp fifo status.
Change-Id: Ib9f48818ee3e51a3fa43ad8ab175e8aa7750df8f
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Neale Ranns [Tue, 31 Mar 2020 08:25:07 +0000 (08:25 +0000)]
ip: Fix the AH/ESP protocol numbers on the API
Type: fix
this is mainly cosmetic, assuming users use the symbolic names,
since VPP's API types encode/decode functions corrected the values
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iecbb8102aee64b2565a3fc89a30cad73a935269d
Florin Coras [Tue, 31 Mar 2020 01:49:40 +0000 (01:49 +0000)]
udp: validate input data length
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3f34011ca61ded310d0411e7b50548982bd164ac
Alexander Chernavin [Thu, 19 Mar 2020 15:17:52 +0000 (11:17 -0400)]
nat: fix unknown proto translation out2in_ed
An unknown proto packet can be processed as UDP with destination port
rewriting which breaks the original packet.
With this commit, stop processing unknown proto packets after
nat44_ed_out2in_unknown_proto() execution.
Type: fix
Change-Id: Iea93faf3c282f542d5ee7120c15e1027c1e4abc9
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Matthew Smith [Tue, 31 Mar 2020 14:52:17 +0000 (09:52 -0500)]
ipsec: use id in ipsec_tunnel_protect_details
Type: fix
The data populated into an ipsec_tunnel_protect_details message includes
an outbound SA and a list of inbound SAs for a tunnel interface. These
are populated with SA indices. The values used by an API client
to refer to an SA in other messages is the SA id rather than the index.
Use the SA id instead of the index.
Change-Id: Ifaad32801092a7f87bd0dcf19de418d36613f8dd
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Filip Tehlar [Tue, 31 Mar 2020 05:07:48 +0000 (05:07 +0000)]
ikev2: fix crash during peer live check
Fix crash when peer tries to build INFO req before key exchange which
results using NULL key pointers for crypto operations.
Type: fix
Change-Id: I20aaf1ce769e4bfb45235047c2dd38307b4e0b59
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Thu, 13 Feb 2020 07:49:30 +0000 (07:49 +0000)]
ipsec: fix chained ESP
This fixes a special case when buffer chain enters decrypt node
and becomes a single buffer after decryption.
Type: fix
Change-Id: Id5da9e8a074f83ec3561949631ce613f35528312
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Jakub Grajciar [Mon, 30 Mar 2020 06:12:57 +0000 (08:12 +0200)]
vlib: move pci api types from vnet/pci to vlib/pci
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I1a60809a8bbbbb8ac8b65ab990d51aae1229647f
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Damjan Marion [Mon, 30 Mar 2020 14:16:06 +0000 (16:16 +0200)]
rdma: print device info from PCI VPD in 'show hardware' output
Type: improvement
Change-Id: I275bbca17c5a0263b3e017b48aa6ccd8f59bc7c3
Signed-off-by: Damjan Marion <damarion@cisco.com>
Alexander Chernavin [Wed, 25 Mar 2020 14:56:52 +0000 (10:56 -0400)]
ipsec: fix udp-encap in transport mode
Now UDP enacapsulation doesn't work in transport mode with crypto
algorithms that have iv_sz=8 like AES GCM or 3DES CBC. That happens
because the inserted UDP header overlaps with the old IP header and
gets filled before the information from the old IP header can be
copied to a new IP header. The result is a broken packet:
00:03:39:620863: esp4-encrypt-tun
esp: sa-index 3 spi
3464048590 (0xce792fce) seq 31 sa-seq-hi 0
crypto aes-gcm-128 integrity none udp-encap-enabled
00:03:39:620867: adj-midchain-tx
...
00:03:39:620868: ip4-rewrite
...
00:03:39:620869: GigabitEthernet0/8/0-output
GigabitEthernet0/8/0
IP4: 08:00:27:a9:6b:d6 -> 08:00:27:5a:dd:0c
UDP: 10.255.0.10 -> 10.255.0.20
version 0, header length 0
tos 0x80, ttl 63, length 0, checksum 0x653e (should be 0xffff)
dscp CS4 ecn NON_ECN
fragment id 0x0000
UDP: 128 -> 0
length 0, checksum 0x0000
00:03:39:620870: GigabitEthernet0/8/0-tx
GigabitEthernet0/8/0 tx queue 0
...
IP4: 08:00:27:a9:6b:d6 -> 08:00:27:5a:dd:0c
UDP: 10.255.0.10 -> 10.255.0.20
version 0, header length 0
tos 0x80, ttl 63, length 0, checksum 0x653e (should be 0xffff)
dscp CS4 ecn NON_ECN
fragment id 0x0000
UDP: 128 -> 0
length 0, checksum 0x0000
With this commit, fill UDP header after copying the IP headers in
transport mode.
Type: fix
Change-Id: Ie9a6e562aa05a8378114329d6a9ff395189fa6a8
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Florin Coras [Fri, 27 Mar 2020 23:55:06 +0000 (23:55 +0000)]
tcp: reuse session infra for syns and resets
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I71df27049ef0193578f0c42f8f8bbd5c54e4d53e
Florin Coras [Fri, 27 Mar 2020 15:06:07 +0000 (15:06 +0000)]
session udp: flag for connected udp
Type: improvement
This can be used as alternative to udpc
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic3f7efe6728b25d4a8a0b61ddb36de66b4672c4f
Zhiyong Yang [Fri, 27 Mar 2020 13:04:38 +0000 (13:04 +0000)]
vxlan: leverage vlib_get_buffers in vxlan_encap_inline
vlib_get_buffers can save about 1.2 clocks per packet for vxlan encap
graph node on Skylake.
Type: improvement
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Change-Id: I9cad3211883de117c1b84324e8dfad38879de2d2
Zhiyong Yang [Sat, 28 Mar 2020 08:40:25 +0000 (08:40 +0000)]
vppinfra: add support for avx512 alignment version of load and store
Type: improvement
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Change-Id: Idfec9cb9370a8cf4966d3fdfa440496f21e17005
Mohsin Kazmi [Wed, 25 Mar 2020 20:37:16 +0000 (20:37 +0000)]
gso: fix the header parser to read only
Previously, header parser sets the tcp/udp checksum to 0.
It should be read only function for vlib_buffer_t.
Type: fix
Change-Id: I9c3398372f22998da3df188f0b7db13748303068
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Paul Vinciguerra [Fri, 27 Mar 2020 03:40:18 +0000 (23:40 -0400)]
interface: remove mtu clib_warning message from api handler
Type: fix
Change-Id: I85000cce698d44a96adcab7ff6aa37e7dcca51f7
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Fri, 27 Mar 2020 18:41:54 +0000 (18:41 +0000)]
vcl: support for uword segments
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibfe203fda5a0c88b26eb50bee8a430dd2cfb7dca
MathiasRaoul [Fri, 7 Feb 2020 16:29:05 +0000 (16:29 +0000)]
quic: Check quicly version tag at compile time
- updates the quicly version to 0.1.0-vpp
- adds workaround for quicly_send()/assert_consistency() failure
Type: feature
Change-Id: I4c7e0ffc720ad9a685b89046a83646d59febd6cd
Signed-off-by: MathiasRaoul <mathias.raoul@gmail.com>
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Damjan Marion [Fri, 27 Mar 2020 15:57:28 +0000 (16:57 +0100)]
vppinfra: add clib_bihash_get_bucket
Type: improvement
Change-Id: I073bb7bea2a55eabbb6c253b003966f0a821e4a3
Signed-off-by: Damjan Marion <damarion@cisco.com>
Paul Vinciguerra [Mon, 2 Mar 2020 21:10:54 +0000 (16:10 -0500)]
docs ethernet: add docs for ethernet Section
Type: docs
Change-Id: I6ad92b35df3e0fecb1334511625eacf3e3d8925f
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Sun, 1 Mar 2020 06:37:37 +0000 (01:37 -0500)]
docs: minor typos in configuring/startup.rst
Change-Id: I8a6596d7cfa84cb2c5ee2d847395e9cea69c5349
Type: docs
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Fri, 27 Mar 2020 03:11:50 +0000 (23:11 -0400)]
build tests: fix 'test-wipe-papi' target
Fix transposed terms.
Type: fix
Change-Id: Ibc3f5d5d9dbd81c9edf09ae5024c3ac4b1939d03
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Jakub Grajciar [Fri, 27 Mar 2020 05:55:06 +0000 (06:55 +0100)]
acl: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I09fa6c1b6917936351bd376b56c414ce24488095
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Dave Barach [Tue, 24 Mar 2020 13:33:23 +0000 (09:33 -0400)]
docs: document lxd container bootstrap procedure
Type: docs
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I9cfa52637e813f2b990688b35634e3af10c58f6a
Chenmin Sun [Wed, 4 Mar 2020 16:46:57 +0000 (00:46 +0800)]
dpdk: enable DPDK iAVF PMD
This patch adds support for the DPDK iAVF PMD
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I7bb0f621774e4c55b9b7309462e6591ce1b88fb6
Ole Trøan [Thu, 26 Mar 2020 18:08:35 +0000 (18:08 +0000)]
acl: revert acl: api cleanup
This reverts commit
aad1ee149403994194cf37cef4530b042ba7df3a.
Reason for revert: Verify failure. Doesn't build.
Type: fix
Change-Id: I91b1b26ac43edde4853e4561a0083d0b3a06efee
Signed-off-by: Ole Troan <ot@cisco.com>
Jakub Grajciar [Wed, 11 Mar 2020 11:47:32 +0000 (12:47 +0100)]
acl: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: If90d753f129312400c4c3669bb86289d0c3e0d99
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Dave Barach [Thu, 26 Mar 2020 14:56:13 +0000 (10:56 -0400)]
session: fix coverity warning
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ib5da600b7a40f775de7dc5b9aaa8d967e49e8632
Klement Sekera [Tue, 10 Mar 2020 11:32:54 +0000 (12:32 +0100)]
nat: transitory timeout for TCP CLOSED state
Wait transitory timeout seconds before moving internal state of TCP
session to CLOSED state per RFC 7857. This patch implements this
functionality for endpoint-dependent NAT.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
Ryujiro Shibuya [Thu, 26 Mar 2020 07:29:09 +0000 (07:29 +0000)]
svm: correct format_fifo_segment
Type: improvement
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: Ia8aef3695f12e09b087be79ebe40e758fb8105ad
Damjan Marion [Tue, 24 Mar 2020 23:33:56 +0000 (00:33 +0100)]
build: use gcc-8 as default on ubuntu 18.04
Type: improvement
Change-Id: I34c9e95ad9160436cb62dec7a1a2d0ce94602ab7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Tehlar [Wed, 25 Mar 2020 04:08:55 +0000 (04:08 +0000)]
tests: speed up ipsec unit tests execution
... by removing duplicit test cacses.
There is little value in testing ESN flag when no integ algo
is used. This patch removes such test cases.
Type: improvement
Change-Id: Iae5baa1d39ac32a65d1d28ad57771a87962d8bb3
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 25 Mar 2020 02:46:28 +0000 (02:46 +0000)]
ikev2: fix wrong usage of BN_bn2bin()
This patch fixes 2 different crashes:
1) BN_bn2bin() returns bytes written, not actual key length. Use
BN_bn2binpad() instead which adds padding.
2) Initiator may receive multiple sa-init responses for the same ispi
which may result in crash. Remember first response and ignore any
subsequent ones.
Type: fix
Change-Id: Ia1eac9167e3100a6894c0563ee70bab04f6a5f4f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Sat, 7 Mar 2020 20:49:01 +0000 (20:49 +0000)]
ikev2: dead peer detection
Type: feature
Change-Id: Ibc65d739583dc11735f993f4c7e7ee6d3c8f5b0a
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 25 Mar 2020 09:36:32 +0000 (09:36 +0000)]
ikev2: fix gcm in ike protocol
Type: fix
Change-Id: I746b94f494d059d2db5f47638c9f4e6bc4eb4045
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Fri, 13 Mar 2020 04:44:51 +0000 (04:44 +0000)]
session: api to add new transport types
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If4dee6dba1ea942daa921d566b35cdecdda680ee
Florin Coras [Mon, 23 Mar 2020 23:24:19 +0000 (23:24 +0000)]
tcp: avoid updating rcv wnd in resets
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0884bf63db57b4b4dbccf41ab64c030b3fe4dde2
Tetsuya Murakami [Tue, 24 Mar 2020 20:12:13 +0000 (13:12 -0700)]
sr: Change the CLI keyword from address to prefix.
Change the CLI keyword from address to prefix in sr localsid command.
Type: feature
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: Icc3072404a106ab40e829d2d291e5c179a4443a8
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Neale Ranns [Wed, 25 Mar 2020 07:21:09 +0000 (03:21 -0400)]
ip: Adding IP tables is no MP safe
Type: fix
it was marked MP safe in the CLI (which it shouldn't be) but
it it not marked MP safe on the API.
Change-Id: I4bdea498a510a8b406d13d62a899b6d03656f7e8
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Tue, 24 Mar 2020 15:09:41 +0000 (15:09 +0000)]
acl: Add CLI additions
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I172d3d907f324d8cb21e73aa08ef66da029ed365
Damjan Marion [Wed, 25 Mar 2020 10:44:41 +0000 (11:44 +0100)]
avf: fix rx queue refill on buffer alloc failure
If buffer alloc fails, it may happend that rx queue will be stuck
as old code only refills if at least one packet is received.
Type: fix
Change-Id: I388c4f8a9fb2c208bdc222e31b443cbe6b94af82
Signed-off-by: Damjan Marion <damarion@cisco.com>
Klement Sekera [Tue, 24 Mar 2020 11:20:46 +0000 (12:20 +0100)]
nat: fix error counters
Type: fix
Change-Id: I021b1427362f4bdba1c0ebc9863c9143dd6b3cb7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Vladimir Ratnikov [Wed, 18 Mar 2020 12:20:08 +0000 (08:20 -0400)]
map: fix hop limit expiration at br
Before this patch, packet was dropped in ip4-input,
but ip4-map-t node dropped response due to
'security check failed'
This patch checkes if hop_limit==1 and sets error
and next frame and sends icmp6 response correctly
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I85a6af58205b05754ef8c45a94817bb84f915c85
Code Review / vpp.git / log