Neale Ranns [Fri, 14 Jun 2019 08:13:25 +0000 (01:13 -0700)]
ipsec: Correctly rewind the buffer to the IP header when punting UDP encapped SPI-0 packets
Type: fix
Fixes:
b71fa75d48
Change-Id: I2d81b373f7659e702759939c096b315afa36f621
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 14 Jun 2019 08:26:21 +0000 (08:26 +0000)]
interface: interface dump API check validity of sw_if_index
Type: fix
Fixes:
6407ba56
Change-Id: I6d3ce68962986921e04aa00c989d8afa157ebcb8
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 14 Jun 2019 09:09:43 +0000 (02:09 -0700)]
misc: Update MAINTAINERS to include interface common
Type: feature
Change-Id: I72f35444c73c6a7099d34f7d5031cbe82cbdd383
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Wed, 12 Jun 2019 16:04:02 +0000 (09:04 -0700)]
crypto-ia32: fix typo in ifdef for avx512 version
Type: Fix
Fixes:
dd2423ef
Change-Id: I76f0ed5027161c396186845043f5afe395c20280
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 13 Jun 2019 14:42:54 +0000 (07:42 -0700)]
ipsec: remove spurious warnings
Type: fix
Fixes:
999c8ee6d6
Change-Id: Idcdddbe45f2e0adfd375b07199bb30f77c28702d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Guoao Sun [Tue, 11 Jun 2019 14:07:21 +0000 (22:07 +0800)]
tcp: fix tcp_do_fastretransmits failure.
Type: fix
vpp would fail 'tcp_in_fastrecovery (tc)' if tcp_connection_get returns 0.
Change-Id: I512cba5234b3777f1737bec9451940e7e7975f15
Signed-off-by: Guoao Sun <guoao.sun@intel.com>
Filip Tehlar [Tue, 21 May 2019 08:11:21 +0000 (08:11 +0000)]
ipsec: ah_decrypt rework
This patch refactors AH decrypt node in such way that it calls crypto
backend only once per node call.
Type: refactor
Change-Id: I0dc72ff699042a151e64d44f76f791c5136ec009
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Damjan Marion [Wed, 12 Jun 2019 20:41:21 +0000 (22:41 +0200)]
avf: add README.md section about spoofing check
Type: docs
Change-Id: I4ae65ed22275abf0d15045f3b09625d6aaa3b67b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Wed, 12 Jun 2019 20:50:38 +0000 (16:50 -0400)]
infra: fix minor memory leak in "api trace..."
Build api trace message print fns into the built-in copy of api_format.c
Optimize memory allocator behavior when the api trace wraps.
Type: Fix
Change-Id: If799d8784a459f981fc9ee3a3ca03d3f63b2bcd0
Signed-off-by: Dave Barach <dave@barachs.net>
Paul Vinciguerra [Wed, 12 Jun 2019 17:13:22 +0000 (13:13 -0400)]
static_http: Typo in short_help.
Type: fix.
Change-Id: I48587c5eba6de6de820d348177b6733d0b048013
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Tue, 11 Jun 2019 19:31:31 +0000 (12:31 -0700)]
session: use session handles as app listener handles
Type: refactor
Change-Id: I421750147a8a821bd0b522daf6c2b7239e551f12
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 12 Jun 2019 18:26:35 +0000 (11:26 -0700)]
tcp: better estimate snd space for rxt with no sacks
Type: refactor
Use tcp_available_cc_snd_space instead of sack scoreboard
last_delivered_bytes to estimate available space when retransmitting
with no sack support
Change-Id: I938c637279eaf8c5634c4e97f0633fa2d0054fac
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 12 Jun 2019 15:12:58 +0000 (08:12 -0700)]
tcp: add cc stats plotting tools
Type: feature
cc_plot.py can plot cc stats collected via elogs from tcp connections.
To enable the collection of cc stats, tcp must be compiled with
TCP_DEBUG_CC_STAT turned on.
Once the tests have been carried out, and elogs have been saved with "ev
save log <file>", the logs can be converted to txt format with the
convert_evt script. The resulting file can be used as input to the
cc_plots script.
Change-Id: I16df2993fa09cab9ad35f91825eab7df4da6428b
Signed-off-by: Florin Coras <fcoras@cisco.com>
Damjan Marion [Wed, 12 Jun 2019 15:41:39 +0000 (17:41 +0200)]
misc: add check_commit_msg.sh script
Type: feature
Change-Id: I5e04991afd7500673db121e4529275e9aff15e65
Signed-off-by: Damjan Marion <damarion@cisco.com>
Vratko Polak [Wed, 12 Jun 2019 14:43:06 +0000 (16:43 +0200)]
papi: make socket disconnect more robust
Previusly, read error could happen before message_thread starts,
so do not attempt to join in that case.
Change-Id: Ie119916831e320e38eb02e48515b4c6a9cb937e5
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Paul Vinciguerra [Fri, 7 Jun 2019 19:01:12 +0000 (15:01 -0400)]
tests: filter sw_interface_dump in tests.
Type: test
Change-Id: I92921444ef6b0e574701398cf57971c9ecc1cc91
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Wed, 12 Jun 2019 15:57:24 +0000 (08:57 -0700)]
maintainers: add vcl
Change-Id: I29545cadcf0b764b931d14b0c3ec51d728d29504
Signed-off-by: Florin Coras <fcoras@cisco.com>
Damjan Marion [Tue, 11 Jun 2019 18:12:23 +0000 (20:12 +0200)]
buffers: fix vlib_buffer_free_no_next
Type: fix
Fixes:
910d369
Change-Id: I0e8380cd2b0dc038a028d9cf2568741059de460f
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 12 Jun 2019 12:40:28 +0000 (14:40 +0200)]
misc: update MAINTAINERS file
Type: make
Change-Id: I082ae7af9a8d10d6caddf401d3fa843844503b26
Signed-off-by: Damjan Marion <damarion@cisco.com>
Zhiyong Yang [Tue, 11 Jun 2019 02:23:11 +0000 (22:23 -0400)]
lacp: cleanup unnecessary pointer cast
Change-Id: Idc3a7588dc73e7180a15b6ace3684d3c12986b9d
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Filip Varga [Tue, 11 Jun 2019 08:45:21 +0000 (10:45 +0200)]
NAT: interface fib fix (VPP-1691)
Change-Id: I2d1e2addb2e440c23c255ac7709169f7909cb0be
Signed-off-by: Filip Varga <fivarga@cisco.com>
Florin Coras [Tue, 11 Jun 2019 21:33:03 +0000 (14:33 -0700)]
vlib: avoid retrieving freed file in epoll
Type:fix
Change-Id: Id7f4f6e2a2f844085f511a33aa1db3968f5d97bb
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Tue, 11 Jun 2019 08:39:08 +0000 (01:39 -0700)]
ip: punt coverity fix of CLI input
Type: fix
Change-Id: Ia73cbe2fba0a364d966daed0b5d5d2ac7499f86d
Signed-off-by: Neale Ranns <nranns@cisco.com>
jialv01 [Tue, 11 Jun 2019 06:00:20 +0000 (14:00 +0800)]
fix compiling error with marvell pp2 plugin
fix compile issue
"src/plugins/marvell/pp2/pp2.c:247:62: error: 'vm' undeclared (first use in this function)"
Change-Id: Ia23e21b07c29faefa6e363816a220e312adba81c
Signed-off-by: Jianlin Lv <Jianlin.Lv@arm.com>
Zhiyong Yang [Tue, 11 Jun 2019 05:08:20 +0000 (01:08 -0400)]
lacp: remove duplicated code
Change-Id: I0fb646c350b392d69658ba4188ae25e0f0a6cdc1
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Florin Coras [Mon, 10 Jun 2019 23:22:48 +0000 (16:22 -0700)]
ssvm: disable private segment expand
Change-Id: I893621d9a6520c6e24026a9bbaf44e9e69f60bcb
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Mon, 10 Jun 2019 15:33:50 +0000 (08:33 -0700)]
tcp: allow registration of new cc algo types
Type: feature
Change-Id: I83e21b508a19df1beb207d961c8f2b52347deca0
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Sun, 9 Jun 2019 16:24:33 +0000 (09:24 -0700)]
svm: improve fifo segment show
Type: refactor
Change-Id: I6933205cfb04bc31cabe6e3b1a8044cace93f84c
Signed-off-by: Florin Coras <fcoras@cisco.com>
Dave Barach [Sat, 8 Jun 2019 16:33:13 +0000 (12:33 -0400)]
mactime: add per-mac allow-with-quota feature
Specify a data limit during specified time ranges. Outside of the
specified time ranges, data will be allowed.
Clean up "show mactime" output.
Type: feature
Change-Id: Iddd6678e7ded1d0f9cb88d69c656de8d87d5694c
Signed-off-by: Dave Barach <dave@barachs.net>
dongjuan [Tue, 4 Jun 2019 02:59:02 +0000 (10:59 +0800)]
trace frame-queue on trigger out of memory
FRAME_QUEUE_NELTS is 64 in thread.c
Change-Id: Ie7e5962afe05dfc7f38e3d597dabc74dcc2dab8d
Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
Florin Coras [Fri, 7 Jun 2019 19:38:55 +0000 (12:38 -0700)]
tcp: send challenge ack for in wnd syn
Type: fix
Per rfc793, in window syns for established connections should lead to
connection resets. As a mitigation for blind reset attacks, rfc5961
requests that such syns be replied to with challange acks.
Change-Id: I75e4972bbb515e48d9cf1bda32ea5d9891d670f0
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 7 Jun 2019 22:31:06 +0000 (15:31 -0700)]
tcp: close connection if not recovered after max tries
Type: feature
Change-Id: Ia8af6a62a2be2265bc42955d90e8c2222bdb8f50
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 7 Jun 2019 16:35:20 +0000 (09:35 -0700)]
tcp: add cc cleanup function
Type: feature
Change-Id: I54521078cf96e459d041c86297c6ca80045bf0a3
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Wed, 5 Jun 2019 10:28:17 +0000 (10:28 +0000)]
bfd: UT for BFD session over GRE tunnel
Signed-off-by: Neale Ranns <nranns@cisco.com>
Adding UT for BFD over GRE tunnel.
Ticket: none
Type: test
Change-Id: I03eca4a0c7114cdc16fde9be4cd6db6216b8c845
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Fri, 7 Jun 2019 14:03:01 +0000 (07:03 -0700)]
tcp: log connect notify errors
Type: fix
Change-Id: Idf0b2e16b2e7d126940bb38c7983d6784b5bfdc8
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Fri, 7 Jun 2019 12:17:07 +0000 (05:17 -0700)]
ipsec: export ipsec_punt.h
Change-Id: Ib489922af246b7dc3e770a57e51b87a2568a014d
Type: fix
Fixes:
b71fa75d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 7 Jun 2019 06:52:36 +0000 (02:52 -0400)]
ip: ip4 lookup performance bump with the usual receipe
2.77e1 v. 2.81e1
Type: performance
Change-Id: I896ec77818603f17aaa622073dafc626570326f1
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 7 Jun 2019 07:54:21 +0000 (03:54 -0400)]
VOM-test: fix the UT post BVI and Bridge-domain changes
Change-Id: Ibd9059e616f46f7017e397262bf4c0606d81eb0c
Signed-off-by: Neale Ranns <nranns@cisco.com>
Benoît Ganne [Tue, 30 Apr 2019 09:50:46 +0000 (11:50 +0200)]
build: add -Wall and -fno-common, fix reported issues
Type: refactor
Change-Id: I8489ccd54411c2aa9355439c5641dc31012c64a2
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Steven Luong [Wed, 5 Jun 2019 17:52:35 +0000 (10:52 -0700)]
lacp: create lacp-process on demand
Create lacp-process when the very first slave interface is added to the bond.
Log an event message when lacp-process starts/stops.
Be mindful when lacp-process is signalled to stop.
Type: refactor
Change-Id: I79e10e0a2a385a21a52ae5b8735f24631fdba293
Signed-off-by: Steven Luong <sluong@cisco.com>
Neale Ranns [Thu, 6 Jun 2019 13:28:14 +0000 (13:28 +0000)]
ipsec: remove the set_key API
there's no use case to just change the key of an SA. instead the SA
should be renegociated and the new SA applied to the existing SPD entry
or tunnel.
the set_key functions were untested.
Type: refactor
Change-Id: Ib096eebaafb20be7b5501ece5a24aea038373002
Signed-off-by: Neale Ranns <nranns@cisco.com>
Ole Troan [Fri, 7 Jun 2019 09:02:58 +0000 (11:02 +0200)]
gre: update gre.api with explicit types
Change-Id: I0036c216b79afb66b982b1b6a7e81f738f3b61dc
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Tue, 30 Apr 2019 08:04:36 +0000 (10:04 +0200)]
API: Add support for "defaults"
Add support in the API language for specifying a field default.
Add default support in Python binding.
define foo {
u16 mtu [default = 1500];
};
This is client side only. I.e. if the mtu argument is not passed to the foo function,
the client language binding will set it default to 1500.
Change-Id: I5df43f3cd87cb300b40ca38e15dcab25b40e424a
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Wed, 24 Apr 2019 12:31:18 +0000 (14:31 +0200)]
vppapigen: Fold up CRC from dependent types.
Change-Id: Id51f26f225cd567ca19efc2301e94fa88840ae8f
Signed-off-by: Ole Troan <ot@cisco.com>
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Fri, 7 Jun 2019 08:59:25 +0000 (10:59 +0200)]
p2p ethernet: update p2p_ethernet.api with explicit types.
Change-Id: Id6b2c2321c5f1d56e7cfab24a7c1641b38e94e19
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
Paul Vinciguerra [Fri, 15 Mar 2019 16:39:19 +0000 (09:39 -0700)]
tests: framework gracefully handle 'VppTransportShmemIOError'
Catches:
----
Traceback (most recent call last):
File "/vpp/test/framework.py", line 593, in tearDown
self.logger.info(self.vapi.ppcli("api trace save %s" % api_trace))
File "/vpp/test/vpp_papi_provider.py", line 413, in ppcli
return cli + "\n" + str(self.cli(cli))
File "/vpp/test/vpp_papi_provider.py", line 402, in cli
r = self.papi.cli_inband(cmd=cli)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 100, in __call__
return self._func(**kwargs)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 414, in f
return self._call_vpp(i, msg, multipart, **kwargs)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 634, in _call_vpp
msg = self.transport.read()
File "/vpp/src/vpp-api/python/vpp_papi/vpp_transport_shmem.py", line 120, in read
raise VppTransportShmemIOError(rv, 'vac_read failed')
VppTransportShmemIOError: [Errno -1] vac_read failed
----
Change-Id: I767e48c4d03081eb5df6a8aa67da7e192d25e4cc
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 11:06:09 +0000 (07:06 -0400)]
vpp_papi: Context_id allocator for running forked.
When running forked, distinct copies of the 'get_context'
singleton are created for each process. To run under forked processes,
(as with make test TEST_JOBS=10), we need to use a shared
memory value across the processes.
Type: fix
Change-Id: I9eab8ce46ec23584e5bd651735ad75fd3f018e1a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 11:38:42 +0000 (07:38 -0400)]
vpp_papi: Fix missing dependency.
Since we test vpp_papi as part of tests, the need for
ipaddress under python2.7 is masked.
Add ipaddress to setup.py for python <=3.3.
Change-Id: I01c2f5560eeb740e546024e84028d5a2fb2ace45
Type: fix
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
dongjuan [Fri, 17 May 2019 07:47:55 +0000 (15:47 +0800)]
no trigger nat ipfix flush in first worker
Change-Id: I4dbeed0b94003a698e9218648d4b352db6fbb70e
Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
Paul Vinciguerra [Thu, 6 Jun 2019 14:49:46 +0000 (10:49 -0400)]
vpp_papi: Fix format_vl_api_address_t under python3.
Under PY3, inet_pton returns OSError, not socket.error.
Type: fix
Change-Id: Id270a684c0ab124cbe1ddcb7123e14e85af844b8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Matthew G Smith [Wed, 22 May 2019 19:49:24 +0000 (14:49 -0500)]
bfd: midchain adjacency support
Support an adjacency with lookup_next_index of IP_LOOKUP_NEXT_MIDCHAIN
so tunnel interfaces can have BFD configured on them.
Also, check if the interface a session is configured on is up
and skip assembling the packet and calculating the checksum if
the interface is down.
Change-Id: I44f76478d0fc1592e3491dd9368819a5c957e74a
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Paul Vinciguerra [Thu, 6 Jun 2019 19:25:44 +0000 (15:25 -0400)]
vpp_papi: Accept ipaddress.Network objects on prefix_t methods.
vl_api_prefix_t returns ipaddress.<IPv[46]>Network objects.
Accept Network objects as well as existing string format.
Type: refactor.
Change-Id: Iba5403724a7b3e1da3b3740027fccd43631bf31e
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 21:14:37 +0000 (17:14 -0400)]
vpp_papi: Fix vapi.disconnect exception.
Traceback (most recent call last):
File "/vpp/test/framework.py", line 521, in setUpClass
cls.quit()
File "/vpp/test/framework.py", line 556, in quit
cls.vapi.disconnect()
File "/vpp/test/vpp_papi_provider.py", line 308, in disconnect
self.vpp.disconnect()
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 500, in disconnect
if self.event_thread is not None:
AttributeError: 'VPPApiClient' object has no attribute 'event_thread'
Type: fix
Change-Id: I7a8db08b0922bf92ab42df121b1707073af9cedf
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 6 Jun 2019 22:01:07 +0000 (18:01 -0400)]
tests: fix broken test test_gtpu.py TestGtpuUDP
Test failing due to call to super.tearDown in setUp.
==============================================================================
FAIL: test UDP ports
------------------------------------------------------------------------------
Traceback (most recent call last):
File "/vpp/test/test_gtpu.py", line 77, in test_udp_port
self._check_udp_port_ip4(False)
File "/vpp/test/test_gtpu.py", line 48, in _check_udp_port_ip4
self.assertEqual(err, self.ip4_err + 1)
AssertionError: 0L != 1
Type: fix
Change-Id: Iec4ef5edd3ee11bcd962b77cc8159dee9cb15687
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Thu, 6 Jun 2019 16:38:44 +0000 (09:38 -0700)]
vcl: avoid hash table lookup on accept
Type: refactor
Change-Id: I363a97b9f5ab0dbda78e13582630e78d57fb83e7
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 5 Jun 2019 17:47:16 +0000 (10:47 -0700)]
vcl: cap epoll dequeue batch size to max events
Type: fix
Change-Id: Ia9be1413cf9423552137885521cefdbecc3e5df5
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Ping Yu <ping.yu@intel.com>
Neale Ranns [Mon, 3 Jun 2019 13:21:40 +0000 (13:21 +0000)]
IP-Punt-redirect: allow the use of a FIB path to describe how to
redirect
Change-Id: I2a3ba2a3d73ea8511e3a511855b041432328f0a8
Signed-off-by: Neale Ranns <nranns@cisco.com>
Filip Tehlar [Tue, 4 Jun 2019 01:22:55 +0000 (01:22 +0000)]
dpdk: fix clear hw stats
.. and remove helper stat struct for keeping last cleared stats.
This is not needed anymore as dpdk lib provides rte_eth_dev_reset().
Change-Id: I78076e689aac7ca70836ce688dfa8e704f64cd84
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Thu, 6 Jun 2019 10:35:07 +0000 (10:35 +0000)]
DVR: Control the reinject as L2 or L3 based on the output interface type
Change-Id: Ib4cdbe8a6a1d10a643941c13aa0acbed410f876c
Type: Feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Mon, 20 May 2019 10:27:33 +0000 (12:27 +0200)]
reassembly: support more custom options for apps
Change-Id: Ib9f98fba5a724480ca95f11a762002c53e08df70
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Benoît Ganne [Wed, 5 Jun 2019 17:08:40 +0000 (19:08 +0200)]
gbp: fix lpm classification with vlan
Fix GBP LPM packet classification in the presence of a VLAN header.
Change-Id: I2ff63b34f7475d696b10b5a245ff802bbb1ff01a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 5 Jun 2019 17:11:11 +0000 (19:11 +0200)]
gbp: do not classify unknown packet as EP packets
If we fail to classify the packet based on LPM we must not classify it
based on the EP sclass.
Change-Id: Ie234e0c87bd44976c3c57c818359c93f7d99ab84
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Hongjun Ni [Tue, 4 Jun 2019 10:58:58 +0000 (18:58 +0800)]
lb: crashed with some specific commit under heavy traffic
- When deleting VIP member with flush, VPP will crash.
- When deleting VIP member without flush, vpp won't crash.
- This crash is almost 100% reproductive.
Ticket: VPP-1680
Type: fix
Change-Id: Ia4e8f9e0f987176c7f6ec52c92e66563f313b0c3
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
Filip Tehlar [Mon, 3 Jun 2019 23:36:10 +0000 (23:36 +0000)]
ipsec: fix combined counters in ah-encrypt node
Type: fix
Fixes:
1197449
Change-Id: Icdda3c667ba76542ea3af5d66cc7c3fb10ade1ca
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Damjan Marion [Wed, 5 Jun 2019 13:45:50 +0000 (15:45 +0200)]
ipsec: fix sa counters in esp-encrypt
Type: fix
Fixes:
c59b9a2
Change-Id: I6021e67196a4d31ab11d4e3cfbda34b678150701
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 5 Jun 2019 13:42:54 +0000 (15:42 +0200)]
ipsec: fix sa counters in esp-decrypt
Type: fix
Fixes:
b4fff3a
Change-Id: I2552cbc0a02e7445825a5a4ce290cde3d10c5f0b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Sirshak Das [Tue, 28 May 2019 13:46:27 +0000 (08:46 -0500)]
Switch atomic release API from __sync to __atomic builtin.
__sync_lock_release switched to __atomic_store for code consitency,
although both generate same instructions with current compilers.
Change-Id: I37d320509e43a4c2b8a49af6346dc4a43ca2f535
Signed-off-by: Sirshak Das <sirshak.das@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
Sirshak Das [Tue, 28 May 2019 13:44:46 +0000 (08:44 -0500)]
Switch atomic test and set API from __sync to __atomic builtin
__sync_test_and_set uses full memory barriers for AArch64,
__atomic_exchange(ACQUIRE) would use load acquire.
Change-Id: Ifdf2481db3b9dde6c5842d75671402862adb6d81
Signed-off-by: Sirshak Das <sirshak.das@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
Steven Luong [Wed, 5 Jun 2019 05:29:39 +0000 (22:29 -0700)]
avf: enable promiscuous mode
In order to receive multicast packets from the VF interface, promiscuos
mode must be enable.
Type: fix
Fixes:
b4ff07a
Change-Id: I549bc37a05895d3355f2832c200e9262c95a27b5
Signed-off-by: Steven Luong <sluong@cisco.com>
mu.duojiao [Mon, 29 Apr 2019 09:29:44 +0000 (17:29 +0800)]
In ip6_mfib_forward_rpf_node,is_v4 should be 0.
Change-Id: I9de63cebfcef8898d0ea4c9c2b7451b168b06c2c
Signed-off-by: mu.duojiao <mu.duojiao@zte.com.cn>
Neale Ranns [Wed, 22 May 2019 13:26:39 +0000 (13:26 +0000)]
L3 cross connect
- all packets input on interface X are load-balanced over the set of
paths provided.
Change-Id: Ic27cb88c4cd5d6d3462570632daff7a43d5a652d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Tue, 4 Jun 2019 15:37:34 +0000 (15:37 +0000)]
IPSEC: some CLI fixes
Change-Id: I45618347e37440263270baf07b2f82f653f754a5
Signed-off-by: Neale Ranns <nranns@cisco.com>
Paul Vinciguerra [Tue, 28 May 2019 19:40:47 +0000 (15:40 -0400)]
Tests: simple refactor in vpp_pg_interface.
Pull common code into a single method.
Type: refactor
Change-Id: Ic540d23eebbd17f838ed7a1a9dee80815a27847c
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Steven Luong [Fri, 31 May 2019 14:34:39 +0000 (07:34 -0700)]
elog: make elog_string() multi-thread safe
elog is supposed to be thread safe. Yet elog_string() is not. To fulfill
that promise, let's make elog_string() thread safe to avoid surprises.
Change-Id: Iab82faa7cb6719777a66c3ff14775e59a6a68a20
Signed-off-by: Steven Luong <sluong@cisco.com>
Neale Ranns [Tue, 4 Jun 2019 13:31:23 +0000 (13:31 +0000)]
punt: fix the set_punt API/CLI which was rejecting valid ports
add a UT for the API
Change-Id: I93fb6ec2c5f74b991bf7f229250a30c0395b8e24
Signed-off-by: Neale Ranns <nranns@cisco.com>
Jakub Grajciar [Tue, 4 Jun 2019 11:16:42 +0000 (13:16 +0200)]
features will register udp ports once configured
plugins:
- ipfixcollector
vnet:
- geneve
- vxlan_gpe
- vxlan
Change-Id: I69a8b4017ee6990f2b4874fe3e94c4520bde7101
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Guillaume Solignac [Mon, 20 May 2019 13:58:46 +0000 (15:58 +0200)]
Fix: bug prevented IPsec ipv4 SPDs to show correctly
Because of the initialisation of the end of the range, the command show ipsec spd
on an ipv4 SPD didn't work correctly.
Change-Id: I3582382197bb6edef4fb077aac1e927ef4581cbf
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Dave Barach [Mon, 3 Jun 2019 23:48:22 +0000 (19:48 -0400)]
sort worker-thread init functions in advance
Otherwise, all N worker threads try to sort the list at the same time:
a good way to have a bad day.
This approach performs *far* better than maintaing order by adding a
spin-lock. By direct measurement w/ elog + g2: 11 threads execute the
per-thread init function list in 22us, vs. 50ms with a CLIB_PAUSE()
enabled spin-lock.
Change-Id: I1745f2a213c0561260139a60114dcb981e0c64e5
Signed-off-by: Dave Barach <dave@barachs.net>
Ole Troan [Tue, 4 Jun 2019 10:33:32 +0000 (12:33 +0200)]
stats: removing empty object in stats vector
Type: fix
Change-Id: I9b6bdacdb9a0750834de9a93d8c3f7ed827ce3c8
Signed-off-by: Ole Troan <ot@cisco.com>
Neale Ranns [Tue, 21 May 2019 13:54:54 +0000 (06:54 -0700)]
Punt: specify packets by IP protocol Type
Change-Id: I0c2d6fccd95146e52bb88ca4a6e84554d5d6b2ed
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Mon, 3 Jun 2019 14:23:30 +0000 (10:23 -0400)]
mactime: upstream new features
Add per mac address data quotas (simple version)
Add mini-ACLs to turf "call home" traffic from a certain species of
security DVR.
Add FEATURE.yaml
Update the API version number
Type: feature
Feature-name: mactime
Change-Id: Ida6945f7791ab43909afa68dcf2f652b20c53afd
Signed-off-by: Dave Barach <dave@barachs.net>
Filip Tehlar [Mon, 3 Jun 2019 08:13:21 +0000 (08:13 +0000)]
dpdk: rework extended stats
Change-Id: I421192e1921d4c9c5486a6dcca745582aebf4e3e
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Zhiyong Yang [Tue, 4 Jun 2019 02:28:06 +0000 (22:28 -0400)]
startup: remove dpdk linking bonding configuration
As dpdk linking bonding code has been removed by the patch
https://gerrit.fd.io/r/#/c/19867/, corresponding configuration
info should be removed.
Change-Id: I048ae068619c83190252a75284bd5306ce61611e
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Zhiyong Yang [Tue, 4 Jun 2019 02:58:44 +0000 (22:58 -0400)]
srp: leverage vlib_buffer_get_current
Change-Id: I8e4592734cd8343cd95b32ad8617fed4aec3f590
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Mohsin Kazmi [Wed, 29 May 2019 15:16:34 +0000 (11:16 -0400)]
vom: Add bridge domain unknown unicast flooding flag
UU flood can be disabled or enabled using this flag in a bd.
Change-Id: I799be2742b599783eec019b5fd295c3b940eb3e8
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Benoît Ganne [Mon, 27 May 2019 16:36:46 +0000 (18:36 +0200)]
GBP: add subnet cli command
Change-Id: I0f631da9d13df2d9c32bad879b2a6034cb847378
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Neale Ranns [Wed, 29 May 2019 13:58:43 +0000 (13:58 +0000)]
ARP: add feature arc
- arp-input, registered with the ethernet protocol dispatcher, performs
basic checks and starts the arc
- arp-reply; first feature on the arc replies to requests and learns
from responses (no functional change)
- arp-proxy; checks against the proxy DB
arp-reply and arp-proxy are enabled when the interface is appropriately
configured.
Change-Id: I7d1bbabdb8c8b8187cac75e663daa4a5a7ce382a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Wed, 22 May 2019 14:30:01 +0000 (16:30 +0200)]
crypto_ia32: native AES-GCM implementation
Change-Id: I006a150577e897731649f21908b4789e2eb485c3
Signed-off-by: Damjan Marion <damarion@cisco.com>
Mohsin Kazmi [Mon, 27 May 2019 16:36:15 +0000 (18:36 +0200)]
vom: Add bridge domain arp unicast forwarding flag
Change-Id: Iede47e8d9e168125bcd938cca6182c9270dcb5c4
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Neale Ranns [Sun, 2 Jun 2019 06:01:42 +0000 (06:01 +0000)]
IPSec: memcpy of integ key bork
Change-Id: Icd76769d841792eb2d59ffc23c557dcca9ddc580
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Fri, 31 May 2019 12:41:34 +0000 (08:41 -0400)]
VPP-1692: move NULL pointer check
TBH, this looks like merge damage or some such. Perfectly fine NULL pointer
check, about three lines after it was needed.
Change-Id: I52831062e30533a59fb76b644ee5ae389676d2ae
Signed-off-by: Dave Barach <dave@barachs.net>
Ole Troan [Tue, 14 May 2019 11:24:10 +0000 (13:24 +0200)]
tools: FEATURE.yaml meta-data infrastructure
Add tooling for feature metadata configuration files.
The main tool is in src/scripts/fts.py
make checkfeaturelist to validate against schema.
make featurelist to dump all feature lists to stdout.
Example feature definition:
name: IP in IP tunnelling
maintainer: Ole Troan <ot@cisco.com>
features:
- IPv4/IPv6 over IPv4/IPv6 encapsulation:
- Fragmentation and Reassembly
- Configurable MTU
- Inner to outer Traffic Class / TOS copy
- Configurable Traffic Class / TOS
- ICMPv4 / ICMPv6 proxying
- 6RD (RFC5969):
- Border Relay
description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as
described in RFC2473. This module also implement the border relay of
6RD (RFC5969)."
state: production
properties: [API, CLI, STATS, MULTITHREAD]
missing:
- Tunnel PMTUD
- Tracking of FIB state for tunnel state
- IPv6 extension headers (Tunnel encapsulation limit option)
JSON schema is embedded in fts.py
Example markdown: https://github.com/otroan/scratch/blob/master/features.md
Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da
Type: make
Signed-off-by: Ole Troan <ot@cisco.com>
Billy McFall [Thu, 16 May 2019 13:13:50 +0000 (09:13 -0400)]
VPP-1640 - Missing rules in vpp-selinux-policy
SELinux exceptions occurring for host interfaces and with the
vmxnet3 driver.
Change-Id: Ia22bd82572acfa07ae287a755830abe1413f9939
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Billy McFall [Thu, 16 May 2019 19:58:58 +0000 (15:58 -0400)]
VPP-1679 - SElinux rules are not set accordingly
Updates to the VPP SELinux policy to support the MLX5 DPDK driver.
Change-Id: I089ede88a5e9c4152178f8cf9be5ee14d8a9130f
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Billy McFall [Thu, 16 May 2019 20:54:44 +0000 (16:54 -0400)]
VPP-1640 - Missing rules in vpp-selinux-policy
Add additional section to the SELinux documentation to describe how to
collect debug information when SELinux issues are encountered. This is
purely a documentation change.
Note: Merged seperate from SELinux Policy change in case policy change
needs to be cherry-picked to older releases.
Change-Id: I7ba3d3c7d84171b503d956eb01e13a680b4d53fc
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Damjan Marion [Thu, 30 May 2019 14:37:01 +0000 (16:37 +0200)]
crypo_ia32: don't optimize debug builds
Type: fix
Fixes:
d5023a72
Change-Id: I17cf7887d1274cf3ca9301ec87b8c8f539359456
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Thu, 30 May 2019 23:48:12 +0000 (19:48 -0400)]
Update vnet hardware flags if link state changes
Explains a variety of hard-to-diagnose problems with certain Atom and
Denverton NIC types.
I finally tripped over a highly-repeatable failure: home gateway
use-case bitten by refusal to negotiate a DHCP lease for the trunk
port.
The dhcp client won't send pkts unless VNET_HW_INTERFACE_FLAG_LINK_UP
is set on the tx hw interface:
/* Interface(s) down? */
if ((hw->flags & VNET_HW_INTERFACE_FLAG_LINK_UP) == 0)
return;
Change-Id: I17ef2ba7b39078555fa27d2d874a60c67e1530ee
Signed-off-by: Dave Barach <dave@barachs.net>
Zhiyong Yang [Wed, 15 May 2019 08:25:20 +0000 (04:25 -0400)]
bonding: add support for numa awareness
This patch enables bonding numa awareness on multi-socket
server working in active-backeup mode.
The VPP adds capability for automatically preferring slave
with local numa node in order to reduces the load on the
QPI-bus and improve system overall performance in multi-socket
use cases. Users doesn't need to add any extra operation as
usual.
Change-Id: Iec267375fc399a9a0c0a7dca649fadb994d36671
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
jackiechen1985 [Fri, 24 May 2019 03:59:49 +0000 (11:59 +0800)]
nat44: fix CLI doc error
Change-Id: Iac6bd29389839c9eb8c1ff2105b4da69b6e1ce3e
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
Neale Ranns [Mon, 27 May 2019 12:21:32 +0000 (08:21 -0400)]
IP load-balance; perf improvement using the usual reciepe
before and after:
ip4-load-balance 1.54e1
ip4-load-balance 1.36e1
p.s. Quad loops were not beneficial
Change-Id: I7bc01fc26288f0490af74db2b1b7993526c3d982
Signed-off-by: Neale Ranns <nranns@cisco.com>
Code Review / vpp.git / log