First genaration of AVF APIs we currently use doesn't support more...
Type: improvement
Change-Id: I1ae27f322403a2b455fcad8b028fa2004b449789
Signed-off-by: Damjan Marion <damarion@cisco.com>
With socket api, applications should not expect reply after worker del
msg. VCL in particular closes the socket after it enqueues the message.
Found by ASAN.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1be02a0cde6b96a96edb709f3fe30bbc01ff2d24
LDP workers is used as vector but was initialized as a pool. There was
no side effect but ASAN does not properly unpoison memory and this
triggers false used-after-poison crashes.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie769dad0e86ab970de9929800d0a4131f846e70e
We might have less than 1 mss when attempting write but more after
write, as application could be actively enqueuing more data. Relax
assert.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I54a83c4460f8e022a88758f0ebd7828df711dbb9
During recovery, send unsent data even if less than mss available as
application is not guaranteed to provide more.
This should speed up recovery when all data in flight was lost.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7a3c73a0d04d93d51a5910d85450c173c3ad8e93
fix asan failure when params number is less then 3:
functions that are set as format_half_open pointer values have
different number of arguments
Type: fix
Fixes: de9a849a18
Change-Id: I6b6e1adf4ffc0c1ec847613f00fe269af640d42b
Signed-off-by: Georgy Borodin <bor1-go@yandex-team.ru>
Pass a correct form of node variant config in tests
Type: fix
Signed-off-by: d-valter@yandex-team.ru
Change-Id: I8cdc240b18a1664e57a5814d6cd644891c99f515
Fixes: 8800f732f8
Properly set type
path->fp_type = FIB_PATH_TYPE_SPECIAL
for paths with (path->fp_cfg_flags & FIB_PATH_CFG_FLAG_DROP)
Type: fix
Change-Id: Id61dbcda781d872b878e6a6410c05b840795ed46
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
When a periodic BFD packet cannot be sent because the interface is
disabled, the allocated buffer needs to be freed. This currently will
occur for IPv4 sessions. However, buffers will leak for IPv6 sessions as
in this case, bfd_transport_control_frame() and bfd_transport_udp6()
will not indicate failure.
With this fix, stop always returning success in bfd_transport_udp6() and
start returning the actual return value.
Type: fix
Change-Id: I5fa4d9206e32cccae3053ef24966d80e2022fc81
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
The previous fix was adding the sentinel before refilling rx,
which gave the NIC time to overwrite it with a new descriptor.
Ticket: VPP-2087
Type: fix
Fixes: 8b4d474abd
Change-Id: I32bde4a763a62fb66c5c3871d9f10af6066e2d47
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Make sure ct client segment handles do not collide if multi worker
application establishes cut-through sessions to only one server segment
manager.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I905379f9ed73c64d57a826a3e97d53dab3a87517
The previous change made CSIT virtio tests fail,
but those tests are not part of trending.
Ticket: VPP-2088
Type: fix
Fixes: a181eaa59b
Change-Id: If0439a030c051894e07007da9cf0a2e4dc1434c3
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
This is because mlx5_pci is also compatible with another
series of NICs such as ConnectX-5 and ConnectX-6.
Type: fix
Change-Id: I10f0468bbe36ab61c72fb3dc0aa898f8e2f9e88c
Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
Type: fix
In esp_encrypt_inline(), an index and pointer to the last processed SA
are stored. If the next packet uses the same SA, we defer on updating
counters until a different SA is encountered.
The pointer was being retrieved, then the SA was checked to see if the
packet should be dropped due to no crypto/integ algs, then the index was
updated. If the check failed, we would skip further processing and now
the pointer refers to a different SA than the index. When you have a
batch of packets that are encrypted using an SA followed by a packet
which is dropped for no algs and then more packets to be encrypted using
the original SA, the packets that arrive after the one that was dropped
end up being processed using a pointer that refers to the wrong SA data.
This can result in a segv.
Update the current_sa_index at the same time that the sa0 pointer is
updated.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I65f1511a37475b4f737f5e1b51749c0a30e88806
DHCPv4 aka BOOTP is somewhat awkward. A DHCP client
on an interface must receive DHCP packets to
the broadcast address or to a unicast address.
Apparently before it's been assigned to itself.
Add this new API to allow external DHCP clients
enable the DHCP client detect feature per interface.
Type: improvement
Change-Id: If55aac03f25a045496be483940e4f5e7e18885b9
Signed-off-by: Ole Troan <otroan@employees.org>
The recent TX flows generation fix introduced "l3_hdr_offset" which
represents the offset of the IP header in the buffer's data. The problem
is that it is erroneously defined as a 16-bit unsigned integer. If the
calculated offset is negative, "l3_hdr_offset" will get a value close to
UINT16_MAX. And the code will search the IP header somewhere beyond the
buffer's data. For example, this will occur in the case when an ICMP
error is being sent in response to a received packet.
With this fix, make "l3_hdr_offset" a signed integer.
Type: fix
Change-Id: I6f1283c7ba02656d0f592519b5863e68348c5583
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Currently, when IPFIX records generation is enabled for an interface in
the TX direction, some rewritten traffic is being sent from that
interface, and the Ethernet header's location has changed due to
rewriting, generated TX flows will contain fields with wrong and zero
values. For example, that can be observed when traffic is rewritten from
a subinterface to a hardware interface (i.e. when tags are removed). A
TX flow generated in this case will have wrong L2 fields because of an
incorrectly located Ethernet header. And zero L3/L4 fields because the
Ethernet type will match neither IP4 nor IP6.
The same code is executed to generate flows for both input and output
features. And the same mechanism is applied to identify the Ethernet
header in the buffer's data. However, such general code usually works
with the buffer's data conditionally based on the direction. For most
input features, the buffer's current_data will likely point to the IP
header. For most output features, the buffer's current_data will likely
point to the Ethernet header.
With this fix:
- Keep relying on ethernet_buffer_get_header() to locate the Ethernet
header for input features. And start using vlib_buffer_get_current()
to locate the Ethernet header for output features. The function will
account for the Ethernet header's position change in the buffer's
data if there is rewriting.
- After fixing Ethernet header determination in the buffer's data,
L3/L4 fields will contain non-zero but still incorrect data. That is
because IP header determination needs to be fixed too. It currently
relies on the fact that the Ethernet header is always located at the
beginning of the buffer's data and that l2_hdr_sz can be used as an
IP header offset. However, this may not be the case after rewriting.
So start calculating the actual offset of the IP header in the
buffer's data.
- Add a unit test to cover the case.
Type: fix
Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Do not force cleanup of tcp half-open connection if tcp's cleanup
notification to tls is pending.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7bccbe8429a4aab10df1c89b66138b967e04ac19
Updated the gtpu plugin code to support the PDU Session user plane protocol, required for 5G, as
specified in 3GPP TS 38.415 version 17.0.0. This enables some initial support of 5G gNodeB's with
the gtpu plugin.
New features:
- Basic support for the GTP-U Extension Header Flag.
Packets with one extension can now be decapsulated.
This enables basic support of the PDU Session user plane protocol (3GPP TS 38.415 version 17.0.0).
New tunnels can be created with a PDU enable flag and a 6-bit QoS Flow Identifier (QFI).
With this, encapsulated packets will have the PDU Session extension header, and the QFI set.
- Ability to forward GTP-U packets that are not handled by the plugin directly.
Only GTP-U packets with a message type of 255 (G-PDU) are handled directly.
However, 3GPP TS 29.281 defines several other message types like echo and error indication.
A new feature is added to optionally forward unknown or unsupported packets to a new IP address.
This works separately for unknown GTP-U message types, unknown TEIDs, and packets with an unknown
GTP-U header.
This allows both echo and error indications from a 5G gNodeB to be handled by a different system
outside VPP.
- Simple way to get metrics for active tunnels and on tunnel close.
In 5G session/tunnel lifetime is often short and created frequently.
The normal API becomes too slow and inaccurate when too many tunnels are created and deleted
every second.
Improvements:
- A clean ground structure to handle multiple message type in the future.
The code path for G-PDU packets is optimized for performance, representing the typical case.
Unsupported GTP-U packets enter a slow path that decodes the nature of the error.
This presents a easy hook to handle other message types in the future.
- Improved error reporting
When using traces there is more details in the tunnel descriptions.
- Updated the API with several enums.
Fixes:
- gtpu0->length field in IPv6 was computed with IPv4 header lengths in the encapsulation code.
- vec_set_len (t->rewrite, ...) size was computed with the IPv4 header size also for IPv6 tunnels.
Issues:
- This PR does not enable full support of the 3GPP specification.
In particular it only supports a single QoS/QFI flow for each tunnel.
It ignores all incoming extension header flags.
- API functions might change again when/if more support of the 3GPP TS 38.415 spec is added.
Note that I have bumped the API version to 2.1.0 as it seems to be the correct approach based on
my API changes.
Type: feature
Signed-off-by: Rune E. Jensen <runeerle@wgtwo.com>
Change-Id: I91cd2b31f2561f1b3fb1e46c4c34a5a3c71b4625
Filip Tehlar