This feature allows one to add classifier-based ACLs on packets punted
from the ip infra, eg. to only whitelist specific sender(s).
Type: feature
Change-Id: Idab37b188583efbca980038875fc3e540cb2e880
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Type: feature
This adds an API message to do the switch
at runtime.
Change-Id: Ice6b69c57f0bfbf5668182e25593362ff4133615
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Type: fix
Tap fds are stored in vector array but deleting tap
was not freeing this vector.
This patch fixes it.
Change-Id: I5228e3b9f432c69cf2656b2ee7402360d775964b
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Allow perfmon bundles to support more than one bundle type, either node
or thread. Only used for topdown bundle for the moment.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: Iba3653a4deb39b0a8ee8ad448a7e8f954283ccd8
Backward compatibility fix returns erroneous behavior that lets user
add internally unused inside interface for the purpose
of complying with the old add/dump/details API behavior.
Change introduced in https://gerrit.fd.io/r/c/vpp/+/32951 removed
extra inside interface that wasn't required or any how used by the
output feature. This patch also changed outside interface flags to
inside & outside. This fix returns the old behavior by imitating
the old behavior through dummy registratoin data.
Added new API calls nat44_ed_add_del_output_interface
and nat44_ed_output_interface_get/details as a
replacement of old API's. New API introduces
simplified and cleaner way of configuring outside
feature without requirement of config flags.
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I7a170f7325727c04da5e2e3ffbe3f02179531284
Type: fix
output_node_thread_runtimes was not freed when an interface
is deleted. This patch fixes it.
Change-Id: I763b0109be1904d43839528a346f3b9aa8927205
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Type: fix
vnet_delete_hw_interface() calls vec_free on rx_queue_indices.
function vnet_hw_if_unregister_all_rx_queues() is used to free
rx_queue_indices which is also called by vnet_delete_hw_interface().
So, second vec_free is redundant.
Change-Id: Ibda4be38fd122d33532bb384c97b0b9e5f441134
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
The 0.55 version of libipsec_mb does not support the chacha functions
used in the plugin.
The missing symobls are:
ipsecmb_ops_chacha_poly
ipsecmb_ops_chacha_poly_chained
IMB_CIPHER_DIRECTION
Check for ipsecmb_ops_chacha_poly() and conditionalise the chacha code
in the plugin on this.
ipsec_mb 0.55 is the version currently found in Debian Stable (bullseye)
Type: make
Signed-off-by: Nick Brown <nickbroon@gmail.com>
Change-Id: I88c962ac4f99a58b5cd61fb9b75f692e27d4ec30
now we can reuse udp-port for many wireguard interfaces
Type: improvement
Change-Id: I14b5a9dbe917d83300ccb4d6907743d88355e5c5
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
_pool_init_fixed uses mmap to initialize a fixed-size and preallocated
pool, whose size is the sum of vector_size and free_index_size with
alignment to the CLIB_CACHE_LINE_BYTES and page size. In this way
vector_size equals to pool_header_t + vec_header_t + elt_size * max_elts
so moving to the end of the pool space should be pool_header_t pointer +
vector_size, instead of vec_header_t pointer + vector_size.
Simple code to reproduce this error:
u64 *pool;
pool_init_fixed(pool, 2042);
Improve unit test to cover this case
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Reviewed-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: If088ef89b3dcb2d874ee837ae9da60983b14615c
Signed-off-by: Dave Barach <dave@barachs.net>
Type: fix
Tap/Tun interfaces do not have control queue.
This patch removes the support of control queue
from virtio_show() which is used by show tap/tun cli.
Change-Id: Ib89144ad488ed548fb1ce50ee232a1b8659ccf29
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
If the type is IPv4, makes sure the padding bytes are set to 0 as this
is used by ip46_address_is_ip4() to detect the type.
Type: fix
Change-Id: I6a81fa05a6b227086853901bf3dcdc66e6d04d2c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Topdown events are peusdo events exposed by linux,
and are only present on Intel platforms.
Change to clarifies this.
Type: fix
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I6a3dcea5f43f53dbb96475329baf5e596a24d54f
Type: fix
input_node_thread_index_by_queue is not being used anymore.
Change-Id: I0141fa0d024affb39771acf7516e064c5c8acfe9
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
proxy main lock not released in certain cases and resulting in deadlock.
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: Ib869f459b447189bb921c05fd260f3691c2ac787
Type: improvement
Subsequent features in the data-path can thus easily find the l3 header
without parsing the label stack.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I26f7d4bbe9186aeb8654706579c72424e8ecca2c
Type: improvement
Linux uses pseudo header checksum when checksum of l4 is offloaded.
This patch adds similar support in virtual interfaces.
Change-Id: I6a94d1104e59356f95057e7c122e3be9cd8659a3
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
now we should add routes manually
Type: improvement
Change-Id: I877511a18854efdfad02939267d38a216b2ccec3
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Set the RPATH to based on CMAKE_INSTALL_LIBDIR so that libraries are
correctly found.
Type: make
Change-Id: I82d649345edea2c5d3f6b3f43e3e5869b9e580a7
Signed-off-by: Nick Brown <nickbroon@gmail.com>
a274c3a2ed8c4f1f38cb6f126326b4e6798869d2 has split the devtool plugins into a separate component,
which caused them not to be packaged as part of the existing .deb, however this can still be useful
to have them.
This commit adds the new deb vpp-plugin-devtools which contains that component.
Change-Id: I3cf44493745c3d4951ffd2194c6ae539e8ad5926
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Type: improvement
Currently, NAT44-ED users sessions details are returned for both active
and timed out NAT sessions. It may confuse users that expect to see only
active sessions in the response and make them think that timeouts for
NAT sessions do not work.
With this change, introduce an indicator of timing out for NAT sessions
returned in NAT44-ED user session details.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ib4d689f77cec4b0b0cc8484019e13733cc8bdc0d
Type: fix
When the API cleanup of classify messages was done, the code was not
updated to add the message enums to REPLY_MSG_ID_BASE. So the wrong
message IDs are being sent back in replies to classify API requests.
Add REPLY_MSG_ID_BASE when populated vl_msg_id on a reply.
Change-Id: Ic7c828f14d42a346fc58fc9ff062b954f494cdbd
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Type: feature
Gaps in the sequence numbers received on an SA indicate packets that were lost.
Gaps are identified using the anti-replay window that records the sequences seen.
Publish the number of lost packets in the stats segment at /net/ipsec/sa/lost
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8af1c09b7b25a705e18bf82e1623b3ce19e5a74d
This fixes the interface creation passing
a netns. [0] made the renaming of the new
tuntap interface before switching netns
Thus, preventing creating an interface in
another netns if one exists in VPP's netns
with the same name.
This also fixes restore netns on errors
Type: fix
[0] https://gerrit.fd.io/r/c/vpp/+/33696
Change-Id: I5c83bb37d664057bcf231cd0c636f0e51aa542ad
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
This fixes size computation when using
abstract sockets with libmemif
Type: fix
Change-Id: I3a686e4ff2132b9fb295bbe30633958dcfec672b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Pools fib_urpf_list_pool and fib_entry_pool can grow while ip6_urpf_loose_check/fib_entry_get_flags_for_source are being executed. That may result as a crash in mt environment.
Type: fix
Change-Id: I44ca2cb70255e7aaf2e1f7a7d2eecd25cbdd0aaa
Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
Type: improvement
* add support for JSON format in API trace
* add ability to replay JSON API trace in both VPP and VAT2
* use CRC for backward compatibility check during JSON API replay
* fix API trace CLI (and remove duplicits)
* remove custom dump
* remove vppapitrace.py
* update docs accordingly
Change-Id: I5294f68bebe6cbe738630f457f3a87720e06486b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Signed-off-by: Ole Troan <ot@cisco.com>
This is the last in the series of moving API messages from vpp/api/vpe.api to vlibmemory/memclnt.api.
This patch makes the remaining vpe.api messages dynamic, to help VAT2 binary-api command.
Moves the VAT test code to a separate file and removes the now unnused API meta files.
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I01dd78eaff1d3715dff17d2643bf0f7f0089935b
Signed-off-by: Ole Troan <ot@cisco.com>
Improving session filtering capabilities of
show nat44 sessions CLI command for EI and ED NAT
plugins. Adding filtering options: saddr, sport,
daddr, dport, proto for both i2o and o2i flows.
Type: improvement
Change-Id: I70bc94a2e922cddf9451eb7dcbf4a7be21ebf0df
Signed-off-by: Filip Varga <fivarga@cisco.com>
Type: improvement
Counters are labeled with interface indices in the Prometheus exporter
output. For example:
# TYPE _if_drops counter
_if_drops{thread="0",interface="0"} 0
_if_drops{thread="0",interface="1"} 0
_if_drops{thread="0",interface="2"} 2112
[..]
Currently, it's unable to map interface indices to the interface names
using only output provided by the Prometheus exporter. However, this
mapping is present in the vpp_get_stats output:
# vpp_get_stats dump /if/names
[0]: local0 /if/names
[1]: GigabitEthernet0/8/0 /if/names
[2]: GigabitEthernet0/9/0 /if/names
[..]
With this change, add name vectors to Prometheus exporter output as info
metrics. Thus exposing interfaces and their indices:
# TYPE _if_names_info gauge
_if_names_info{index="0",name="local0"} 1
_if_names_info{index="1",name="GigabitEthernet0/8/0"} 1
_if_names_info{index="2",name="GigabitEthernet0/9/0"} 1
[..]
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iff86c4d6fea8805e71fb04fccf278bae855e88d1
find_package(Python3) will not set variables that are later used, so set
those needed. Perhaps the python2 support, which is EOL, could be
dropped?
Use DESTDIR, instead of hardcoding the path. This allows system
packaging, or local installs, to work properly.
Type: make
Signed-off-by: Nick Brown <nickbroon@gmail.com>
Change-Id: I045516c61473c612ab70858cd9b58c4e2838b347
Don't install vapi_c{,pp}_test. It confuses dpkg-shlibdeps to think we
need libsubunit as shared lib dependency
Type: fix
Fixes: a2d6d352c6926d2f8d4e50aeb1ec59802f32b37b
Signed-off-by: d-valter@yandex-team.ru
Change-Id: Ifb702a61be32b37e79b48780cc61cb0838e87153
per_thread_ namespace fuctionality replaced by memif socket.
Interfaces are grouped by memif socket which holds interface database.
Each thread can create it's unique memif socket. The path name
can be equal across threads so that the app only uses one
UNIX socket. In case of listener socket, listener fd
can be obtained and set using APIs.
This change allows:
- No lookup on file descriptor events
- improves interrupt handling
- Loopback support (connect two interfaces in one app)
- usefull for debugging and testing
- Improves code readability by providing control channel
abstraction for each interface and listener sockets
Type: refactor
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I1b8261042431c0376646ab4c4c831f6e59dd3eed
