Andrew Yourtchenko [Fri, 17 Nov 2017 13:38:18 +0000 (14:38 +0100)]
ACL based forwarding
A poor man's flow switching or policy based rounting.
An ACL is used to match packets and is associated with a [set of] forwarding paths
that determine how to forward matched packets - collectively this association is a
'policy'.
Policies are then 'attached', in a priority order, to an interface when thaey are
encountered as an input feature. If a packet matches no policies it is forwarded
normally in the IP FIB.
This commit is used to test the "ACL-as-a-service" functionality,
which currently compiles, and the existing traffic ACL tests pass in both hash and linear modes.
Change-Id: I0b274ec9f2e645352fa898b43eb54c457e195964
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Ole Troan <ot@cisco.com>
Klement Sekera [Tue, 17 Apr 2018 15:48:30 +0000 (17:48 +0200)]
VPP-1243: fix reassembly CLI
Change-Id: Ie20aaf0eb1a5a338a54f0de4d6da661431be5163
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Tue, 17 Apr 2018 09:36:55 +0000 (11:36 +0200)]
make test: ipsec test cleanup
Change-Id: If813346b665468b25aaf5d95629bcad87212aa3e
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Steven [Tue, 17 Apr 2018 15:50:28 +0000 (08:50 -0700)]
vhost: show vhost-user <interface> may crash [VPP-1242]
show vhost-user <interface> may cause a crash if interface is semi-bogus.
Semi-bogus means it is a known vpp interface which has a hw_if_index, but
it is bogus because it is not a vhost-user interface.
The fix is to add a check to reject non vhost-user interface for the
command.
Change-Id: I63f1e8bfbf46f5ec4c30f9fb3546982b63cd7cc5
Signed-off-by: Steven <sluong@cisco.com>
Marco Varlese [Tue, 17 Apr 2018 14:41:51 +0000 (16:41 +0200)]
SCTP: coverity scan warnings
This patch addresses 182346, 182347, 182353.
Change-Id: I59c3d74bd3a2122b836c93e22ddb632fa032f7fe
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
Eyal Bari [Thu, 12 Apr 2018 09:39:51 +0000 (12:39 +0300)]
vxlan:remove counters writeback cache
+refactor decap loop to remove repetitions and goto's
slightly improves performance in scale (3k-4k tunnels) tests (7-9 clocks)
slightly deteriorates performance in single tunnel tests (3-4 clocks)
Change-Id: I1a64ed0279c00481b61a162296c5a30f58bf29c4
Signed-off-by: Eyal Bari <ebari@cisco.com>
Andrew Yourtchenko [Tue, 17 Apr 2018 09:40:54 +0000 (11:40 +0200)]
acl-plugin: VPP-1241: fix the "show acl-plugin tables applied" output
It is a relatively rarely used low level command for code that didn't change,
but due to infra changes it did not survive. Having it working may be very
useful for corner-case debugging. So, fix it for working with
the acl-as-a-service infra.
Change-Id: I11b60e0c78591cc340b043ec240f0311ea1eb2f9
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit
18bde8a579960aa46f43ffbe5c2905774bd81a35)
Jakub Grajciar [Mon, 16 Apr 2018 08:39:24 +0000 (10:39 +0200)]
igmp: fix debug macro
Change-Id: I071d4cfcf6ea9763dd4842a3594c486a8e400e8c
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Ed Kern [Tue, 3 Apr 2018 02:12:32 +0000 (20:12 -0600)]
Makefile: Removed clang build from verify
Removed clang build from main verify since that will be driven
in a seperate job going forward
Change-Id: I6efcad0b99fcc6babc4a7eb1475c99816f2cf175
Signed-off-by: Ed Kern <ejk@cisco.com>
John Lo [Fri, 13 Apr 2018 20:46:22 +0000 (16:46 -0400)]
Implement ip_probe_neighbor API
Add API support similar to VPP CLI "ip probe-neighbor" except API
call is asynch and will not wait, as the CLI does, for address
resolution of probed neighbor. The API client can use the APIs
want_ip4_arp_events or want_ip6_nd_events to get notified of the
desired address resolution event.
Change-Id: Ieab58abe75b5cc7f5185b3b91418b6362f8992d3
Signed-off-by: John Lo <loj@cisco.com>
Florin Coras [Fri, 13 Apr 2018 13:39:07 +0000 (06:39 -0700)]
session: use generic session pool for listeners
Change-Id: I825f3822910a6ee368b9004e39ca16ac6833e30c
Signed-off-by: Florin Coras <fcoras@cisco.com>
Steven [Wed, 30 Aug 2017 21:36:45 +0000 (14:36 -0700)]
vhost: add vhost interface add/delete/dump API test cases to make test
The vhost binary APIs for add/delete/dump interface were available long ago.
But no unit tests were ever added in make test. This patch is to retrofit
the missing unit tests.
Change-Id: I489521b5ae359a1168ac5880a1f13a5f7e93ce4a
Signed-off-by: Steven <sluong@cisco.com>
Damjan Marion [Fri, 13 Apr 2018 17:43:39 +0000 (19:43 +0200)]
Revert "MTU: Setting of MTU on software interface (instead of hardware interface)"
This reverts commit
70083ee74c3141bbefb185525315f1b34497dcaa.
Reverting as this patch is causing following crash:
0: /home/damarion/cisco/vpp3/build-data/../src/vnet/devices/devices.h:131 (vnet_get_device_input_thread_index) assertion `queue_id < vec_len (hw->input_node_thread_index_by_queue)' fails
Aborted
Change-Id: Ie2a365032110b1f67be7a9d832885b9899813d39
Signed-off-by: Damjan Marion <damarion@cisco.com>
Andrew Yourtchenko [Fri, 13 Apr 2018 11:41:21 +0000 (13:41 +0200)]
acl-plugin: VPP-1239: acl-as-a-service does not match IPv6 packets, works only in lookup context 0
In process of extracting the matching out of the ACL plugin internals,
a couple of pieces setting the miscellaneout fields in the 5tuple structure
did not make it, so they are initialized to zeroes. Move the assignments
to the right place to make both traffic acls and acl-as-a-service working.
Change-Id: I66a7540a13b05113b599f0541999a18fad60385d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit
d3b96ef0d75889f09dc51efb89e5123cdbe7ffe8)
Juraj Sloboda [Fri, 13 Apr 2018 10:00:46 +0000 (12:00 +0200)]
NAT66: Do not translate if packet not aimed at outside interface
Change-Id: Id5a2a90d81cc9cb87cb6fb89ac2f4ca3cbcb51e2
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
Neale Ranns [Fri, 13 Apr 2018 10:01:25 +0000 (03:01 -0700)]
VOM: GBP: update subnet is type changes
Change-Id: Ic04f419b9c09be34afc390e672793180d56c4665
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Ole Troan [Tue, 27 Mar 2018 12:48:39 +0000 (14:48 +0200)]
MTU: Setting of MTU on software interface (instead of hardware interface)
Change-Id: I98bd454a761a1032738a21edeb0fe847e801f901
Signed-off-by: Ole Troan <ot@cisco.com>
Neale Ranns [Wed, 4 Apr 2018 16:34:50 +0000 (09:34 -0700)]
GBP V2
update the GBP plugin to implement the full NAT feature set of opflex agent
Change-Id: Ic06a039c889445ed0b9087fa1f292634192b0f8d
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Steven [Fri, 13 Apr 2018 02:36:19 +0000 (19:36 -0700)]
bond: ping fails between l2 BD [VPP-1238]
In dpdk based bonding, when the bond interface is configured for l2,
it automatically sets the bond interface to promiscuous mode and sets rx
redirect to ethernet-input. This allows traffic to be bridged to
non compute node facing interface when it is received from the compute
node interface.
For native vpp bonding, we need to do similar things. When the bond interface
is configured for l2, we set the slave interfaces to promiscuous mode
and set rx redirect to ethernet-input because dpdk does not know anything
about the bond interface. Likewise, when a new interface is enslaved, we also
need to do the same thing if the bond interface has already been configured
for l2.
Change-Id: I7e168008e8a4221be74929b2a20e6db0ce8f3110
Signed-off-by: Steven <sluong@cisco.com>
Jan Gelety [Mon, 27 Feb 2017 09:46:14 +0000 (10:46 +0100)]
Enable check of VRF reset - IPv4
Change-Id: I60818a22f543f9a3c3f62f9c67f5e4239e5b045a
Signed-off-by: Jan Gelety <jgelety@cisco.com>
Keith Burns (alagalah) [Fri, 23 Mar 2018 20:42:49 +0000 (13:42 -0700)]
VCL IOEvent external API callback
Change-Id: I417357b00c43b27872aa3f681335bdc1ef574eca
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Neale Ranns [Thu, 12 Apr 2018 15:10:38 +0000 (11:10 -0400)]
export new VOM hpp post 11648
Change-Id: I3e670c22b3b8a674c98ff30eb093c5c6ab873e53
Signed-off-by: Neale Ranns <nranns@cisco.com>
Jakub Grajciar [Thu, 12 Apr 2018 11:56:29 +0000 (13:56 +0200)]
libmemif: fix clang compilation errors/warnings
Change-Id: I09444281a932d367162a10b90c3759db71c03350
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Neale Ranns [Fri, 6 Apr 2018 16:18:11 +0000 (09:18 -0700)]
Fixes for 'make UNATTENDED=yes CC=clang CXX=clang verify'
Change-Id: I994649761fe2e66e12ae0e49a84fb1d0a966ddfb
Signed-off-by: Neale Ranns <nranns@cisco.com>
Mohsin Kazmi [Thu, 5 Apr 2018 12:43:43 +0000 (14:43 +0200)]
vom: Fix the itf stats replay
Change-Id: Iedc6bbaa1c0a1c3c6e1b8ed6d67db28046a551f4
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Andrey "Zed" Zaikin [Thu, 12 Apr 2018 09:14:02 +0000 (12:14 +0300)]
fixes python3 TypeError; python2 intact
exception in vpp_api.vac_write():
"TypeError: initializer for ctype 'char *' must be a bytes or list or
tuple, not str"
Change-Id: Ib6bcfb86e6e36c557174979a110113af689c6754
Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
Steven [Wed, 11 Apr 2018 22:32:15 +0000 (15:32 -0700)]
bond: 1 packet/frame == bad performance [VPP-1236]
While https://gerrit.fd.io/r/#/c/11316/ took care of 1 packet/frame for
most of the bonding modes, it missed the broadcast mode. This patch is
to fix the 1 packet/frame for the broadcast mode.
Change-Id: Iac48a2977c7f702f341479cc712a6448090dbc60
Signed-off-by: Steven <sluong@cisco.com>
Juraj Sloboda [Wed, 11 Apr 2018 10:54:12 +0000 (12:54 +0200)]
NAT: disable CLI/API not supported in active mode (VPP-1234)
When in deterministic mode disable nondeterministic CLI/API.
When not in deterministic mode disable deterministic CLI/API.
Change-Id: Ibf485c14612297e51d3815a6fde541542c8fe7ab
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
Matthew Smith [Tue, 10 Apr 2018 20:29:55 +0000 (15:29 -0500)]
Handle DHCP replies with NAT44 forwarding enabled
When NAT44 forwarding is disabled, if a DHCP server-to-
client packet arrives on an outside interface, it is
handled correctly by setting the next node to the next
feature on the ip4-unicast feature arc, where it can be
processed.
When NAT44 forwarding is enabled, if a DHCP server-to-
client packet arrives, it is not handled any differently
than other packets and ends up going to ip4-lookup
which results in the packet being dropped.
Move the check for DHCP server-to-client packets outside
of the block that is executed if forwarding is disabled so
DHCP replies will be processed in either case.
Change-Id: Ia795cce3fd459f3252c2c17d53bb88ceaeaafca4
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Ole Troan [Wed, 11 Apr 2018 07:50:03 +0000 (09:50 +0200)]
VPPAPIGEN: Consistent CRC32 on complete file.
Prior to this fix vppapigen would just do a crc32 on the Python representation
of the file as a set of dictionaries. That of course was not a good idea.
Change-Id: Ie454736ffec02fa4679ab27e684b1d6c6406a0f1
Signed-off-by: Ole Troan <ot@cisco.com>
Dave Barach [Tue, 10 Apr 2018 15:00:50 +0000 (11:00 -0400)]
Clean up temp dir in failure cases
Change-Id: Icfb99a09726c01e96ff14967afbafa4116e02eff
Signed-off-by: Dave Barach <dbarach@cisco.com>
Andrey "Zed" Zaikin [Mon, 9 Apr 2018 13:42:42 +0000 (16:42 +0300)]
fix: sample vpp-api C client hangs vpp daemon because of NULL callback
Change-Id: I686254b332a4527cb0cad3c5c0a17ea4c9f40e1d
Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
Matus Fabian [Wed, 11 Apr 2018 07:36:57 +0000 (00:36 -0700)]
NAT44: fix setting of flag SNAT_SESSION_FLAG_LOAD_BALANCING (VPP-1235)
Change-Id: Ieeafb41d10959700bfd434cd455800af31944150
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Andrew Yourtchenko [Mon, 9 Apr 2018 19:46:20 +0000 (21:46 +0200)]
acl-plugin: VPP-1231: add error checking to acl_plugin_set_acl_vec_for_context
The users of ACL lookup contexts might not check the data they supply,
so do it on their behalf in this function, and return an error if
an ACL does not exist or if they attempt to apply the same ACL twice.
Change-Id: I89d871e60f267ce643f88574c83baf9cd0a2d7b3
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit
e5cbccf35f4d230afafa633abbc88e64ef33d758)
Andrew Yourtchenko [Mon, 9 Apr 2018 19:08:33 +0000 (21:08 +0200)]
acl-plugin: VPP-1230: fix the "undefined symbol" error for acl_main when using the inline functions
The acl_main struct, which is defined in the acl_plugin, is not visible when
the ACL plugin inline code is being compiled within the context of other plugins.
Fix that by using the global pointer variable, which exists in both the ACL plugin
context and is set in the context of the external plugins using ACL plugin.
Change-Id: Iaa74dd8cf36ff5442a06a25c5c968722116bddf8
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit
1286a15a6e60f80b0e1b349f876de8fa38c71368)
Damjan Marion [Tue, 10 Apr 2018 18:45:55 +0000 (20:45 +0200)]
dpdk: fail in early init if we cannot alloc hugepages
Change-Id: If536ae142dc0109b587d92981d337bc6f15e070a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Chris Luke [Tue, 10 Apr 2018 19:19:54 +0000 (15:19 -0400)]
test: Fix issues with new version of pycodestyle (VPP-1232)
- Ignore warnings W504 (newline after binary operator) which otherwise
occurs a significant number of times.
- Fix two instances of lines >79 chars.
Change-Id: I8cef56f8afc237187995e638e610c8c0554e2bb5
Signed-off-by: Chris Luke <chrisy@flirble.org>
Ed Kern [Fri, 6 Apr 2018 20:52:54 +0000 (14:52 -0600)]
Makefile: Added new ifeq to cover opensuse leap15
So current makefile covers opensuse tumbleweed and
current opensuse leap 12.3. Neither of these cover
new leap 15 package naming. Cannot only use Name
or ID do to release differences.
Change-Id: I7ffcabb3a5af5b0789ba827209355050f6dc5204
Signed-off-by: Ed Kern <ejk@cisco.com>
ahdj007 [Wed, 7 Mar 2018 03:05:35 +0000 (11:05 +0800)]
when deleting l3 static mapping with addr_only,
lb session with the same user maybe deleted.
Change-Id: Ie58579cf4f8babb594f3c44aa185720134c58c3d
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
Radu Nicolau [Fri, 6 Apr 2018 11:12:21 +0000 (12:12 +0100)]
CSIT-895 dpdk/ipsec: add locks on session data hash updates
Change-Id: I6400b77de388c01e85209e5dc5f11ccafb79a459
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Francois Clad [Mon, 9 Apr 2018 10:12:50 +0000 (12:12 +0200)]
srv6-ad: fixing cache size issue
Change-Id: Iaadfbc75832e37ae52511b25448da14116214fc1
Signed-off-by: Francois Clad <fclad@cisco.com>
Matthew Smith [Mon, 9 Apr 2018 16:49:20 +0000 (11:49 -0500)]
Make IPsec tunnel intf work with IPv4 output features
With no IPv4 output features on an IPsec tunnel inferface,
when packets are forwarded to that interface, they reach
the ipsec-if-output node via the output_node_index on the
hw interface and they are handled correctly.
When an IPv4 output feature (e.g. output ACL, outbound
NAT) is enabled on an IPsec tunnel interface, outbound
IPsec stops working for that interface. The last node in
the ip4-output feature arc is interface-output. From there
a packet is sent to ipsec<N>-output, and then ipsec<N>-tx.
The tx function for an IPsec tunnel interface that is
called by ipsec<N>-tx is a dummy that doesn't do anything
except write a warning message.
Enable a feature on the interface-output feature arc for
an IPsec tunnel interface so the ipsec-if-output node is
reached from the interface-output node.
Change-Id: Ia9c73d3932f5930ec7ce0791a0375b1d37148b01
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Damjan Marion [Mon, 9 Apr 2018 18:59:53 +0000 (20:59 +0200)]
features: don't break linked list, create separate one for arc
We need to keep original linked list so destructire can remove entries.
Change-Id: I5ff5ca0e1a417d88707255207725bba46433c943
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Mon, 9 Apr 2018 08:53:01 +0000 (01:53 -0700)]
L2: no-flood interface type in the Bridge-Domain
Change-Id: I50ff0cacf88182f8e0be19840c50f4954de586e2
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Damjan Marion [Thu, 5 Apr 2018 19:32:29 +0000 (21:32 +0200)]
plugins: unload plugin if early init fails
Change-Id: I32f68e2ee8f5d32962acdefb0193583f71d342b3
Signed-off-by: Damjan Marion <damarion@cisco.com>
Matus Fabian [Fri, 6 Apr 2018 09:54:40 +0000 (02:54 -0700)]
NAT44: don't add static mapping to resolution vector if failed (VPP-1225)
Change-Id: I71660eb327124179ff200763c4743cc81dc6e1c6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Marek Gradzki [Fri, 6 Apr 2018 10:00:52 +0000 (12:00 +0200)]
jvpp: log error output of Java process on test failure
helps troubleshooting JVpp test failures.
Change-Id: I4747832a0610ace168285bfe423c506ba4e00700
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Damjan Marion [Wed, 4 Apr 2018 20:43:54 +0000 (22:43 +0200)]
Autodetect plugin path
dpdk plugin self-disables if there are no hugepages available
Change-Id: Ib286e1a370deeb21248e6e961573ef9c68759b4c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
Neale Ranns [Mon, 9 Apr 2018 09:25:27 +0000 (02:25 -0700)]
DVR: save the rewrite length in packet meta-data for features
Change-Id: I0efd03bdb84bc9ff2334d398bfdb82486228114a
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Klement Sekera [Mon, 9 Apr 2018 10:01:32 +0000 (12:01 +0200)]
make test: fix failure on centos
Change-Id: I1fcc742699a60ef99ce97b35f7b964ee6ad29ddf
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Thomas F Herbert [Fri, 6 Apr 2018 19:13:41 +0000 (15:13 -0400)]
Restore building of debuginfo RPMs
JIRA: VPP-1227
Remove rpm tmp dir build debuginfo rpms.
Reverses commits to fix a build problem with old versions of rpmbuild
that prevented builds in chrooted environments with short paths
and short project names.
Change-Id: I852696dccc984bf4882fd3ca9ec4c8da080bdb41
Signed-off-by: Thomas F Herbert <therbert@redhat.com>
Thomas F Herbert [Mon, 5 Mar 2018 22:21:56 +0000 (17:21 -0500)]
Remove subunit from Centos requirements.
JIRA: VPP-1229
Subunit and Subunit-devel in Fedora and Epel but not Centos.
This patch moves the Fedora from the Centos specific requirements.
Change-Id: I093a4571cddf14af5ee2827ba8ee00c7bcbe6fc0
Signed-off-by: Thomas F Herbert <therbert@redhat.com>
Neale Ranns [Thu, 5 Apr 2018 09:24:52 +0000 (02:24 -0700)]
BIER coveroty fix for unintialised return value on error
Change-Id: I2b1d1035f810cb58356626cf081d46eb289265b4
Signed-off-by: Neale Ranns <nranns@cisco.com>
John Lo [Thu, 5 Apr 2018 18:52:07 +0000 (14:52 -0400)]
Change l2-fwd node to allow possible feature before UU-FLOOD
If l2-fwd node does not find an L2FIB entry for DMAC of packet,
use input feature bitmap to find next node instead of always
sending packet to l2-flood node to perform unknow unicast flood.
It provides possibilty of using other feature to forward unknow
unicast packet instead of flooding the BD.
Change-Id: I56b277050537678c92bd548d96d87cadc8d2e287
Signed-off-by: John Lo <loj@cisco.com>
Thomas F Herbert [Thu, 5 Apr 2018 20:09:58 +0000 (16:09 -0400)]
Remove mbedtls from build requirement for Centos
Although mbedtls is in Fedora and Epel, it is not
in Centos yet. It is not strictly necessary for TLS
which also can use openssl.
Change-Id: Id62d52000f9ecda2fc10d1938f02be1142fa5bdb
Signed-off-by: Thomas F Herbert <therbert@redhat.com>
Mohsin Kazmi [Thu, 5 Apr 2018 11:13:01 +0000 (13:13 +0200)]
VOM: Get vhost-user type from name
Adopt nova naming convention for vhost-user interfaces.
Change-Id: If70f0828106bf594eb11d4f0ed2898a35ec0af15
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Neale Ranns [Thu, 5 Apr 2018 12:16:49 +0000 (05:16 -0700)]
IPIP: version.h is not needed
Change-Id: I78a4176f98c2b4630a57ac5ddb7faf58ba0c4ee1
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Wed, 4 Apr 2018 17:51:00 +0000 (19:51 +0200)]
memif: bug fixes
Change-Id: Id775efb2e85d850e510d00f1b48bb711a3342397
Signed-off-by: Damjan Marion <damarion@cisco.com>
Mohsin Kazmi [Tue, 3 Apr 2018 12:23:30 +0000 (14:23 +0200)]
VOM: Add sub_interface in specific routing table
Change-Id: I3700fc1d140e30da783e41762670618f0298c7db
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Jon Loeliger [Fri, 30 Mar 2018 18:34:47 +0000 (13:34 -0500)]
DSLite: Implement new API call DSLITE_ADDRESS_DUMP.
Change-Id: I92ca28d3007f7ea43cd3e8b20659e400dfa6c75c
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Chris Luke [Wed, 4 Apr 2018 20:41:56 +0000 (16:41 -0400)]
Bump package version
Change-Id: I81d870ab9fc0b1f0e1b777d56ca7870ff99c7c2c
Signed-off-by: Chris Luke <chrisy@flirble.org>
Chris Luke [Wed, 4 Apr 2018 18:17:44 +0000 (18:17 +0000)]
Hm this ended up on master, but should not have.
Revert "Setup for branch stable/1804"
This reverts commit
c9c0988a0f331cbecfefb3f8cf0617b42bc89139.
Change-Id: I53ac0e9742317962aebe6f6eb5c9180fa87af2a8
Signed-off-by: Chris Luke <chrisy@flirble.org>
Chris Luke [Wed, 4 Apr 2018 18:16:00 +0000 (14:16 -0400)]
Setup for branch stable/1804
Change-Id: I09360055222efba6fad178b4fa5917808b551a9d
Signed-off-by: Chris Luke <chrisy@flirble.org>
Chris Luke [Wed, 4 Apr 2018 18:13:50 +0000 (14:13 -0400)]
Doc updates prior to branch
Change-Id: Ibcffee7d20dbb79720199bcd82d2353f39d5544f
Signed-off-by: Chris Luke <chrisy@flirble.org>
Damjan Marion [Wed, 28 Mar 2018 16:27:38 +0000 (18:27 +0200)]
memif: zero copy slave
Change-Id: I65306fb1f8e39221dd1d8c00737a7fb1c0129ba8
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Thu, 29 Mar 2018 08:28:09 +0000 (01:28 -0700)]
Detailed stats collection feature
Use device-input and interface-output feautre arcs to collect unicast, multicast
and broadcast states for RX and TX resp. Since these feature arcs are present only
for 'physical' interfaces (i.e. not su-interfaces) counter collection is supported
only on parent interface types.
Change-Id: I915c235e336b0fc3a3c3de918f95dd674e4e0e4e
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Neale Ranns [Wed, 4 Apr 2018 12:00:48 +0000 (05:00 -0700)]
NAT added FIB entries have a preference lower than API/CLI
Change-Id: Ia99490180683e8649784f7d9d18c509c3ca78438
Signed-off-by: Neale Ranns <nranns@cisco.com>
Matus Fabian [Wed, 4 Apr 2018 10:27:43 +0000 (03:27 -0700)]
NAT44: prohibit multiple static mappings for a single local address (VPP-1224)
Change-Id: I32b30210c2f1aec10a1b614d04f427662326a3d2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Matus Fabian [Wed, 4 Apr 2018 07:38:02 +0000 (00:38 -0700)]
NAT44: fix static mapping for DHCP addressed interface deleting (VPP-1223)
Change-Id: Ifb4d23059b7989c32a52eaf0c25c275b35e83010
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Eyal Bari [Sun, 1 Apr 2018 12:13:06 +0000 (15:13 +0300)]
dpdk:fix checksum handling of l2 interfaces
dpdk-input was dropping packets with bad ip-checksum on l2 interfaces
Change-Id: Ife5b52766bb71e878b1da6e94ae7b8a1e59fc478
Signed-off-by: Eyal Bari <ebari@cisco.com>
Ed Kern [Mon, 2 Apr 2018 22:42:48 +0000 (16:42 -0600)]
Makefile: Alter VPP_PYTHON_PREFIX for preloading deps
Allow setting of VPP_PYTHON_PREFIX to alternate location
so the python prereqs can be installed into base image
Also added test-dep trigger to isolate dependency install
from actual test run
Change-Id: Ia80f5dbf71bc24eb46cd6586bcadd474ef822704
Signed-off-by: Ed Kern <ejk@cisco.com>
Klement Sekera [Tue, 27 Mar 2018 08:34:43 +0000 (10:34 +0200)]
reassembly: bug fixes
This change fixes a bug which would corrupt features infra by making
feature infra resistant to double-removal. It also fixes 'out of memory'
issue by properly initializing the bihash tables.
Change-Id: I78ac03139234a9a0e0b48e7bdfac1c38a0069e82
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Dave Barach [Tue, 3 Apr 2018 18:58:14 +0000 (14:58 -0400)]
Fix bugs in emacs plugin templates
use api_helper_macros.h
declare plugin_main_t external in the header file
declare plugin_main_t instance in plugin.c
setup main_t->vlib_main, main_t->vnet_main in the init routine
Change-Id: Ib8c742a60c63adfe9724447e1a2acc8c7723e90c
Signed-off-by: Dave Barach <dave@barachs.net>
Florin Coras [Tue, 3 Apr 2018 09:10:05 +0000 (02:10 -0700)]
session: use fib index in ip local test
Change-Id: I148cb40c8bea55dabe54fa6a662d46862e571640
Signed-off-by: Florin Coras <fcoras@cisco.com>
Andrew Yourtchenko [Wed, 28 Mar 2018 13:32:10 +0000 (15:32 +0200)]
make test: print a warning in case a core_pattern contains a filter program
The default config on Ubuntu 16.04.4 desktop results in truncated cores
when running make test which coredumps. Uninstalling the filter program
(apport) makes the corefiles normal size. Print a warning about that fact,
so the others potentially affected didn't have to wonder.
Change-Id: Iba4b0a2765a25100d6e24fd7f4de0e0339efd835
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Steven [Sat, 31 Mar 2018 05:18:11 +0000 (22:18 -0700)]
tapv2: Sporadic SIGABRT in ethernet_input [VPP-1183]
virtio_free_rx_buffers uses the wrong slot in the vring to get
the buffer index. It uses desc_next. It should be last_used_idx
which is the slot number for the first valid descriptor.
Change-Id: I6b62b794f06869fbffffce45430b8b2e37b1266c
Signed-off-by: Steven <sluong@cisco.com>
Jakub Grajciar [Thu, 29 Mar 2018 11:15:10 +0000 (13:15 +0200)]
libmemif: zero-copy-slave mode + header space
Slave is now able to dequeue buffers from rx queue and enqueue them to tx queue
(zero-copy operation). Slave can produce buffers with headroom, which will allow adding
encap without copy.
Change-Id: Ia189f8de1a68be787545ed46cf78d36403e7e9bf
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Andrew Yourtchenko [Wed, 28 Mar 2018 12:33:48 +0000 (14:33 +0200)]
acl-plugin: implement an optional session reclassification when ACL is (re-)applied
There were several discussions in which users would expect the sessions to be deleted
if the new policy after the change does not permit them.
There is no right or wrong answer to this question - it is a policy decision.
This patch implements an idea to approach this. It uses a per-interface-per-direction counter to designate
a "policy epoch" - a period of unchanging rulesets. The moment one removes or adds an ACL applied to
an interface, this counter increments.
The newly created connections inherit the current policy epoch in a given direction.
Likewise, this counter increments if anyone updates an ACL applied to an interface.
There is also a new (so far hidden) CLI "set acl-plugin reclassify-sessions [0|1]"
(with default being 0) which allows to enable the checking of the existing sessions
against the current policy epoch in a given direction.
The session is not verified unless there is traffic hitting that session
*in the direction of the policy creation* - if the epoch has changed,
the session is deleted and within the same processing cycle is evaluated
against the ACL rule base and recreated - thus, it should allow traffic-driven
session state refresh without affecting the connectivity for the existing sessions.
If the packet is coming in the direction opposite to which the session was initially
created, the state adjustment is never done, because doing so generically
is not really possible without diving too deep into the special cases,
which may or may not work.
Change-Id: I9e90426492d4bd474b5e89ea8dfb75a7c9de2646
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Maciek Konstantynowicz [Wed, 28 Mar 2018 18:39:24 +0000 (19:39 +0100)]
Updated sample startup.conf with supported plugin config options.
Change-Id: Id2884a4c2208b4382fce56019b11e4b7fdc4275b
Signed-off-by: Maciek Konstantynowicz <mkonstan@cisco.com>
John DeNisco [Fri, 30 Mar 2018 14:50:19 +0000 (10:50 -0400)]
Fix minor issues.
Change-Id: I1ce5106d99dd4d4b1c033d4873b4511e9a170afc
Signed-off-by: John DeNisco <jdenisco@cisco.com>
Chris Luke [Fri, 30 Mar 2018 13:56:42 +0000 (06:56 -0700)]
Add missing stdint.h
Coverity has started whining about uint32_t missing in this .h
Change-Id: I57992121c0593d6a0ada35917802d0300cf91259
Signed-off-by: Chris Luke <chrisy@flirble.org>
Steven [Thu, 29 Mar 2018 17:35:41 +0000 (10:35 -0700)]
lacp: faster convergence for slow-rate config option
Do fast-rate if we are not yet synchronized with the partner.
Stop sending LACP updates as a flash in the worker thread. Just expire the
timer and let the lacp_process handle sending LACP PDU.
Change-Id: I8b36fe74e752e7f45bd4a8d70512c0341cc197a1
Signed-off-by: Steven <sluong@cisco.com>
Steven [Thu, 29 Mar 2018 00:59:00 +0000 (17:59 -0700)]
bond: show trace causes a crash if the interface is deleted
For the debug image, if the interface is removed and the trace was
collected prior to the interface delete, show trace may cause a crash.
This is because vnet_get_sw_interface_name and vnet_get_sup_hw_interface
are not safe if the interface is deleted.
The fix is to use format_vnet_sw_if_index_name if all we need is to
get the interface name in the trace to display. It would show "DELETED"
which is better than a crash.
Change-Id: I912402d3e71592ece9f49d36c8a6b7af97f3b69e
Signed-off-by: Steven <sluong@cisco.com>
Steve Shin [Fri, 30 Mar 2018 07:40:40 +0000 (00:40 -0700)]
dpdk: fix crash due to incorrect xd->flags value with slave's link toggling
xd->flags is set incorrectly when a slave link is down in bonded interface mode.
This can result in VPP crash when data traffic flows to the interface.
Change-Id: Ideb9f5231db1211e8452c52fde646d681310c951
Signed-off-by: Steve Shin <jonshin@cisco.com>
Chris Luke [Thu, 29 Mar 2018 19:56:58 +0000 (12:56 -0700)]
Coverity fixes (VPP-1204)
Minor bug fixes
CID 183000: double close
CID 180996: dead code
CID 180995: NULL deref
CID 181957: NULL deref
CID 182676: NULL deref
CID 182675: NULL deref
Change-Id: Id35e391c95fafb8cd771984ee8a1a6e597056d37
Signed-off-by: Chris Luke <chrisy@flirble.org>
Florin Coras [Wed, 28 Mar 2018 09:18:29 +0000 (02:18 -0700)]
ip6: fix ip6-local urpf checking
Use sw_if_index[VLIB_TX] if set as fib index when doing the urpf check.
Change-Id: I5ec3e7f7a54c6782704d91e9a5614fd0f7f9e3de
Signed-off-by: Florin Coras <fcoras@cisco.com>
Eyal Bari [Wed, 28 Mar 2018 12:25:28 +0000 (15:25 +0300)]
l2_input:optimize counter access
only one counter update per frame (was updated per iteration)
only access ethertype for casts (was always accessing ethertype)
Change-Id: I3a3c3219ec63e975cf5bd8cf2d93103932a4aaa3
Signed-off-by: Eyal Bari <ebari@cisco.com>
Florin Coras [Wed, 28 Mar 2018 00:29:32 +0000 (17:29 -0700)]
tcp: fix fib index buffer tagging
Change-Id: I373cc252df3621d44879b8eca70aed17d7752a2a
Signed-off-by: Florin Coras <fcoras@cisco.com>
Dave Barach [Wed, 28 Mar 2018 23:08:45 +0000 (19:08 -0400)]
No need for this routine to be global
Causes subtle misbehavior elsewhere
Change-Id: I3a0ade26e8e03b8c5dc8e722f6a01fb99ec7a1e0
Signed-off-by: Dave Barach <dave@barachs.net>
Mohsin Kazmi [Wed, 28 Mar 2018 15:25:23 +0000 (17:25 +0200)]
vom: Fix the error handling for already existing itf
Change-Id: I5695d51dd4f6daff472877fe1cce3ddcb924b187
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Damjan Marion [Mon, 26 Mar 2018 12:09:38 +0000 (14:09 +0200)]
Build libmemif as part of verify job
Change-Id: I7e808b5bcbb74343a4ed6782f115ed07e9bfe3a6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Steven [Tue, 27 Mar 2018 22:04:47 +0000 (15:04 -0700)]
bond: cli rename
rename "enslave interface <slave> to <BondEthernetx>" to
"bond add <BondEthernetx> <slave>
"detach interface <slave>" to
"bond del <slave>"
Change-Id: I1bf8f017517b1f8a823127c7efedd3766e45cd5b
Signed-off-by: Steven <sluong@cisco.com>
Marco Varlese [Wed, 28 Mar 2018 10:06:10 +0000 (12:06 +0200)]
SCTP: use custom fib
Following TCP fixes from Florin (11430), this patch follows the same
approach to indicate a fib (not just using the default one).
Change-Id: Ib883aa0e9a1c6157acfea69c44426ba07d6c932a
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
Jakub Grajciar [Wed, 28 Mar 2018 08:21:05 +0000 (10:21 +0200)]
libmemif: add private header size field
Change-Id: I09567c8ee9c92e91918840f80942a005069d9842
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Matus Fabian [Wed, 28 Mar 2018 11:06:26 +0000 (04:06 -0700)]
NAT44: make 1:1NAT for DHCP addressed interface persistent
Static mapping is not deleted from resolution vector after address is set on
interface.
Change-Id: Ib7c45ca2e307123d101248c5a1b17d130ac32cd0
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Neale Ranns [Tue, 27 Mar 2018 20:25:17 +0000 (13:25 -0700)]
test: fix VppNeighbor.query_vpp_config
Change-Id: I2a879ee9d5065a14eb351eccd0350693eb1ff521
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Damjan Marion [Tue, 27 Mar 2018 20:00:17 +0000 (22:00 +0200)]
avf: keep input node in disabled state unless needed
Change-Id: I9a0105aa2373bd4db218851b1bbee50c6b6dfc7d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Matus Fabian [Tue, 27 Mar 2018 08:07:25 +0000 (01:07 -0700)]
NAT44: fix nat44_user_session_dump and nat44_del_session crash with one worker (VPP-1213)
Change-Id: I8e0c7ed2ff462b9ab59c233f56be262ec03c29ff
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Eyal Bari [Tue, 27 Mar 2018 08:43:57 +0000 (11:43 +0300)]
vxlan:refactor add del command function
Change-Id: I33ba5a011100baf1c786f9a63a0cf3d2e1020493
Signed-off-by: Eyal Bari <ebari@cisco.com>
Damjan Marion [Tue, 27 Mar 2018 19:07:58 +0000 (21:07 +0200)]
vlib: gcc-7 -O3 uninitialized values
Change-Id: I59b4142daab439d60a1ebd48b2c1366df0160288
Signed-off-by: Damjan Marion <damarion@cisco.com>
Code Review / vpp.git / log