Type: fix
Ticket: VPP-1756
the block-size was set to 0 resulting in incorrect placement of the ESP
footer.
add tests for NULL encrypt + integ.
Change-Id: I8ab3afda8e68f9ff649540cba3f2cac68f12bbba
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 2cdcd0cf4004b2c0d1d3b891e381aac5735c21f1)
Note which worker received fragment with offset zero and use this worker
to send out the reassembled packet.
Type: fix
Change-Id: I1d3cee16788db3b230682525239c0100d51dc380
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 630ab5846bceddf8d663e9f488a2dc0378949827)
Add support for specifying the worker thread when adding packet stream.
Type: feature
Change-Id: I8a98b91c211e60cd53e1166f9f51365394ecacfd
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 4ecbf105a4290de9917b1ded14b0854c68cbd655)
This reverts commit 6955595a577e1b7d316b5b69267bf1d1d951a4ab. The result
is that test filtering for reassembly tests works again.
Type: fix
Change-Id: I4acb094b5b4aa264745986afa0bb0528789807b3
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 947a85c7792b14d4cc84b0d25c953102435069e5)
This algorithm was missed in last improvements.
Type:fix
Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com>
Change-Id: Ib818cbdcdd1a6f298e8b0086dac4189cc201baa3
(cherry picked from commit 77cc14a2b29a65073539e6e3f4683a380875b3dc)
Type: feature
Adding a prefix to an interface was not permitted if it overlapped
with another prefix on an interface which used the same FIB.
Loosen the restriction. Allow 2 or more addresses from the same
prefix on a single interface. Reference count the prefix to figure
out when a glean/connected route for the prefix needs to be added
or removed.
Added unit tests to check that the route is only removed when all
addresses in the prefix are removed from the interface.
Change-Id: I1a962ecb5e1ee65fc6d41f98a4cc097a51a55321
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 6c92f5babdc3c52cf343509fc9cf9d8a9a3df390)
One type for address with prefix and one type for prefix.
Ticket: VPP-1769
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Icfec51d9b7d5cde1d69fbecdd97498688ab7b295
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Enforce that variable length fields are the last element of API messages.
Add a 'fixed' version of string type, since dealing with
multiple variable length strings turned out too painful
for the C language bindings.
The string type is now:
{
string name[64]; // NUL terminated C-string. Essentially decays to u8 name[64]
string name[]; // Variable length string with embedded len field (vl_api_string_t)
};
The latter notation could be made available to other types as well.
e.g.
{
vl_api_address_t addresses[];
}
instead of
{
u32 n_addr;
vl_api_address_t addresses[n_addr];
};
Type: fix
Change-Id: I18fa17ef47227633752ab50453e8d20a652a9f9b
Signed-off-by: Ole Troan <ot@cisco.com>
(cherry picked from commit e5ff5a36dd126ee57dca4e0b03da2f7704e0a4f5)
Signed-off-by: Ole Troan <ot@cisco.com>
- Relocate plugin tests for 'make test' into
src/plugins/*/test so that plugin test cases
are co-located with the plugin source code.
Type: refactor
Ticket: VPP-1754
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I503e6a43528e14981799b735fa65674155713f67
(cherry picked from commit a43c93f8554ad7418e31be3791b3fb71232f60ac)
The stats-segment validation/clear logic for acl counters was wrong,
fix it. Also add the code to the unittests to cover that case,
add a vat command to enable/disable counters, clean up
the unnecessary endian conversion and remove the stray clib_warning()
Change-Id: I421297a92e4aeb885c468c72a97cec25981df615
Type: fix
Ticket: VPP-1744
Fixes: f995c7122ba0d024b17bc3232e8edd18d5e25088
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
- lb_vip_dump/lb_vip_details - get all vip.
- lb_as_dump/lb_as_details - get all as list per vip.
- adds api unit test.
- adds vpp_lb to test framework.
Ticket:
Type: feature
Change-Id: I24be50d62c5234f3535cc840603ddd9df7eb3f07
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
Add gso option in create vhost interface to support gso and checksum
offload.
Tested with the following startup options in qemu:
csum=on,gso=on,guest_csum=on,guest_tso4=on,guest_tso6=on,guest_ufo=on,
host_tso4=on,host_tso6=on,host_ufo=on
Type: feature
Change-Id: I9ba1ee33677a694c4a0dfe66e745b098995902b8
Signed-off-by: Steven Luong <sluong@cisco.com>
Type: feature
store: write a QoS value into the buffer meta-data
record: Extract a QoS value from a packet header and store it.
mark: Make a change to the content of a packet header by writing a stored
QoS value
Change-Id: I07d1e87dd1ca90d40ac1ae1774fee1b272cab83f
Signed-off-by: Neale Ranns <nranns@cisco.com>
Now that we have support for f64:
- create explicit types for timestamp(datetime)/timedelta
- update log_details to use timestamp and remove redundant string representation.
If you need the string representation, in python do str(timestamp).
If you prefer the raw f64 value, the client can pass in the
_no_type_conversion option.
Type: feature
Change-Id: I547b5fa7122d2afa12628b7db0192c23babbbae8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
In a lot of places within the unit tests pg_start() starts
the capture with an already existing capture running
for the same test.
If the pcap file already exists, then it is renamed and there
is no problem.
However, there is a potential for race if the previous
pg_start() has enabled the capture, but the check for
renaming it happened just slightly earlier than the first
packet has arrived.
Then a second call to pg_start() will hit a check that
a file exists, and will cause an error. This is especially
visible when running the tests in parallel due to increased
load.
Solution: disable the capture before enabling it.
This will flush the aready running capture and eliminate the race.
The additional delay that flushing of the pcap creates has exposed
several other race conditions:
NAT tests: Some of the NAT reassembly tests
verify that the entries were added to the reassembly data structures,
but do so by comparing the quantities of entries. With the default
timeout being 2s, some of the entries might timeout,
resulting in a bogus test failure.
Solution: Bump the timeout to 20s for the affected tests.
Punt tests: nr_packets == 3 makes test intermittently fail,
nr_packets > 3 make it reliably fail, and nr_packets = 2 works
Solution: set nr_packets == 2 for the time being
IGMP tests: the leave-group calls get a spurious packet
from the time the new groups were configured
Solution: add 1 second delay before starting to delete the groups
Type: test
Change-Id: I931182a7b2860cf670e030ee7da8038f6e87356d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Previously, the only option was to wipe/rebuild all the test dependencies.
Type: make
Change-Id: Ia95d6e800f67bef033dcf614dbfa249c3e43159d
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Type: feature
- Define the ip_dscp_t and use in the IP headers
- Add DSCP setting to the DHCP client for use with packet TX
Change-Id: If220dde0017ea78793747d65f53e11daf23a28fa
Signed-off-by: Neale Ranns <nranns@cisco.com>
Type: feature
this means DHCP packets are subject to the IP features configured on the interface
- the unicast packets already were sent throught the adj
- added UT for DHCP client sending a unicast renewal
Change-Id: Id50db0b71822f44bf7cb639a524195cdc9873526
Signed-off-by: Neale Ranns <nranns@cisco.com>
implement per-acl-number counters in the stats segment.
They are created during the ACL creation,
the counters are incremented in the dataplane using
the new inline function with the extra parameter being
the packet size. Counting in shared segment adds
a noticeable overhead, so add also an API to
turn the counters on.
Type: feature
Change-Id: I8af7b0c31a3d986b68089eb52452aed45df66c7b
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Type: test
Depends-on: https://gerrit.fd.io/r/#/c/20484/
Change-Id: I140132cfcc4347035fe2bb9919f8e7923342940f
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Type: fix
Several Fixes:
1 - Anti-replay did not work with GCM becuase it overwrote the sequence
number in the ESP header. To fix i added the seq num to the per-packet
data so it is preserved
2 - The high sequence number was not byte swapped during ESP encrypt.
3 - openssl engine was the only one to return FAIL_DECRYPT for bad GCM
the others return BAD_HMAC. removed the former
4 - improved tracing to show the low and high seq numbers
5 - documented the anti-replay window checks
6 - fixed scapy patch for ESN support for GCM
7 - tests for anti-reply (w/ and w/o ESN) for each crypto algo
Change-Id: Id65d96b6d1d4dd821b2ab557e87468fff6d70e5b
Signed-off-by: Neale Ranns <nranns@cisco.com>
New pip releases can break pip-tools. This commit pins the version of
pip used in the test virtualenv to prevent uncontrolled breakage.
This fixes the current issue in make test:
TypeError: __init__() got an unexpected keyword argument 'index_urls'
Change-Id: I3b7ecb31e651401ada0d357e2bf093c91c934565
Type: feature
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
If numa-only is set, Only slaves on local numa node
transmit pkts if have at least one, otherwise the bond
interface works as usual.
CLI change:
create bond mode lacp [load-balance { l2 | l23 | l34 } {numa-only}]
[hw-addr <mac-address>] [id <if-id>]
The new member "u8 numa_only;" is also added to bond_create_if_args_t.
Type: feature
Change-Id: Icdccedafb0738d8c9d4a5acce909ce562428c071
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Type: feature
When admin status is changed on an interface, add or delete the
routes for the IPv4 addresses configured on that interface.
This is already being done for IPv6 interface addresses.
Change-Id: Ib1e7dc49c499921dd287e075640243520ffa5589
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Discovered running test-debug job in CI.
- fix missing paren () around format value.
Type: test
Change-Id: Iebddd3035a435f8ad1cb1d6fa4e8e8c2d4ddaf96
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
This changeset removes keys that are invalid in papi kwargs.
Type: test
Change-Id: I6568f91cd240dc1927540396210b429f6ce82c0a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Type: fix
There's no call for an SPI-0 punt reason with UDP encap, since
it's only with UDP encap that the ambiguity between IKE or IPSEC
occurs (and SPI=0 determines IKE).
Enhance the punt API to dum ponly the reason requested, so a client
can use this as a get-ID API
Change-Id: I5c6d72b03885e88c489117677e72f1ef5da90dfc
Signed-off-by: Neale Ranns <nranns@cisco.com>
Identified in post-merge review.
Type: test
Change-Id: I46e19285479437561a43975ba9b5cb68f478736c
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Type: fix
This solves the ownership of vxlan-gbp tunnels. When the last reference of these goes away they need to be deleted. Currently there are two owners; gbp_itf via gef_itf and the lock held by the gbp_endpoint_location_t. The problem is that the
loc removes its reference whilst the fwd still holds the gbp_itf, and things go wrong.
This change moves the lifecycle management of the vxlan-gbp tunnel to the gbp_itf. When the last lock of the gbp_itf goes, so does the tunnel. now both the EP's loc and fwd can hold a lock on the gbp_itf and it's only removed when required.
The other change is the management of the 'user' of the gbp_itf. Since each user can enable and disable different features, it's the job of the gbp_itf to apply the combined set. determining a unique 'uesr' from the caller was near impossible, so I moved that to the gbp_itf, and return the allocated user, hence the 'handle' that encodes both user and interface.
The hash table maps from sw_if_index to pool index.
Change-Id: I4c7bf4c0e5dcf33d1c545f262365e69151febcf4
Signed-off-by: Neale Ranns <nranns@cisco.com>
