Dave Barach [Sat, 8 Jun 2019 16:33:13 +0000 (12:33 -0400)]
mactime: add per-mac allow-with-quota feature
Specify a data limit during specified time ranges. Outside of the
specified time ranges, data will be allowed.
Clean up "show mactime" output.
Type: feature
Change-Id: Iddd6678e7ded1d0f9cb88d69c656de8d87d5694c
Signed-off-by: Dave Barach <dave@barachs.net>
dongjuan [Tue, 4 Jun 2019 02:59:02 +0000 (10:59 +0800)]
trace frame-queue on trigger out of memory
FRAME_QUEUE_NELTS is 64 in thread.c
Change-Id: Ie7e5962afe05dfc7f38e3d597dabc74dcc2dab8d
Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
Florin Coras [Fri, 7 Jun 2019 19:38:55 +0000 (12:38 -0700)]
tcp: send challenge ack for in wnd syn
Type: fix
Per rfc793, in window syns for established connections should lead to
connection resets. As a mitigation for blind reset attacks, rfc5961
requests that such syns be replied to with challange acks.
Change-Id: I75e4972bbb515e48d9cf1bda32ea5d9891d670f0
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 7 Jun 2019 22:31:06 +0000 (15:31 -0700)]
tcp: close connection if not recovered after max tries
Type: feature
Change-Id: Ia8af6a62a2be2265bc42955d90e8c2222bdb8f50
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 7 Jun 2019 16:35:20 +0000 (09:35 -0700)]
tcp: add cc cleanup function
Type: feature
Change-Id: I54521078cf96e459d041c86297c6ca80045bf0a3
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Wed, 5 Jun 2019 10:28:17 +0000 (10:28 +0000)]
bfd: UT for BFD session over GRE tunnel
Signed-off-by: Neale Ranns <nranns@cisco.com>
Adding UT for BFD over GRE tunnel.
Ticket: none
Type: test
Change-Id: I03eca4a0c7114cdc16fde9be4cd6db6216b8c845
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Fri, 7 Jun 2019 14:03:01 +0000 (07:03 -0700)]
tcp: log connect notify errors
Type: fix
Change-Id: Idf0b2e16b2e7d126940bb38c7983d6784b5bfdc8
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Fri, 7 Jun 2019 12:17:07 +0000 (05:17 -0700)]
ipsec: export ipsec_punt.h
Change-Id: Ib489922af246b7dc3e770a57e51b87a2568a014d
Type: fix
Fixes:
b71fa75d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 7 Jun 2019 06:52:36 +0000 (02:52 -0400)]
ip: ip4 lookup performance bump with the usual receipe
2.77e1 v. 2.81e1
Type: performance
Change-Id: I896ec77818603f17aaa622073dafc626570326f1
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 7 Jun 2019 07:54:21 +0000 (03:54 -0400)]
VOM-test: fix the UT post BVI and Bridge-domain changes
Change-Id: Ibd9059e616f46f7017e397262bf4c0606d81eb0c
Signed-off-by: Neale Ranns <nranns@cisco.com>
Benoît Ganne [Tue, 30 Apr 2019 09:50:46 +0000 (11:50 +0200)]
build: add -Wall and -fno-common, fix reported issues
Type: refactor
Change-Id: I8489ccd54411c2aa9355439c5641dc31012c64a2
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Steven Luong [Wed, 5 Jun 2019 17:52:35 +0000 (10:52 -0700)]
lacp: create lacp-process on demand
Create lacp-process when the very first slave interface is added to the bond.
Log an event message when lacp-process starts/stops.
Be mindful when lacp-process is signalled to stop.
Type: refactor
Change-Id: I79e10e0a2a385a21a52ae5b8735f24631fdba293
Signed-off-by: Steven Luong <sluong@cisco.com>
Neale Ranns [Thu, 6 Jun 2019 13:28:14 +0000 (13:28 +0000)]
ipsec: remove the set_key API
there's no use case to just change the key of an SA. instead the SA
should be renegociated and the new SA applied to the existing SPD entry
or tunnel.
the set_key functions were untested.
Type: refactor
Change-Id: Ib096eebaafb20be7b5501ece5a24aea038373002
Signed-off-by: Neale Ranns <nranns@cisco.com>
Ole Troan [Fri, 7 Jun 2019 09:02:58 +0000 (11:02 +0200)]
gre: update gre.api with explicit types
Change-Id: I0036c216b79afb66b982b1b6a7e81f738f3b61dc
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Tue, 30 Apr 2019 08:04:36 +0000 (10:04 +0200)]
API: Add support for "defaults"
Add support in the API language for specifying a field default.
Add default support in Python binding.
define foo {
u16 mtu [default = 1500];
};
This is client side only. I.e. if the mtu argument is not passed to the foo function,
the client language binding will set it default to 1500.
Change-Id: I5df43f3cd87cb300b40ca38e15dcab25b40e424a
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Wed, 24 Apr 2019 12:31:18 +0000 (14:31 +0200)]
vppapigen: Fold up CRC from dependent types.
Change-Id: Id51f26f225cd567ca19efc2301e94fa88840ae8f
Signed-off-by: Ole Troan <ot@cisco.com>
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Fri, 7 Jun 2019 08:59:25 +0000 (10:59 +0200)]
p2p ethernet: update p2p_ethernet.api with explicit types.
Change-Id: Id6b2c2321c5f1d56e7cfab24a7c1641b38e94e19
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
Paul Vinciguerra [Fri, 15 Mar 2019 16:39:19 +0000 (09:39 -0700)]
tests: framework gracefully handle 'VppTransportShmemIOError'
Catches:
----
Traceback (most recent call last):
File "/vpp/test/framework.py", line 593, in tearDown
self.logger.info(self.vapi.ppcli("api trace save %s" % api_trace))
File "/vpp/test/vpp_papi_provider.py", line 413, in ppcli
return cli + "\n" + str(self.cli(cli))
File "/vpp/test/vpp_papi_provider.py", line 402, in cli
r = self.papi.cli_inband(cmd=cli)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 100, in __call__
return self._func(**kwargs)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 414, in f
return self._call_vpp(i, msg, multipart, **kwargs)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 634, in _call_vpp
msg = self.transport.read()
File "/vpp/src/vpp-api/python/vpp_papi/vpp_transport_shmem.py", line 120, in read
raise VppTransportShmemIOError(rv, 'vac_read failed')
VppTransportShmemIOError: [Errno -1] vac_read failed
----
Change-Id: I767e48c4d03081eb5df6a8aa67da7e192d25e4cc
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 11:06:09 +0000 (07:06 -0400)]
vpp_papi: Context_id allocator for running forked.
When running forked, distinct copies of the 'get_context'
singleton are created for each process. To run under forked processes,
(as with make test TEST_JOBS=10), we need to use a shared
memory value across the processes.
Type: fix
Change-Id: I9eab8ce46ec23584e5bd651735ad75fd3f018e1a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 11:38:42 +0000 (07:38 -0400)]
vpp_papi: Fix missing dependency.
Since we test vpp_papi as part of tests, the need for
ipaddress under python2.7 is masked.
Add ipaddress to setup.py for python <=3.3.
Change-Id: I01c2f5560eeb740e546024e84028d5a2fb2ace45
Type: fix
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
dongjuan [Fri, 17 May 2019 07:47:55 +0000 (15:47 +0800)]
no trigger nat ipfix flush in first worker
Change-Id: I4dbeed0b94003a698e9218648d4b352db6fbb70e
Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
Paul Vinciguerra [Thu, 6 Jun 2019 14:49:46 +0000 (10:49 -0400)]
vpp_papi: Fix format_vl_api_address_t under python3.
Under PY3, inet_pton returns OSError, not socket.error.
Type: fix
Change-Id: Id270a684c0ab124cbe1ddcb7123e14e85af844b8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Matthew G Smith [Wed, 22 May 2019 19:49:24 +0000 (14:49 -0500)]
bfd: midchain adjacency support
Support an adjacency with lookup_next_index of IP_LOOKUP_NEXT_MIDCHAIN
so tunnel interfaces can have BFD configured on them.
Also, check if the interface a session is configured on is up
and skip assembling the packet and calculating the checksum if
the interface is down.
Change-Id: I44f76478d0fc1592e3491dd9368819a5c957e74a
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Paul Vinciguerra [Thu, 6 Jun 2019 19:25:44 +0000 (15:25 -0400)]
vpp_papi: Accept ipaddress.Network objects on prefix_t methods.
vl_api_prefix_t returns ipaddress.<IPv[46]>Network objects.
Accept Network objects as well as existing string format.
Type: refactor.
Change-Id: Iba5403724a7b3e1da3b3740027fccd43631bf31e
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 21:14:37 +0000 (17:14 -0400)]
vpp_papi: Fix vapi.disconnect exception.
Traceback (most recent call last):
File "/vpp/test/framework.py", line 521, in setUpClass
cls.quit()
File "/vpp/test/framework.py", line 556, in quit
cls.vapi.disconnect()
File "/vpp/test/vpp_papi_provider.py", line 308, in disconnect
self.vpp.disconnect()
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 500, in disconnect
if self.event_thread is not None:
AttributeError: 'VPPApiClient' object has no attribute 'event_thread'
Type: fix
Change-Id: I7a8db08b0922bf92ab42df121b1707073af9cedf
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 22:01:07 +0000 (18:01 -0400)]
tests: fix broken test test_gtpu.py TestGtpuUDP
Test failing due to call to super.tearDown in setUp.
==============================================================================
FAIL: test UDP ports
------------------------------------------------------------------------------
Traceback (most recent call last):
File "/vpp/test/test_gtpu.py", line 77, in test_udp_port
self._check_udp_port_ip4(False)
File "/vpp/test/test_gtpu.py", line 48, in _check_udp_port_ip4
self.assertEqual(err, self.ip4_err + 1)
AssertionError: 0L != 1
Type: fix
Change-Id: Iec4ef5edd3ee11bcd962b77cc8159dee9cb15687
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Thu, 6 Jun 2019 16:38:44 +0000 (09:38 -0700)]
vcl: avoid hash table lookup on accept
Type: refactor
Change-Id: I363a97b9f5ab0dbda78e13582630e78d57fb83e7
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 5 Jun 2019 17:47:16 +0000 (10:47 -0700)]
vcl: cap epoll dequeue batch size to max events
Type: fix
Change-Id: Ia9be1413cf9423552137885521cefdbecc3e5df5
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Ping Yu <ping.yu@intel.com>
Neale Ranns [Mon, 3 Jun 2019 13:21:40 +0000 (13:21 +0000)]
IP-Punt-redirect: allow the use of a FIB path to describe how to
redirect
Change-Id: I2a3ba2a3d73ea8511e3a511855b041432328f0a8
Signed-off-by: Neale Ranns <nranns@cisco.com>
Filip Tehlar [Tue, 4 Jun 2019 01:22:55 +0000 (01:22 +0000)]
dpdk: fix clear hw stats
.. and remove helper stat struct for keeping last cleared stats.
This is not needed anymore as dpdk lib provides rte_eth_dev_reset().
Change-Id: I78076e689aac7ca70836ce688dfa8e704f64cd84
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Thu, 6 Jun 2019 10:35:07 +0000 (10:35 +0000)]
DVR: Control the reinject as L2 or L3 based on the output interface type
Change-Id: Ib4cdbe8a6a1d10a643941c13aa0acbed410f876c
Type: Feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Mon, 20 May 2019 10:27:33 +0000 (12:27 +0200)]
reassembly: support more custom options for apps
Change-Id: Ib9f98fba5a724480ca95f11a762002c53e08df70
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Benoît Ganne [Wed, 5 Jun 2019 17:08:40 +0000 (19:08 +0200)]
gbp: fix lpm classification with vlan
Fix GBP LPM packet classification in the presence of a VLAN header.
Change-Id: I2ff63b34f7475d696b10b5a245ff802bbb1ff01a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 5 Jun 2019 17:11:11 +0000 (19:11 +0200)]
gbp: do not classify unknown packet as EP packets
If we fail to classify the packet based on LPM we must not classify it
based on the EP sclass.
Change-Id: Ie234e0c87bd44976c3c57c818359c93f7d99ab84
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Hongjun Ni [Tue, 4 Jun 2019 10:58:58 +0000 (18:58 +0800)]
lb: crashed with some specific commit under heavy traffic
- When deleting VIP member with flush, VPP will crash.
- When deleting VIP member without flush, vpp won't crash.
- This crash is almost 100% reproductive.
Ticket: VPP-1680
Type: fix
Change-Id: Ia4e8f9e0f987176c7f6ec52c92e66563f313b0c3
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
Filip Tehlar [Mon, 3 Jun 2019 23:36:10 +0000 (23:36 +0000)]
ipsec: fix combined counters in ah-encrypt node
Type: fix
Fixes:
1197449
Change-Id: Icdda3c667ba76542ea3af5d66cc7c3fb10ade1ca
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Damjan Marion [Wed, 5 Jun 2019 13:45:50 +0000 (15:45 +0200)]
ipsec: fix sa counters in esp-encrypt
Type: fix
Fixes:
c59b9a2
Change-Id: I6021e67196a4d31ab11d4e3cfbda34b678150701
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 5 Jun 2019 13:42:54 +0000 (15:42 +0200)]
ipsec: fix sa counters in esp-decrypt
Type: fix
Fixes:
b4fff3a
Change-Id: I2552cbc0a02e7445825a5a4ce290cde3d10c5f0b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Sirshak Das [Tue, 28 May 2019 13:46:27 +0000 (08:46 -0500)]
Switch atomic release API from __sync to __atomic builtin.
__sync_lock_release switched to __atomic_store for code consitency,
although both generate same instructions with current compilers.
Change-Id: I37d320509e43a4c2b8a49af6346dc4a43ca2f535
Signed-off-by: Sirshak Das <sirshak.das@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
Sirshak Das [Tue, 28 May 2019 13:44:46 +0000 (08:44 -0500)]
Switch atomic test and set API from __sync to __atomic builtin
__sync_test_and_set uses full memory barriers for AArch64,
__atomic_exchange(ACQUIRE) would use load acquire.
Change-Id: Ifdf2481db3b9dde6c5842d75671402862adb6d81
Signed-off-by: Sirshak Das <sirshak.das@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
Steven Luong [Wed, 5 Jun 2019 05:29:39 +0000 (22:29 -0700)]
avf: enable promiscuous mode
In order to receive multicast packets from the VF interface, promiscuos
mode must be enable.
Type: fix
Fixes:
b4ff07a
Change-Id: I549bc37a05895d3355f2832c200e9262c95a27b5
Signed-off-by: Steven Luong <sluong@cisco.com>
mu.duojiao [Mon, 29 Apr 2019 09:29:44 +0000 (17:29 +0800)]
In ip6_mfib_forward_rpf_node,is_v4 should be 0.
Change-Id: I9de63cebfcef8898d0ea4c9c2b7451b168b06c2c
Signed-off-by: mu.duojiao <mu.duojiao@zte.com.cn>
Neale Ranns [Wed, 22 May 2019 13:26:39 +0000 (13:26 +0000)]
L3 cross connect
- all packets input on interface X are load-balanced over the set of
paths provided.
Change-Id: Ic27cb88c4cd5d6d3462570632daff7a43d5a652d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Tue, 4 Jun 2019 15:37:34 +0000 (15:37 +0000)]
IPSEC: some CLI fixes
Change-Id: I45618347e37440263270baf07b2f82f653f754a5
Signed-off-by: Neale Ranns <nranns@cisco.com>
Paul Vinciguerra [Tue, 28 May 2019 19:40:47 +0000 (15:40 -0400)]
Tests: simple refactor in vpp_pg_interface.
Pull common code into a single method.
Type: refactor
Change-Id: Ic540d23eebbd17f838ed7a1a9dee80815a27847c
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Steven Luong [Fri, 31 May 2019 14:34:39 +0000 (07:34 -0700)]
elog: make elog_string() multi-thread safe
elog is supposed to be thread safe. Yet elog_string() is not. To fulfill
that promise, let's make elog_string() thread safe to avoid surprises.
Change-Id: Iab82faa7cb6719777a66c3ff14775e59a6a68a20
Signed-off-by: Steven Luong <sluong@cisco.com>
Neale Ranns [Tue, 4 Jun 2019 13:31:23 +0000 (13:31 +0000)]
punt: fix the set_punt API/CLI which was rejecting valid ports
add a UT for the API
Change-Id: I93fb6ec2c5f74b991bf7f229250a30c0395b8e24
Signed-off-by: Neale Ranns <nranns@cisco.com>
Jakub Grajciar [Tue, 4 Jun 2019 11:16:42 +0000 (13:16 +0200)]
features will register udp ports once configured
plugins:
- ipfixcollector
vnet:
- geneve
- vxlan_gpe
- vxlan
Change-Id: I69a8b4017ee6990f2b4874fe3e94c4520bde7101
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Guillaume Solignac [Mon, 20 May 2019 13:58:46 +0000 (15:58 +0200)]
Fix: bug prevented IPsec ipv4 SPDs to show correctly
Because of the initialisation of the end of the range, the command show ipsec spd
on an ipv4 SPD didn't work correctly.
Change-Id: I3582382197bb6edef4fb077aac1e927ef4581cbf
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Dave Barach [Mon, 3 Jun 2019 23:48:22 +0000 (19:48 -0400)]
sort worker-thread init functions in advance
Otherwise, all N worker threads try to sort the list at the same time:
a good way to have a bad day.
This approach performs *far* better than maintaing order by adding a
spin-lock. By direct measurement w/ elog + g2: 11 threads execute the
per-thread init function list in 22us, vs. 50ms with a CLIB_PAUSE()
enabled spin-lock.
Change-Id: I1745f2a213c0561260139a60114dcb981e0c64e5
Signed-off-by: Dave Barach <dave@barachs.net>
Ole Troan [Tue, 4 Jun 2019 10:33:32 +0000 (12:33 +0200)]
stats: removing empty object in stats vector
Type: fix
Change-Id: I9b6bdacdb9a0750834de9a93d8c3f7ed827ce3c8
Signed-off-by: Ole Troan <ot@cisco.com>
Neale Ranns [Tue, 21 May 2019 13:54:54 +0000 (06:54 -0700)]
Punt: specify packets by IP protocol Type
Change-Id: I0c2d6fccd95146e52bb88ca4a6e84554d5d6b2ed
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Mon, 3 Jun 2019 14:23:30 +0000 (10:23 -0400)]
mactime: upstream new features
Add per mac address data quotas (simple version)
Add mini-ACLs to turf "call home" traffic from a certain species of
security DVR.
Add FEATURE.yaml
Update the API version number
Type: feature
Feature-name: mactime
Change-Id: Ida6945f7791ab43909afa68dcf2f652b20c53afd
Signed-off-by: Dave Barach <dave@barachs.net>
Filip Tehlar [Mon, 3 Jun 2019 08:13:21 +0000 (08:13 +0000)]
dpdk: rework extended stats
Change-Id: I421192e1921d4c9c5486a6dcca745582aebf4e3e
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Zhiyong Yang [Tue, 4 Jun 2019 02:28:06 +0000 (22:28 -0400)]
startup: remove dpdk linking bonding configuration
As dpdk linking bonding code has been removed by the patch
https://gerrit.fd.io/r/#/c/19867/, corresponding configuration
info should be removed.
Change-Id: I048ae068619c83190252a75284bd5306ce61611e
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Zhiyong Yang [Tue, 4 Jun 2019 02:58:44 +0000 (22:58 -0400)]
srp: leverage vlib_buffer_get_current
Change-Id: I8e4592734cd8343cd95b32ad8617fed4aec3f590
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Mohsin Kazmi [Wed, 29 May 2019 15:16:34 +0000 (11:16 -0400)]
vom: Add bridge domain unknown unicast flooding flag
UU flood can be disabled or enabled using this flag in a bd.
Change-Id: I799be2742b599783eec019b5fd295c3b940eb3e8
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Benoît Ganne [Mon, 27 May 2019 16:36:46 +0000 (18:36 +0200)]
GBP: add subnet cli command
Change-Id: I0f631da9d13df2d9c32bad879b2a6034cb847378
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Neale Ranns [Wed, 29 May 2019 13:58:43 +0000 (13:58 +0000)]
ARP: add feature arc
- arp-input, registered with the ethernet protocol dispatcher, performs
basic checks and starts the arc
- arp-reply; first feature on the arc replies to requests and learns
from responses (no functional change)
- arp-proxy; checks against the proxy DB
arp-reply and arp-proxy are enabled when the interface is appropriately
configured.
Change-Id: I7d1bbabdb8c8b8187cac75e663daa4a5a7ce382a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Wed, 22 May 2019 14:30:01 +0000 (16:30 +0200)]
crypto_ia32: native AES-GCM implementation
Change-Id: I006a150577e897731649f21908b4789e2eb485c3
Signed-off-by: Damjan Marion <damarion@cisco.com>
Mohsin Kazmi [Mon, 27 May 2019 16:36:15 +0000 (18:36 +0200)]
vom: Add bridge domain arp unicast forwarding flag
Change-Id: Iede47e8d9e168125bcd938cca6182c9270dcb5c4
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Neale Ranns [Sun, 2 Jun 2019 06:01:42 +0000 (06:01 +0000)]
IPSec: memcpy of integ key bork
Change-Id: Icd76769d841792eb2d59ffc23c557dcca9ddc580
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Fri, 31 May 2019 12:41:34 +0000 (08:41 -0400)]
VPP-1692: move NULL pointer check
TBH, this looks like merge damage or some such. Perfectly fine NULL pointer
check, about three lines after it was needed.
Change-Id: I52831062e30533a59fb76b644ee5ae389676d2ae
Signed-off-by: Dave Barach <dave@barachs.net>
Ole Troan [Tue, 14 May 2019 11:24:10 +0000 (13:24 +0200)]
tools: FEATURE.yaml meta-data infrastructure
Add tooling for feature metadata configuration files.
The main tool is in src/scripts/fts.py
make checkfeaturelist to validate against schema.
make featurelist to dump all feature lists to stdout.
Example feature definition:
name: IP in IP tunnelling
maintainer: Ole Troan <ot@cisco.com>
features:
- IPv4/IPv6 over IPv4/IPv6 encapsulation:
- Fragmentation and Reassembly
- Configurable MTU
- Inner to outer Traffic Class / TOS copy
- Configurable Traffic Class / TOS
- ICMPv4 / ICMPv6 proxying
- 6RD (RFC5969):
- Border Relay
description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as
described in RFC2473. This module also implement the border relay of
6RD (RFC5969)."
state: production
properties: [API, CLI, STATS, MULTITHREAD]
missing:
- Tunnel PMTUD
- Tracking of FIB state for tunnel state
- IPv6 extension headers (Tunnel encapsulation limit option)
JSON schema is embedded in fts.py
Example markdown: https://github.com/otroan/scratch/blob/master/features.md
Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da
Type: make
Signed-off-by: Ole Troan <ot@cisco.com>
Billy McFall [Thu, 16 May 2019 13:13:50 +0000 (09:13 -0400)]
VPP-1640 - Missing rules in vpp-selinux-policy
SELinux exceptions occurring for host interfaces and with the
vmxnet3 driver.
Change-Id: Ia22bd82572acfa07ae287a755830abe1413f9939
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Billy McFall [Thu, 16 May 2019 19:58:58 +0000 (15:58 -0400)]
VPP-1679 - SElinux rules are not set accordingly
Updates to the VPP SELinux policy to support the MLX5 DPDK driver.
Change-Id: I089ede88a5e9c4152178f8cf9be5ee14d8a9130f
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Billy McFall [Thu, 16 May 2019 20:54:44 +0000 (16:54 -0400)]
VPP-1640 - Missing rules in vpp-selinux-policy
Add additional section to the SELinux documentation to describe how to
collect debug information when SELinux issues are encountered. This is
purely a documentation change.
Note: Merged seperate from SELinux Policy change in case policy change
needs to be cherry-picked to older releases.
Change-Id: I7ba3d3c7d84171b503d956eb01e13a680b4d53fc
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Damjan Marion [Thu, 30 May 2019 14:37:01 +0000 (16:37 +0200)]
crypo_ia32: don't optimize debug builds
Type: fix
Fixes:
d5023a72
Change-Id: I17cf7887d1274cf3ca9301ec87b8c8f539359456
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Thu, 30 May 2019 23:48:12 +0000 (19:48 -0400)]
Update vnet hardware flags if link state changes
Explains a variety of hard-to-diagnose problems with certain Atom and
Denverton NIC types.
I finally tripped over a highly-repeatable failure: home gateway
use-case bitten by refusal to negotiate a DHCP lease for the trunk
port.
The dhcp client won't send pkts unless VNET_HW_INTERFACE_FLAG_LINK_UP
is set on the tx hw interface:
/* Interface(s) down? */
if ((hw->flags & VNET_HW_INTERFACE_FLAG_LINK_UP) == 0)
return;
Change-Id: I17ef2ba7b39078555fa27d2d874a60c67e1530ee
Signed-off-by: Dave Barach <dave@barachs.net>
Zhiyong Yang [Wed, 15 May 2019 08:25:20 +0000 (04:25 -0400)]
bonding: add support for numa awareness
This patch enables bonding numa awareness on multi-socket
server working in active-backeup mode.
The VPP adds capability for automatically preferring slave
with local numa node in order to reduces the load on the
QPI-bus and improve system overall performance in multi-socket
use cases. Users doesn't need to add any extra operation as
usual.
Change-Id: Iec267375fc399a9a0c0a7dca649fadb994d36671
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
jackiechen1985 [Fri, 24 May 2019 03:59:49 +0000 (11:59 +0800)]
nat44: fix CLI doc error
Change-Id: Iac6bd29389839c9eb8c1ff2105b4da69b6e1ce3e
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
Neale Ranns [Mon, 27 May 2019 12:21:32 +0000 (08:21 -0400)]
IP load-balance; perf improvement using the usual reciepe
before and after:
ip4-load-balance 1.54e1
ip4-load-balance 1.36e1
p.s. Quad loops were not beneficial
Change-Id: I7bc01fc26288f0490af74db2b1b7993526c3d982
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Tue, 28 May 2019 11:09:40 +0000 (11:09 +0000)]
FIB: correctly report IPv6 FIB Unicast and Multicast memory usage (VPP-1578)"
and document scaling
Change-Id: I65d8999e65616d77e525963c770d91e9b0d5e593
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Wallace [Wed, 29 May 2019 21:34:59 +0000 (17:34 -0400)]
19.04.1 Release Notes
Change-Id: I2a69b29b9ecea2bfdf1832c184c7e63058a33b94
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Florin Coras [Thu, 30 May 2019 09:01:55 +0000 (02:01 -0700)]
lisp-cp: start lisp retry service on demand
Change-Id: I07681d94301e19389dda0caacd5a93b21d9aff1f
Signed-off-by: Florin Coras <fcoras@cisco.com>
Ole Troan [Wed, 29 May 2019 10:34:20 +0000 (12:34 +0200)]
sample-plugin: refactor .api to use explicit types
Use explicit types in .api definition.
Change-Id: Ib4c3c4ab6282a6d443e3d19af029dc091b462dac
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Wed, 29 May 2019 10:30:05 +0000 (12:30 +0200)]
ipip: refactor ipip.api with explicit types
Use explicit types vl_api_address/prefix in ipip.api.
Change-Id: Ib3133cebdbe4437742924efd49cde4009c4cc31b
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
Damjan Marion [Wed, 29 May 2019 08:00:46 +0000 (10:00 +0200)]
dpdk: remove bonding code
We have native implementation and we should not maintain both....
Change-Id: Ic09ebffda52cdc733b3cfeff06690e0d3cc08084
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 29 May 2019 07:48:44 +0000 (09:48 +0200)]
dpdk: bump to 19.05
Change-Id: I738ff20a1ebb1cc70fb6ddb40791b6747cada372
Signed-off-by: Damjan Marion <damarion@cisco.com>
Alexander Chernavin [Thu, 16 May 2019 14:51:22 +0000 (10:51 -0400)]
NAT: create bypass in correct thread if workers>1
Change-Id: I70817579a09a7026f5fa7c8e71babded891ea285
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Dave Barach [Wed, 29 May 2019 17:46:35 +0000 (13:46 -0400)]
Start the dns resolver process on demand
Change-Id: Iab27b405fb3ca7aed94ae974d57c286c41298c3a
Signed-off-by: Dave Barach <dave@barachs.net>
Matthew G Smith [Wed, 22 May 2019 18:34:08 +0000 (13:34 -0500)]
IPsec: modify post-decrypt buf len calculation
For tunnel mode, after decryption the buffer length was being adjusted
by adding (iv length + esp header size). Subtract it instead.
Required for BFD to work on an IPsec tunnel interface. BFD verifies
that the amount of received data is the expected size. It drops the
packet if the buffer metadata says that the packet buffer contains
more data than the packet headers say it should.
Change-Id: I3146d5c3cbf1cceccc9989eefbc9a59e604e9975
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Zhiyong Yang [Thu, 30 May 2019 02:38:19 +0000 (22:38 -0400)]
mpls: leverage vlib_buffer_advance
Change-Id: I363a4444f4d296f04371acd65c702b1a1ce70913
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Zhiyong Yang [Thu, 30 May 2019 06:22:49 +0000 (02:22 -0400)]
osi_input: leverage vlib_buffer_get_current
Change-Id: Ib9297b712ff7d08bf085fb0b6c9e6ffd83c5fa57
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Jakub Grajciar [Thu, 23 May 2019 11:01:41 +0000 (13:01 +0200)]
gtpu: unit-test check udp ports
Change-Id: I3efbbb1aefb43ecdf7016541b97343f9ca41f842
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Damjan Marion [Wed, 29 May 2019 16:49:25 +0000 (18:49 +0200)]
ipsec: fix perf issue in esp_aad_fill
Type: fix
Fixes:
47feb11
Change-Id: I6b3b97cd361eef19c910c14fd06edb001a4c191b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Wed, 29 May 2019 14:19:56 +0000 (10:19 -0400)]
Start the cdp period process on demand
Change-Id: I219b270f905dad5939ab38e933712845c314286d
Signed-off-by: Dave Barach <dave@barachs.net>
Zhiyong Yang [Thu, 16 May 2019 09:24:17 +0000 (05:24 -0400)]
vxlan-gbp: prefetch encap header memory area
This patch helps save 4.1 clocks/pkt from 62.9 to 58.8
clocks/pkt on Skylake.
Change-Id: I749a88a8fa6c78243441a89d6afcd04f106af3da
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Dave Barach [Wed, 29 May 2019 13:59:51 +0000 (09:59 -0400)]
emacs-skeleton: improve generated .api files
Type cleanups:
s/u8/bool/ for "enable_disable"
s/u32/vl_api_interface_index_t/ for "sw_if_index"
Add an API version stamp.
Add a doxygen tag for the binary API.
Add Apache-2 licence text.
Change-Id: I2fa168336efb0f1d9b9b6dec945589cbc5fd5595
Signed-off-by: Dave Barach <dave@barachs.net>
Paul Vinciguerra [Tue, 28 May 2019 21:33:08 +0000 (17:33 -0400)]
Tests: vpp_pg_interface. Don't rewrite Dot1AD ethertype.
Type: Refactor
Change-Id: I42f65bcc76e4b0fcfbfe051c1c382a940bff1b3a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Klement Sekera [Thu, 16 May 2019 12:34:55 +0000 (14:34 +0200)]
make test: fix packet counter assert
Change-Id: Ic6e6ac0629bbf07f7dad1803a85aabfdccbc2035
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Damjan Marion [Fri, 24 May 2019 13:34:32 +0000 (15:34 +0200)]
dpdk: make sure each segment have initalized rte_mbuf
Change-Id: I0e28d059143fb7489d27a10c5b4a152d0d7dfb1f
Signed-off-by: Damjan Marion <damarion@cisco.com>
Ole Troan [Tue, 7 May 2019 08:32:40 +0000 (10:32 +0200)]
make: git commit template
Add a commit template for tagging of commits
with a type. Later tooling can then process
the commit log and generate reports of new features
etc.
Usage:
The template is automatically added to the current repository
by make install-dep.
(git config commit.template .git_commit_template.txt)
Type: make
Change-Id: I485d61f9852b7390e4f0539d737ab210f7b0723a
Signed-off-by: Ole Troan <ot@cisco.com>
Dave Barach [Tue, 28 May 2019 20:31:05 +0000 (16:31 -0400)]
Break out the broom for some cleanup work
Maintain the MAINTAINERS file. Removed src/plugins/*.am listings. Added
a couple of plugins.
Add vlib_process_create (vlib_main_t *vm, char *name,
vlib_node_function_t *f, u32 log2_n_stack_bytes);
/** @brief Create a vlib process
* @param vm &vlib_global_main
* @param f the process node function
* @param log2_n_stack_bytes size of the process stack, defaults to 16K
* @return newly-create node index
* @warning call only on the main thread. Barrier sync required.
*/
This function makes it easy to spin up periodic processes when features
are enabled for the first time. That coding pattern is highly recommended.
Update the emacs-lisp plugin generator to use vlib_process_create,
instead of generating static periodic process nodes.
Change-Id: Icda33e93b9034779d3a3e228cd1110af14b058a5
Signed-off-by: Dave Barach <dave@barachs.net>
Paul Vinciguerra [Fri, 24 May 2019 10:36:26 +0000 (06:36 -0400)]
map: Use vl_api_string macros.
* Add optional tag to api call in tests
* Add test for map_domain_dump() for api code coverage.
Type: fix
Change-Id: I2f7784aecdca4bf9e94de3319f959786e3d2c607
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Sun, 19 May 2019 02:09:28 +0000 (22:09 -0400)]
plugins: http_static. Migrate to use api string type.
This is not my core competency.
Reviews/feedback/suggestions welcomed. ;)
Tested with:
rv = self.vapi.http_static_enable(
fifo_size = 1,
cache_size_limit =
1000000,
prealloc_fifos = 0,
private_segment_size = 0,
uri="tcp://0.0.0.0/80",
www_root = "/var/tmp/run/vpp/html"
)
DBGvpp# show http static server
www_root /var/tmp/run/vpp/html, cache size 0 bytes, limit
1000000 bytes, evictions 0
Change-Id: I0f660753317ceedab89da1b65701a24d6f7145de
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Korian Edeline [Fri, 24 May 2019 13:40:08 +0000 (15:40 +0200)]
nsim: remove buffer u32 upper bound
Extreme BDP flows requires more buffer memory.
Change-Id: I1134be248c6bdd719fa1a033bca41414ceb73371
Signed-off-by: Korian Edeline <korian.edeline@ulg.ac.be>
jdenisco [Tue, 28 May 2019 13:58:33 +0000 (13:58 +0000)]
docs: Add some packages for building the docs
Change-Id: I7af427ba6378ddd8480a153a65ec11c578bab12e
Signed-off-by: jdenisco <jdenisco@cisco.com>
Jakub Grajciar [Mon, 27 May 2019 10:23:57 +0000 (12:23 +0200)]
l2tp: l2tp-decap-local don't accept packets unless configured
Change-Id: I2e48eb772dc44912192d0684b8ee631d8d975e9e
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Alexandre Poirrier [Tue, 7 May 2019 08:43:41 +0000 (10:43 +0200)]
make test: add option in pg interfaces for duplicating packets
Change-Id: Ia6d6de5de0414291d5637fb4b8c1480925f646d3
Signed-off-by: Alexandre Poirrier <apoirrie@cisco.com>
Code Review / vpp.git / log