Pavel Kotucek [Mon, 16 Jan 2017 16:01:56 +0000 (17:01 +0100)]
VPP-540 : pbb tag rewrite details
Extended sw_interface_dump to provide 802.1ah (pbb) tag rewrite info if
present.
Extended log "l2-output" to provide raw data to display result of
prospetive pbb tag rewrite. Tracing is moved after l2output_vtr to show
these changes.
Change-Id: I8b7cb865dc67ce21afab402cc086dac35f7c0f07
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
Jan Gelety [Mon, 20 Feb 2017 11:15:39 +0000 (12:15 +0100)]
Update CSIT tests 170213 -> 170220
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: I815b3ef67f1664f72f68984087413f4c4985f694
Signed-off-by: Jan Gelety <jgelety@cisco.com>
Neale Ranns [Mon, 20 Feb 2017 17:17:02 +0000 (09:17 -0800)]
FIB reset leaves residual routes. Wrong API used to remove the routes meant the lock count on the entry did not drop to zero
Change-Id: I6e2dff8c3c7976fd1c2e4c5258f5dc73123aa9b7
Signed-off-by: Neale Ranns <nranns@cisco.com>
Filip Tehlar [Mon, 20 Feb 2017 16:31:57 +0000 (17:31 +0100)]
LISP: don't show PITR generated mapping in dump call
Change-Id: Iecba818ccf74a4d34e35d498e6f6a1d3c62419f4
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Radu Nicolau [Thu, 16 Feb 2017 13:54:42 +0000 (13:54 +0000)]
dpdk: updated build to automatically download Intel(R) Multi-Buffer Crypto for IPsec Library
Change-Id: I58182edb7b0d314bb6dfa1daf7b00012196fd3e1
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Neale Ranns [Wed, 15 Feb 2017 08:38:27 +0000 (00:38 -0800)]
CLI extension to add multiple (S,G)s at once and time it
Change-Id: Id17060fd0e8ac80c8cf1999b0b82d0241b3b969a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 26 Jan 2017 09:18:23 +0000 (01:18 -0800)]
Python test IP and MPLS objects conform to infra.
Add IP[46] MFIB dump.
Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Wallace [Thu, 16 Feb 2017 16:25:26 +0000 (11:25 -0500)]
make test: save + dump VPP api trace log; VPP-640
Change-Id: I20aacc927f2b04f42b0a7220c4283560b4d2a359
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Neale Ranns [Tue, 14 Feb 2017 09:44:25 +0000 (01:44 -0800)]
Remove duplicate ip6 get interface address code
Change-Id: I5e0057b36bc4221e688a27fc1c0f602f78132991
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Tue, 14 Feb 2017 06:55:57 +0000 (07:55 +0100)]
BFD: put session admin-up/admin-down
Change-Id: I7d8889dce8495607106593ad83320c9af0f2fa07
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Radu Nicolau [Thu, 16 Feb 2017 16:49:46 +0000 (16:49 +0000)]
Implemented IKEv2 initiator features:
- IKE_SA_INIT and IKE_AUTH initial exchanges
- Delete IKA SA
- Rekey and delete Child SA
- Child SAs lifetime policy
To set up one VPP instance as the initiator use the following CLI commands (or API equivalents):
ikev2 profile set <id> responder <interface> <addr>
ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type>
ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type>
ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes>
and finally
ikev2 initiate sa-init <profile id> to initiate the IKE_SA_INIT exchange
Child SA re-keying process:
1. Child SA expires
2. A new Child SA is created using the Child SA rekey exchange
3. For a set time both SAs are alive
4. After the set time interval expires old SA is deleted
Any additional settings will not be carried over (i.e. settings of the ipsec<x> interface associated with the Child SA)
CLI API additions:
ikev2 profile set <id> responder <interface> <addr>
ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type>
ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type>
ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes>
ikev2 initiate sa-init <profile id>
ikev2 initiate del-child-sa <child sa ispi>
ikev2 initiate del-sa <sa ispi>
ikev2 initiate rekey-child-sa <profile id> <child sa ispi>
Sample configurations:
Responder:
ikev2 profile add pr1
ikev2 profile set pr1 auth shared-key-mic string Vpp123
ikev2 profile set pr1 id local fqdn vpp.home.responder
ikev2 profile set pr1 id remote fqdn vpp.home.initiator
ikev2 profile set pr1 traffic-selector remote ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 traffic-selector local ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0
Initiator:
ikev2 profile add pr1
ikev2 profile set pr1 auth shared-key-mic string Vpp123
ikev2 profile set pr1 id local fqdn vpp.home.initiator
ikev2 profile set pr1 id remote fqdn vpp.home.responder
ikev2 profile set pr1 traffic-selector local ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 traffic-selector remote ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 responder TenGigabitEthernet3/0/1 192.168.40.20
ikev2 profile set pr1 ike-crypto-alg aes-cbc 192 ike-integ-alg sha1-96 ike-dh modp-2048
ikev2 profile set pr1 esp-crypto-alg aes-cbc 192 esp-integ-alg sha1-96 esp-dh ecp-256
ikev2 profile set pr1 sa-lifetime 3600 10 5 0
Change-Id: I1db9084dc787129ea61298223fb7585a6f7eaf9e
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Juraj Sloboda [Fri, 17 Feb 2017 01:17:19 +0000 (17:17 -0800)]
Fix handling of ping to SNAT out interface
Change-Id: I322bfb3469b3d0d5b0cac39a6c2dba1c6f83ce3d
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
Radu Nicolau [Thu, 16 Feb 2017 13:43:41 +0000 (13:43 +0000)]
ipsec: changed ipsec-input-ip6 node to be a sibling of ipsec-input-ip4, fixes a problem that occurs with cryptodev ipv6 input.
Change-Id: I1f0c0db45b2aabc243dd785c8d5d5ef990cac903
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Dave Barach [Wed, 15 Feb 2017 14:01:01 +0000 (09:01 -0500)]
l2 input: avoid per-packet trace checks in the fast path
Change-Id: Ib0c8572773499d8dd4d81b3a565c24412ccc3510
Signed-off-by: Dave Barach <dave@barachs.net>
Dave Wallace [Thu, 16 Feb 2017 16:10:09 +0000 (11:10 -0500)]
Fix comment for num-mbufs default in startup.conf
Change-Id: I8bb175cc9673895d4a8856786ecabfd66dd906e9
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Damjan Marion [Thu, 16 Feb 2017 19:16:06 +0000 (20:16 +0100)]
dpdk: quad loop and prefetch in fill_free_list
Change-Id: I19ec3b769b6512f7408044751393d9faf10d01d5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 16 Feb 2017 19:28:35 +0000 (20:28 +0100)]
dpdk: bump to DPDK 17.02
Change-Id: I4563208d97c43a200fcee948db491706a8d3e211
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 16 Feb 2017 19:24:09 +0000 (20:24 +0100)]
ioam: declare export_node instead of defining it in header file
Change-Id: Ib1760312df759c29a2c2220e7b783af311d91d1a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 16 Feb 2017 19:18:27 +0000 (20:18 +0100)]
api: remove debug print in api_main_init
Change-Id: I8f5cf447c131a790e4bbd46ef75063329fec7451
Signed-off-by: Damjan Marion <damarion@cisco.com>
Gabriel Ganne [Wed, 15 Feb 2017 15:55:30 +0000 (16:55 +0100)]
tw_timer_expire_timers() - add a maximum to the number of expiration per call
The idea is to prevent a huge processing burst if, say, the network goes
down 10' for some reason, and so that we don't need to expire 1M timer
sessions on the first call.
The maximum is not an exact value, but a value after which the
expiration process is postponed until the next call.
That way, we don't have to process the same tick twice, nor to unlink
timers once at a time when processing a tick.
The fact that a timer slot could contain many entries should be dealt
with by changing the number of ticks per second.
Change-Id: I892d07f965094102a3d53e7dbf4e6f5ad22d4967
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
Florin Coras [Tue, 14 Feb 2017 07:55:27 +0000 (23:55 -0800)]
Add NSH load-balance and drop DPO
Also adds missing gpe nsh address type functions.
Change-Id: I3353a23c0518da9ce3b221ddf8c5bd0364930154
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 15 Feb 2017 22:16:26 +0000 (14:16 -0800)]
Fix NSH-LISP interface addition
Change-Id: I3925d2ebb2d26c676fc61f118d25bdf7fd522f26
Signed-off-by: Florin Coras <fcoras@cisco.com>
Wojciech Dec [Tue, 14 Feb 2017 15:24:28 +0000 (16:24 +0100)]
Fix crash on deleting previously activated IPv6 interface - VPP-636
RADV Pool index was not getting updated
Change-Id: I2d2f14c56f51034d39049d1c7e13c248180a865f
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Anlu Yan [Wed, 15 Feb 2017 02:07:40 +0000 (18:07 -0800)]
Fix sample plugin breakage.
Add vat_helper_macros.h to be installed in /usr/include/vlibapi
Define a version for the sample plugin (separate from the VPP versioning).
Hook up vnet_main in plugin init.
Change-Id: I293b9dc824d0813ea2bb8747d535e4210a88b385
Signed-off-by: Anlu Yan <ayan@cisco.com>
Juraj Sloboda [Thu, 9 Feb 2017 07:54:21 +0000 (23:54 -0800)]
Add handling of ICMP error packets in SNAT (VPP-629)
Change-Id: I8d2022b7cb3ef3da736c085bccbb5b9c057a8d76
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
Billy McFall [Wed, 15 Feb 2017 14:03:06 +0000 (09:03 -0500)]
VPP-638: 'set interface ipsec key garbage' causes infinite loop
In the CLI parsing of 'set interface ipsec key garbage', the token
'garbage' enters the processing code for the <key>. This enters
unformat_hex_string(..) which looks through the input for 0-9,a-f and
drops out if a non-hex digit is encountered. The problem is that it
returns 1, indicating that input has been processed, but in this case,
no characters have been removed from the input string. This causes the
calling function to go to the top of the loop and process the next
token, which is now the same token and gets stuck in an infinite loop.
Updated unformat_hex_string(..) to return 0 if no characters were
processed.
This funcitons is used in multiple CLI Commands, but most have token
that preceeds the hex string. Since the token is stripped, the CLI
command is able to avoid an infinte loop.
Change-Id: Ib54f04f23c4d3563ec57a2450982d3648cedec0e
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Gabriel Ganne [Wed, 15 Feb 2017 10:37:53 +0000 (11:37 +0100)]
add tw_timer_template.c to vpp devel packages
Change-Id: Ia25a8827ed94877e8fe6c0b2ff6d05c1568eb0e1
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
Gabriel Ganne [Mon, 13 Feb 2017 09:27:15 +0000 (10:27 +0100)]
tw_timer_expire_timers() return the number of expirations
to be used for node statistics
Also fix tw_timer_stop() description
Change-Id: I84b529e330c4534fd55487e7e2b8b089ee68ca11
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
Filip Tehlar [Wed, 15 Feb 2017 15:40:35 +0000 (16:40 +0100)]
LISP: minor enhacements
* use RLOC for IP version detection
* don't check whether RLOC is local when deleting
Change-Id: Icdb84025dd5511eb5348b654bf7b373def15406c
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 15 Feb 2017 12:27:08 +0000 (13:27 +0100)]
LISP: fix deleting src/dst entry from GID dictionary
Change-Id: Ic674cc953b45ddd4811e07821e1a0af28b5f6214
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Matus Fabian [Wed, 15 Feb 2017 07:33:43 +0000 (23:33 -0800)]
SNAT: add static mappings with unresolved external interface address to snat_static_mapping_dump
Change-Id: Ib560b397700fe058ad1e2970989d98e3debf54aa
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Klement Sekera [Tue, 14 Feb 2017 06:11:52 +0000 (07:11 +0100)]
BFD: loop back echo packets
Change-Id: I772b63ac25ebfccaff9ab9d8d0b1445e85f21df7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Juraj Sloboda [Wed, 15 Feb 2017 09:22:30 +0000 (10:22 +0100)]
Fix bug in definition of tcp_header_t
Change-Id: Ic814b805ef77913ffe86f82c009602c75258acfb
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
Billy McFall [Fri, 10 Feb 2017 19:57:24 +0000 (14:57 -0500)]
VPP-279: Document changes for vnet/vnet/devices
Add doxygen documentation for pcap tx trace CLI command.
In the process of adding the documentation, made the following changes
to the way the command worked:
* If there is an error with any of the attributes, the whole command
fails. The existing behavior was to apply attribute by attribute,
then bail if there was an issue, with partial apply.
* Move the 'on' processing to the end. The existing behavior was to
process the 'on' as it was encountered on the commandline. That meant
that any attributes after the 'on' in the commandline were saved and
displayed, but not really being used in the packet trace.
* Enhanced the 'status' to show all the configured attributes.
NOTE: The packet capture has some weird behavior with regards to how
many packets are written to file and if the file is appended or
overwritten. VPP-634 written to document the issue.
Change-Id: Iab241228b125385052de242865afd9515fa2524f
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Klement Sekera [Tue, 14 Feb 2017 02:09:17 +0000 (03:09 +0100)]
BFD: respect remote demand mode
Change-Id: I5063d31f5305c848043afb32fcacff6e61aed79f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Tue, 14 Feb 2017 01:55:31 +0000 (02:55 +0100)]
make test: improve stability
Disable automatic garbage collection and run it manually before
running each test case to minimize stalls. Improve vpp subprocess
cleanup. Reduce helper thread count to one and properly clean that
thread once it's not needed.
Change-Id: I3ea78ed9628552b5ef3ff29cc7bcf2d3fc42f2c3
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Thu, 9 Feb 2017 05:03:46 +0000 (06:03 +0100)]
BFD: set per session UDP source port per RFC
Change-Id: Id294dbbd6499ae8221cc8143e1027adc08866ae6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Shwetha Bhandari [Tue, 14 Feb 2017 05:09:06 +0000 (10:39 +0530)]
Fix coverity issues: ioam
Change-Id: I0963760a7da95612d5cab19596919b369a4d0f8e
Signed-off-by: Shwetha Bhandari <shwethab@cisco.com>
Marek Gradzki [Mon, 13 Feb 2017 13:19:51 +0000 (14:19 +0100)]
Fix is_server flag in vhost dump (VPP-562)
Change-Id: I5b308eb39ae770d58d1498d7fafa49b236b3f534
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Jon Loeliger [Mon, 13 Feb 2017 21:21:12 +0000 (15:21 -0600)]
Fix typo in API warning message.
Change-Id: I51488620a7eeaf7a0edba71437d2b49ae3cf0bf5
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Damjan Marion [Thu, 9 Feb 2017 20:49:06 +0000 (21:49 +0100)]
vhost-user: fix crash when descriptor points to unknown region
This happens only on when compiled for older microarchitectures,
where BSF insutruction is used instead of TZCNT. BSF provides
undefined result if operand is 0.
Change-Id: I7a13350786a533428168595097ef01a560fde53b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Jan Gelety [Mon, 13 Feb 2017 09:34:24 +0000 (10:34 +0100)]
Update CSIT tests 170129 -> 170213
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: I43cc99ea3ad6266b4792a7721968de89b7328306
Signed-off-by: Jan Gelety <jgelety@cisco.com>
AkshayaNadahalli [Fri, 10 Feb 2017 05:24:16 +0000 (10:54 +0530)]
Out-of-tree Build Error fix
File vnet/fib/fib_urpf_list.h was included in vnet/fib/ip6_fib.h but was
exported to be installed in /usr/include/vnet. So out-of-tree builds
relying on an installed package was failing.
Fix is to inlcude fib_urpf_list.h in source file rather than including
it in header file.
Change-Id: Iae39c1d9417dbd31ee67fa1bd2d1915d5e813c73
Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
Jon Loeliger [Thu, 9 Feb 2017 18:17:50 +0000 (12:17 -0600)]
Augment IP_DETAILS, IP_ADDRESS_DETAILS with a few context fields.
When handling the IP_DETAILS and IP_ADDRESS_DETAILS replies,
it is almost certainly going to require having both the is_ipv6
and sw_if_index context to handle them properly. Placing these
values in an essentially global location as the current VAT does
isn't thread-safe. Fruthermore, rather than forcing every
API user to hoop-jump to establish these context values, simply
provide them in their DETAILS reply messages.
Change-Id: I6a9e0cb16ecdbf87fca8fc5c7663e98d3a53c26c
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Florin Coras [Thu, 26 Jan 2017 22:25:34 +0000 (14:25 -0800)]
Basic support for LISP-GPE encapsulated NSH packets
Change-Id: I97fedb0f70dd18ed9bbe985407cc5fe714e8a2e2
Signed-off-by: Florin Coras <fcoras@cisco.com>
AkshayaNadahalli [Thu, 1 Dec 2016 11:03:51 +0000 (16:33 +0530)]
VPP-632 : InBand OAM Analyser
Refer to jira ticket for more details.
Change-Id: I6facb9ef8553a21464f9a2e612706f152badbb68
Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
Dave Barach [Fri, 10 Feb 2017 16:57:46 +0000 (11:57 -0500)]
Update plugin templates
Disguise the string "fd.io coding-style blah blah blah" to avoid spurious
checkstyle failures on the emacs lisp code. DGMS.
Change-Id: I6b88d9588dff7d67c6e509052ae4f32529684de7
Signed-off-by: Dave Barach <dave@barachs.net>
Klement Sekera [Thu, 9 Feb 2017 05:04:36 +0000 (06:04 +0100)]
make test: work around scapy truncated packets
Under stress, it's possible to hit a race condition, when the packet
header is fully written to pcap, but not all packet data - yet.
Scapy is stupid enough to:
1. not detect and report this error, truncating the packet instead
2. continue munching more data from wrong offset
The work around is to scan the file ahead, parse the packet header,
figure out how much data we need, wait for the file to be big
enough, then restore the file position back to where it was
and finally let scapy parse the packet.
Change-Id: I9fc71d3ebdc62ecab6c90b90f177d0eaeb09b8bb
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Neale Ranns [Wed, 8 Feb 2017 17:11:57 +0000 (09:11 -0800)]
Improve MFIB doxygen help
Change-Id: Ie490b7fd5238cbad23f0199161cc14324fd9c554
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Wed, 8 Feb 2017 06:42:08 +0000 (07:42 +0100)]
BFD: minor fixes
Change-Id: I1c93f96a752eb2ffd1117a656552131cde1fa489
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Tue, 7 Feb 2017 06:09:36 +0000 (07:09 +0100)]
make test: BFD tests speedup
Change-Id: I0b3064a311f28ebf7cd9db0a59cb04c7c25c9d58
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Thu, 2 Feb 2017 05:58:07 +0000 (06:58 +0100)]
BFD: modify session parameters
Change-Id: I666e5c0cc71a3693640960c93cdd1907f84fbe23
Signed-off-by: Klement Sekera <ksekera@cisco.com>
AkshayaNadahalli [Tue, 7 Feb 2017 18:29:54 +0000 (23:59 +0530)]
Fix source address reachability check for ip6 local packets
Currently ip6 local check fails with error - source lookup miss if
route to source of packet is over a dpo object such as load balance -
recurssive route, tunnel adj - GRE, SR etc.
So unless packet source is of a directly connected neibhor or has
route with both interface and nexthop specified, it will be dropped.
Fix is to check urpf list and if at least one link exists in the list,
then allow packets to be processed, else drop.
Change-Id: Id426311bb63bab506754a79409c602fdb6d0f190
Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
Ole Troan [Tue, 7 Feb 2017 10:22:33 +0000 (11:22 +0100)]
VPP-630: Null pointer dereferences in vlib/unix/plugin.c
Change-Id: Iafb071c684a43e21925e3a43019cd86372347898
Signed-off-by: Ole Troan <ot@cisco.com>
Damjan Marion [Mon, 6 Feb 2017 21:28:52 +0000 (22:28 +0100)]
Multiple platofrm support for dpdk/Makefile, fix optimizations
Using -march=native was causing SIGILLs on Atoms.
Change-Id: I98c7fdaa139e3db70c972950dc9c167bf5803656
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Tehlar [Tue, 7 Feb 2017 12:29:47 +0000 (13:29 +0100)]
Fix M(), M2() macros in VAT
Change-Id: I76593632cde97f7cb80bbc395735404f39f3bd3f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Fri, 3 Feb 2017 09:17:49 +0000 (10:17 +0100)]
LISP: reject remote mappings that have as locators local IPs
Change-Id: Ifaf46554e45557ebf82009d9c46a9e905a46f884
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Dave Barach [Mon, 6 Feb 2017 14:28:03 +0000 (09:28 -0500)]
Add pool_get[_aligned]_will_expand(...)
Change-Id: Iefffcf7843dc11803d69a875a72704a2543911a1
Signed-off-by: Dave Barach <dave@barachs.net>
Klement Sekera [Fri, 3 Feb 2017 06:29:43 +0000 (07:29 +0100)]
make test: improve test filtering
Implement fine-grained test filtering by supporting more complicated
filters beside the original file name suffix filter.
Change-Id: If5a166d08cffe8c58cc6cf174e6df861c34dbaa6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Damjan Marion [Sun, 5 Feb 2017 22:44:42 +0000 (23:44 +0100)]
vlib: remove algned/unaligned buffers scheme
Change-Id: I4433eaed3f4e201edc329c4842cbbf74beb19a9a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Klement Sekera [Fri, 3 Feb 2017 07:18:53 +0000 (08:18 +0100)]
make test: fix dependencies
checkstyle - doesn't need scapy/pexpect, remove it
doc - scapy wasn't patched properly, fix it
Change-Id: I65202cb14edeb239d21ce10f17d9b4fccce43d62
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Matus Fabian [Mon, 6 Feb 2017 06:14:41 +0000 (22:14 -0800)]
SNAT: fix snat_add_static_mapping_command() uninitialized variable
Change-Id: I7775dd3b90d5a3449650c3102e24bfedd770beb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Matus Fabian [Mon, 6 Feb 2017 06:45:57 +0000 (22:45 -0800)]
SNAT: initialize outside and inside FIB index in snat_config
Change-Id: If26d758997d71792cedad1afae8d6a38cfd364ac
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Gabriel Ganne [Sat, 4 Feb 2017 09:51:04 +0000 (10:51 +0100)]
fix some 'stored but never read' warnings raised by clang
found by `scan-build make plugins-release`
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
Change-Id: I52048e3a8ae3fb85eb3d91f6a5e15216dd7b9baa
Dave Barach [Fri, 3 Feb 2017 16:58:53 +0000 (11:58 -0500)]
Wheel-timer infra
Change-Id: I5499dd6b768425a56936afae50bd578620c83d30
Signed-off-by: Dave Barach <dave@barachs.net>
Neale Ranns [Sun, 5 Feb 2017 17:12:02 +0000 (09:12 -0800)]
Test checksyle for IP mcast tests
Change-Id: I20b61b7e63f74b4656d84717633e06646514c5eb
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Tue, 31 Jan 2017 16:29:33 +0000 (17:29 +0100)]
dpdk: move to uio_pci_generic
Change-Id: I3d8b7947ae6d721e9b514a59a7d2de49aed419b5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 3 Feb 2017 20:16:16 +0000 (21:16 +0100)]
pg: add trace information for pg tx node
Change-Id: I31730d58c34331f25f5b02cd065be94251f1302c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Steven [Fri, 3 Feb 2017 17:30:37 +0000 (09:30 -0800)]
vhost-user: fix missing speculative enqueue unwind
Running trex in a VM with a bad config, trex sent a bogus pack from
the VM to the Virtual interface. It caused a crash.
Change-Id: I64d0197b444265553ab4c24f21e6a962e89cb587
Signed-off-by: Steven <sluong@cisco.com>
Matej Klotton [Fri, 3 Feb 2017 13:48:18 +0000 (14:48 +0100)]
Fix CLI help message for set ip address
Change-Id: Ie39bb26a9aea88cf2768ec537adcdd8df1de3be0
Signed-off-by: Matej Klotton <mklotton@cisco.com>
Neale Ranns [Fri, 3 Feb 2017 14:14:49 +0000 (06:14 -0800)]
pep8 compliance for test_ip6.py
Change-Id: If29a1eba3e7056903978de782c062589bec0137e
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 3 Feb 2017 12:34:01 +0000 (04:34 -0800)]
Next node frame over-flow after replication
Change-Id: I25077dd0739787de4f7512e5a70a62e8c34c28e4
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Mon, 23 Jan 2017 20:13:45 +0000 (21:13 +0100)]
Plugin infrastructure improvements
This patch replaces requirement for vlib_plugin_register function
in the plugin so file and introduces new macro:
VLIB_PLUGIN_REGISTER () = {
.version = "version string",
.version_required = "requred version",
.default_disabled = 1,
.early_init = "early_init_function_name",
};
Plugin will nor be loaded if .default_disabled is set to 1
unless explicitely enabled in startup.conf.
If .verstion_required is set, plugin will not be loaded if there
is version mismatch between plugin and vpp. This can be bypassed
by setting "skip-version-check" for specific plugin.
If .early-init string is present, plugin loader will try to resolve
this specific symbol in the plugin namespace and make a function call.
Following startup.conf configuration is added:
plugins {
path /path/to/plugin/directory
plugin ila_plugin.so { enable skip-version-check }
plugin acl_plugin.so { disable }
}
Change-Id: I706c691dd34d94ffe9e02b59831af8859a95f061
Signed-off-by: Damjan Marion <damarion@cisco.com>
Matus Fabian [Fri, 3 Feb 2017 09:35:55 +0000 (01:35 -0800)]
SNAT: fix invalid outside FIB index
Change-Id: Ia5d3d81cbc2ef85fabf9e19c89a52c589a921d14
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Matus Fabian [Thu, 2 Feb 2017 09:43:00 +0000 (01:43 -0800)]
SNAT: Port allocation per protocol
Ports are allocated per protocol (UDP, TCP, ICMP)
1:1 NAT with port is configured for specific protocol
Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Marco Varlese [Thu, 2 Feb 2017 20:33:09 +0000 (21:33 +0100)]
Added support for openSUSE
Change-Id: I64a0eeaa066adb70dfaeb33641d0336ddac18cf0
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
Jon Loeliger [Wed, 1 Feb 2017 19:09:58 +0000 (13:09 -0600)]
Remove unnecessary block structure around CONTROL_PING messages.
Now that the M() and S() macros accept a message parameter, there
is no longer a need to introduce a new block structure around the
CONTROL_PING messages just to have a new unbound "mp" variable.
Instead, just use one named "mp_ping" directly.
Change-Id: I6b283562bb6eec25806e3d35c35b977680ecd1dd
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Jon Loeliger [Wed, 1 Feb 2017 18:31:41 +0000 (12:31 -0600)]
Refactor fragile msg macro W and W2 to not burry return control flow.
Instead, have them accept and assign a return paramter leaving
the return control flow up to the caller. Clean up otherwise
misleading returns present even after "NOT REACHED" comments.
Change-Id: I0861921f73ab65d55b95eabd27514f0129152723
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Jon Loeliger [Tue, 31 Jan 2017 21:27:19 +0000 (15:27 -0600)]
Localize the timeout variable within the W message macro.
Rather than rely on an unbound variable, explicitly introduce
the timeout variable within the 'do { ... } while (0)' construct
as a block-local variable.
Change-Id: I6e78635290f9b5ab3f56b7f116c5fa762c88c9e9
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Jon Loeliger [Tue, 31 Jan 2017 20:03:33 +0000 (14:03 -0600)]
Convert message macro S to accept a message pointer parameter;
Rather than blindly assume an unbound, fixed message parameter
explicilty pass it as a paramter to the S() macro.
Change-Id: Ieea1f1815cadd2eec7d9240408d69acdc3caa49a
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Jon Loeliger [Tue, 31 Jan 2017 19:47:08 +0000 (13:47 -0600)]
Convert M() and M2() macros to honor their second, mp, parameter.
Now that all the M() and M2() uses properly supply a message
pointer as second parameter, fix the macros to use it.
Change-Id: I0b8f4848416c3fa2e06755ad6ea7171b7c546124
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Jon Loeliger [Tue, 31 Jan 2017 19:19:40 +0000 (13:19 -0600)]
Ensure all M() and M2() second parameters are the message pointer.
Rather than maintain (?) an unused second parameter, t, and pull
an unbound message pointer, mp, out of context, explicitly list
the message pointer as the second parameter.
Change-Id: I92143efda6211cdf6b935470f8c71579742a6b64
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Neale Ranns [Thu, 2 Feb 2017 10:18:18 +0000 (02:18 -0800)]
Fix SR multicast post mfib commit
1 - use the SR policy to construct the replicate DPO. Each bucket therein is a SR tunnel.
2 - install a special mfib entry that links via this replicate
3 - forwarding is now mfib-lookup -> replicate -> sr_rewrite (per-tunnel)
no need for a separate sr_replicate node.
4 - Stack the sr tunnel on the forwarding DPO of the first-hop FIB entry.
no need for a second lookup post SR encap.
5 - fix some path-list lock leaks in the MFIB entry.
Change-Id: I20de96ea4c4be4fae252625bde159d9c435c8315
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Wallace [Fri, 27 Jan 2017 02:42:00 +0000 (21:42 -0500)]
Update default Vagrant box to Ubuntu 16.04, VPP-616
- Make puppetlabs/ubuntu-16.04-64-nocm the default box
- Enable x11 forwarding
- Install x11-utils required for emacs to work over X11
- Refactor run.sh
- Add VPP_VAGRANT_POST_BUILD environment variable to
allow selection of installing VPP or run "make test".
- Fix dependencies in src/vppapigen.am
Change-Id: I0ec054fdc83feb71ca8396df53ed02bf82ecd7e7
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Steve Shin [Tue, 31 Jan 2017 21:38:08 +0000 (13:38 -0800)]
ENIC driver patch to fix MAC address add and remove
The mac_addr_add callback function was simply replacing the primary MAC
address instead of adding new ones and the mac_addr_remove callback would
only remove the primary MAC form the adapter. Fix the functions to add or
remove new address. Allow up to 64 MAC addresses per port.
Change-Id: Ieff396ae27505c4c09f028911eff907757b03c7d
Signed-off-by: Steve Shin <jonshin@cisco.com>
Klement Sekera [Mon, 9 Jan 2017 06:43:48 +0000 (07:43 +0100)]
BFD: SHA1 authentication
Add authentication support to BFD feature. Out of three existing
authentication types, implement SHA1 (sole RFC requirement). Simple
password is insecure and MD5 is discouraged by the RFC, so ignore
those.
Add/change APIs to allow configuring BFD authentication keys
and their usage with BFD sessions.
Change-Id: Ifb0fb5b19c2e72196d84c1cde919bd4c074ea415
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Wed, 18 Jan 2017 08:44:36 +0000 (09:44 +0100)]
BFD: improve finding of ipv4/ipv6 headers
Avoid coverity warning and improve safety by declaring a helper
structure and working with it when searching for ip headers.
Make sure the content following IPv6 header is actually UDP before
parsing it. Bail out if unexpcted IPv6 header found ...
Change-Id: I1c6b9fd42d6fdae226f12c91c53c07a932b29522
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Sergio Gonzalez Monroy [Wed, 1 Feb 2017 15:23:12 +0000 (15:23 +0000)]
dpdk: fix crypto coverity warning
Change-Id: I165b64fdc12dd2936df1958348e93b709ce0e784
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Matus Fabian [Wed, 1 Feb 2017 06:20:30 +0000 (22:20 -0800)]
SNAT: changed source for outbound address FIB entry (VPP-613)
Use FIB_SOURCE_PLUGIN_HI and modify ARP input to use non-source variants for
flags and resolving interface get.
Change-Id: I3bab76f36e0b1ee86e430a416099f1654e02740a
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Filip Tehlar [Wed, 1 Feb 2017 07:50:31 +0000 (08:50 +0100)]
LISP: enhance binary part of some APIs
Remote mapping and locator set binary APIs uses zero length arrays
defined as 'u8 array[0]' in .api file.
This path will change such cases to form 'type_t array[count];'
in order to enhance maintainability.
Change-Id: I98d0252b441020609c550d48186ed0d8338a3f2d
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Eyal Bari [Wed, 1 Feb 2017 11:36:15 +0000 (13:36 +0200)]
VXLAN: further unify ip4/ip6 ctl plane handling
fix wrong udp error codes in decap ip6 handling
Change-Id: Ibf791a995128d38b31725c1ee67ec9d1c9dffca2
Signed-off-by: Eyal Bari <ebari@cisco.com>
Ed Warnicke [Thu, 2 Feb 2017 00:08:51 +0000 (16:08 -0800)]
Fix issue with apt-get update not being run on Ubuntu 16.04
Change-Id: Ic05b86c4ea9b62afbf03a2a36c4a2ef45f5c140b
Signed-off-by: Ed Warnicke <eaw@cisco.com>
Klement Sekera [Wed, 18 Jan 2017 08:56:00 +0000 (09:56 +0100)]
BFD: reformat code to match vpp code style
Change-Id: I40deb8b40f5d3a96d2c0dcb400f489cd05a64348
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Dave Barach [Wed, 4 Jan 2017 22:24:32 +0000 (17:24 -0500)]
Prep work for Coverity upload processing via Jenkins
Change-Id: I2575d780d19e12ddf8a77e5596e5d7cc3dbf4233
Signed-off-by: Dave Barach <dave@barachs.net>
Matus Fabian [Fri, 27 Jan 2017 08:47:58 +0000 (00:47 -0800)]
SNAT: Add outbound addresses to FIB (VPP-613)
Add the external NAT address to the FIB as receive entries.
This ensures that VPP will reply to ARP for these addresses and we don't need
to enable proxy ARP on the outside interface.
Change-Id: I1db153373c43fec4808845449a17085509ca588c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Jan Gelety [Mon, 30 Jan 2017 10:44:09 +0000 (11:44 +0100)]
Update CSIT tests 170122 -> 170129
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: I8293091fda82de587cba0b3bd2f8490d74c001a5
Signed-off-by: Jan Gelety <jgelety@cisco.com>
Marek Gradzki [Tue, 31 Jan 2017 12:25:53 +0000 (13:25 +0100)]
jvpp: fix coverity warn: reliance on default encoding
Change-Id: I8333b7d19ebdacac5445b4505750dd0a46764b36
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Eyal Bari [Sun, 29 Jan 2017 10:40:50 +0000 (12:40 +0200)]
VXLAN: small changes for brevity
Change-Id: I9cfff0196845c6f1161848aa49442aa4df81b20e
Signed-off-by: Eyal Bari <ebari@cisco.com>
Neale Ranns [Mon, 30 Jan 2017 14:44:58 +0000 (06:44 -0800)]
MFIB Coverity warnings. The lock macro is functionally equivalent but more expressive (and might appease coverity)
Change-Id: Ie3c9b2896a487a0302903bfbdd6348f6f091c67d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Steve Shin [Mon, 30 Jan 2017 21:27:26 +0000 (13:27 -0800)]
Bump up PKG_SUFFIX to vpp3
Change-Id: Ib5e95d5e5a3da5fb395b26177f7dd17e90afd69d
Signed-off-by: Steve Shin <jonshin@cisco.com>
Code Review / vpp.git / log