nat: fix nat44 vrf handlers

Change of enums used in REPLY_MACRO() to appropriate one
for handlers:
-vl_api_nat44_ed_add_del_vrf_table_t_handler
-vl_api_nat44_ed_add_del_vrf_route_t_handler

Type: fix

Change-Id: I58e97817b1678da7c025c0d03a8b938a4e0f7b6c
Signed-off-by: Daniel Béreš <daniel.beres@pantheon.tech>
(cherry picked from commit 2c03879ce4)

.gitignore

@@ -18,17 +18,17 @@
 /build-root/rpmbuild/
 /build-root/test-doc/
 /build-root/test-cov/
+/build-root/test/
 /test/run/
 /test/build/
 /test/coverage/
-/test/venv/
 /test/vapi_test/
 /test/doc/build/
 /build-config.mk
 /build/external/*.tar.gz
 /build/external/*.tar.xz
-/build/external/vpp-*.deb
-/build/external/vpp-*.changes
+/build/external/vpp-*
+/build/external/dpdk_mlx_default.sh
 /build/external/downloads/
 /path_setup
 /tools/

.gitreview

@@ -2,3 +2,4 @@
 host=gerrit.fd.io
 port=29418
 project=vpp
+defaultbranch=stable/2210

MAINTAINERS

@@ -41,6 +41,7 @@ F:	src/vnet/bonding/
 Sphinx Documents
 I:	docs
 M:	John DeNisco <jdenisco@cisco.com>
+M:	Dave Wallace <dwallacelf@gmail.com>
 F:	docs/
 
 Infrastructure Library
@@ -179,6 +180,7 @@ F:	src/vnet/pg/
 VNET Segment Routing (IPv6 and MPLS)
 I:	sr
 M:	Pablo Camarillo <pcamaril@cisco.com>
+M:	Ahmed Abdelsalam <ahabdels@cisco.com>
 F:	src/vnet/srv6/
 F:	src/vnet/srmpls/
 F:	src/examples/srv6-sample-localsid/
@@ -564,6 +566,11 @@ M:	Dave Barach <vpp@barachs.net>
 M:	Florin Coras <fcoras@cisco.com>
 F:	src/plugins/unittest/
 
+Plugin - Intel DMA engines
+I:      dma_intel
+M:      Marvin Liu <yong.liu@intel.com>
+F:      src/plugins/dma_intel
+
 Test Infrastructure
 I:	tests
 M:	Klement Sekera <klement.sekera@gmail.com>
@@ -732,6 +739,11 @@ M:	Artem Glazychev <artem.glazychev@xored.com>
 M:	Fan Zhang <roy.fan.zhang@intel.com>
 F:	src/plugins/wireguard
 
+Packetforge
+I:	packetforge
+M:	Ting Xu <ting.xu@intel.com>
+F:	extras/packetforge
+
 VPP Config Tooling
 I:	vpp_config
 M:	John DeNisco <jdenisco@cisco.com>
@@ -805,6 +817,12 @@ I:	rpm-packaging
 M:	Laszlo Kiraly <laszlo.kiraly@est.tech>
 F:	src/extras/rpm/opensuse
 
+VPP StrongSwan Daemon
+I:	vpp-swan
+M:	Fan Zhang <roy.fan.zhang@intel.com>
+M:	Gabriel Oginski <gabrielx.oginski@intel.com>
+F:	extras/strongswan/vpp_sswan
+
 THE REST
 I:	misc
 M:	vpp-dev Mailing List <vpp-dev@fd.io>

Makefile

@@ -70,7 +70,7 @@ DEB_DEPENDS += python3-all python3-setuptools check
 DEB_DEPENDS += libffi-dev python3-ply
 DEB_DEPENDS += cmake ninja-build uuid-dev python3-jsonschema python3-yaml
 DEB_DEPENDS += python3-venv  # ensurepip
-DEB_DEPENDS += python3-dev   # needed for python3 -m pip install psutil
+DEB_DEPENDS += python3-dev python3-pip
 DEB_DEPENDS += libnl-3-dev libnl-route-3-dev libmnl-dev
 # DEB_DEPENDS += enchant  # for docs
 DEB_DEPENDS += python3-virtualenv
@@ -81,7 +81,14 @@ DEB_DEPENDS += nasm
 
 LIBFFI=libffi6 # works on all but 20.04 and debian-testing
 
-ifeq ($(OS_VERSION_ID),20.04)
+ifeq ($(OS_VERSION_ID),22.04)
+	DEB_DEPENDS += python3-virtualenv
+	DEB_DEPENDS += libssl-dev
+	DEB_DEPENDS += libelf-dev # for libbpf (af_xdp)
+	DEB_DEPENDS += clang clang-format-11
+	LIBFFI=libffi7
+	DEB_DEPENDS += enchant-2  # for docs
+else ifeq ($(OS_VERSION_ID),20.04)
 	DEB_DEPENDS += python3-virtualenv
 	DEB_DEPENDS += libssl-dev
 	DEB_DEPENDS += libelf-dev # for libbpf (af_xdp)
@@ -157,25 +164,18 @@ RPM_DEPENDS_DEBUG += yum-plugin-auto-update-debug-info
 RPM_SUSE_BUILDTOOLS_DEPS = autoconf automake ccache check-devel chrpath
 RPM_SUSE_BUILDTOOLS_DEPS += clang cmake indent libtool make ninja python3-ply
 
-RPM_SUSE_DEVEL_DEPS = glibc-devel-static libnuma-devel libelf-devel nasm
-RPM_SUSE_DEVEL_DEPS += libopenssl-devel openssl-devel libuuid-devel
+RPM_SUSE_DEVEL_DEPS = glibc-devel-static libnuma-devel libelf-devel
+RPM_SUSE_DEVEL_DEPS += libopenssl-devel libuuid-devel lsb-release
+RPM_SUSE_DEVEL_DEPS += curl libstdc++-devel bison gcc-c++ zlib-devel
 
-RPM_SUSE_PYTHON_DEPS = python-devel python3-devel python-pip python3-pip
-RPM_SUSE_PYTHON_DEPS += python-rpm-macros python3-rpm-macros
+RPM_SUSE_PYTHON_DEPS = python3-devel python3-pip python3-rpm-macros
 
-RPM_SUSE_PLATFORM_DEPS = distribution-release shadow rpm-build
+RPM_SUSE_PLATFORM_DEPS = shadow rpm-build
 
 ifeq ($(OS_ID),opensuse-leap)
-ifeq ($(OS_VERSION_ID),15.3)
-	RPM_SUSE_DEVEL_DEPS += curl libstdc++-devel bison gcc-c++ zlib-devel xmlto
-	RPM_SUSE_DEVEL_DEPS += lsb-release
-	RPM_SUSE_DEVEL_DEPS += asciidoc git
-	RPM_SUSE_PYTHON_DEPS += python3 python2-ply
-endif
-ifeq ($(OS_VERSION_ID),15.0)
-	RPM_SUSE_DEVEL_DEPS += gcc git curl
-	RPM_SUSE_PYTHON_DEPS += python3-ply python2-virtualenv
-endif
+	RPM_SUSE_DEVEL_DEPS += xmlto openssl-devel asciidoc git nasm
+	RPM_SUSE_PYTHON_DEPS += python3 python3-ply python3-virtualenv
+	RPM_SUSE_PLATFORM_DEPS += distribution-release
 endif
 
 RPM_SUSE_DEPENDS += $(RPM_SUSE_BUILDTOOLS_DEPS) $(RPM_SUSE_DEVEL_DEPS) $(RPM_SUSE_PYTHON_DEPS) $(RPM_SUSE_PLATFORM_DEPS)
@@ -186,7 +186,7 @@ endif
 
 ifeq ($(findstring y,$(UNATTENDED)),y)
 CONFIRM=-y
-FORCE=--force-yes
+FORCE=--allow-downgrades --allow-remove-essential --allow-change-held-packages
 endif
 
 TARGETS = vpp
@@ -333,7 +333,7 @@ else ifeq ($(OS_ID),fedora)
 	@sudo -E dnf install $(CONFIRM) $(RPM_DEPENDS)
 	@sudo -E debuginfo-install $(CONFIRM) glibc openssl-libs zlib
 endif
-else ifeq ($(filter opensuse-leap,$(OS_ID)),$(OS_ID))
+else ifeq ($(filter opensuse-leap-15.3 opensuse-leap-15.4 ,$(OS_ID)-$(OS_VERSION_ID)),$(OS_ID)-$(OS_VERSION_ID))
 	@sudo -E zypper refresh
 	@sudo -E zypper install  -y $(RPM_SUSE_DEPENDS)
 else
@@ -679,7 +679,7 @@ checkstyle-python:
 	@make -C test checkstyle-python-all
 
 .PHONY: checkstyle-all
-checkstyle-all: checkstyle-commit checkstyle checkstyle-python
+checkstyle-all: checkstyle-commit checkstyle checkstyle-python docs-spell
 
 .PHONY: fixstyle
 fixstyle:
@@ -760,3 +760,7 @@ ifeq ($(OS_ID)-$(OS_VERSION_ID),$(MAKE_VERIFY_GATE_OS))
 else
 	$(call banner,"Skipping tests. Tests under 'make verify' supported on $(MAKE_VERIFY_GATE_OS)")
 endif
+
+.PHONY: check-dpdk-mlx
+check-dpdk-mlx:
+	@[ $$(make -sC build/external dpdk-show-DPDK_MLX_DEFAULT) = y ]

build/external/Makefile

@@ -38,8 +38,8 @@ ARCH_X86_64=$(filter x86_64,$(shell uname -m))
 include packages.mk
 include packages/ipsec-mb.mk
 include packages/quicly.mk
-include packages/dpdk.mk
 include packages/rdma-core.mk
+include packages/dpdk.mk
 include packages/libbpf.mk
 
 .PHONY: clean

build/external/deb/debian/rules

@@ -1,6 +1,9 @@
 #!/usr/bin/make -f
 DH_VERBOSE = 1
 DEB_BUILD_OPTIONS = noddebs
+DEB_CFLAGS_MAINT_STRIP = -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -O2
+DEB_LDFLAGS_MAINT_STRIP = -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects
+DEB_CFLAGS_MAINT_APPEND = -O3
 PKG=vpp-ext-deps
 
 VERSION = $(shell dpkg-parsechangelog | sed -nr '/^Version:/s/Version: //p')
@@ -25,3 +28,5 @@ override_dh_install:
 	make $(MAKE_ARGS) install
 	dh_install -p$(PKG) --autodest /opt
 
+override_dh_shlibdeps:
+	dh_shlibdeps -l$(INSTALL_DIR)lib/

build/external/mlx_rdma_dpdk_matrix.txt

@@ -0,0 +1 @@
+rdma=41.0 dpdk=22.07

build/external/packages.mk

@@ -146,5 +146,9 @@ $(B)/.$1.install.ok: $(B)/.$1.build.ok
 .PHONY: $1-install
 $1-install: $(B)/.$1.install.ok
 
+.PHONY: $1-show-%
+$1-show-%:
+	@echo $$($$*)
+
 ALL_TARGETS += $1-install
 endef

build/external/packages/dpdk.mk

@@ -14,17 +14,15 @@
 DPDK_PKTMBUF_HEADROOM        ?= 128
 DPDK_USE_LIBBSD              ?= n
 DPDK_DEBUG                   ?= n
-DPDK_MLX4_PMD                ?= n
-DPDK_MLX5_PMD                ?= n
-DPDK_MLX5_COMMON_PMD         ?= n
 DPDK_TAP_PMD                 ?= n
 DPDK_FAILSAFE_PMD            ?= n
 DPDK_MACHINE                 ?= default
 DPDK_MLX_IBV_LINK            ?= static
 
-dpdk_version                 ?= 22.03
+dpdk_version                 ?= 22.07
 dpdk_base_url                ?= http://fast.dpdk.org/rel
 dpdk_tarball                 := dpdk-$(dpdk_version).tar.xz
+dpdk_tarball_md5sum_22.07    := fb73b58b80b1349cd05fe9cf6984afd4
 dpdk_tarball_md5sum_22.03    := a07ca8839f98062f46e1cc359735cce8
 dpdk_tarball_md5sum_21.11    := 58660bbbe9e95abce86e47692b196555
 dpdk_tarball_md5sum_21.08    := de33433a1806280996a0ecbe66e3642f
@@ -33,6 +31,11 @@ dpdk_tarball_md5sum          := $(dpdk_tarball_md5sum_$(dpdk_version))
 dpdk_url                     := $(dpdk_base_url)/$(dpdk_tarball)
 dpdk_tarball_strip_dirs      := 1
 dpdk_depends		     := rdma-core $(if $(ARCH_X86_64), ipsec-mb)
+
+DPDK_MLX_DEFAULT             := $(shell if grep -q "rdma=$(rdma-core_version) dpdk=$(dpdk_version)" mlx_rdma_dpdk_matrix.txt; then echo 'y'; else echo 'n'; fi)
+DPDK_MLX4_PMD                ?= $(DPDK_MLX_DEFAULT)
+DPDK_MLX5_PMD                ?= $(DPDK_MLX_DEFAULT)
+DPDK_MLX5_COMMON_PMD         ?= $(DPDK_MLX_DEFAULT)
 # Debug or release
 
 DPDK_BUILD_TYPE:=release
@@ -43,10 +46,12 @@ endif
 DPDK_DRIVERS_DISABLED := baseband/\*,	\
 	bus/dpaa,							\
 	bus/ifpga,							\
+	common/cnxk,						\
 	compress/isal,						\
 	compress/octeontx,					\
 	compress/zlib,						\
 	crypto/ccp,							\
+	crypto/cnxk,						\
 	crypto/dpaa_sec,					\
 	crypto/openssl,						\
 	crypto/aesni_mb,						\
@@ -56,9 +61,11 @@ DPDK_DRIVERS_DISABLED := baseband/\*,	\
 	crypto/zuc,						\
 	event/\*,							\
 	mempool/dpaa,						\
+	mempool/cnxk,						\
 	net/af_packet,						\
 	net/bnx2x,							\
 	net/bonding,						\
+	net/cnxk,							\
 	net/ipn3ke,							\
 	net/liquidio,						\
 	net/pcap,							\
@@ -74,6 +81,7 @@ DPDK_LIBS_DISABLED := acl,				\
 	bitratestats,						\
 	bpf,								\
 	cfgfile,							\
+	cnxk,							\
 	distributor,						\
 	efd,								\
 	fib,								\
@@ -167,6 +175,7 @@ PIP_DOWNLOAD_DIR = $(CURDIR)/downloads/
 
 define dpdk_config_cmds
 	cd $(dpdk_build_dir) && \
+	echo "DPDK_MLX_DEFAULT=$(DPDK_MLX_DEFAULT)" > ../../../dpdk_mlx_default.sh && \
 	rm -rf ../dpdk-meson-venv && \
 	mkdir -p ../dpdk-meson-venv && \
 	python3 -m venv ../dpdk-meson-venv && \

build/external/packages/rdma-core.mk

@@ -13,10 +13,10 @@
 
 RDMA_CORE_DEBUG?=n
 
-rdma-core_version             := 39.1
+rdma-core_version             := 41.0
 rdma-core_tarball             := rdma-core-$(rdma-core_version).tar.gz
-rdma-core_tarball_md5sum_38.0 := 44e14dd392ac139a0d452148eb0a0514
 rdma-core_tarball_md5sum_39.1 := 63ba4632fd01173a2331e5b990373330
+rdma-core_tarball_md5sum_41.0 := 2250389cb61a7130133e6411fdeef2f9
 rdma-core_tarball_md5sum      := $(rdma-core_tarball_md5sum_$(rdma-core_version))
 rdma-core_tarball_strip_dirs  := 1
 rdma-core_url                 := http://github.com/linux-rdma/rdma-core/releases/download/v$(rdma-core_version)/$(rdma-core_tarball)
@@ -32,27 +32,16 @@ define  rdma-core_config_cmds
 	    -DENABLE_STATIC=1 -DENABLE_RESOLVE_NEIGH=0 -DNO_PYVERBS=1 -DENABLE_VALGRIND=0\
 	    -DCMAKE_BUILD_TYPE=$(RDMA_BUILD_TYPE) -DCMAKE_INSTALL_PREFIX=$(rdma-core_install_dir) \
 	    -DCMAKE_INSTALL_LIBDIR=lib \
-	    -DCMAKE_C_FLAGS='-fPIC -fvisibility=hidden' > $(rdma-core_config_log)
+	    -DCMAKE_INSTALL_RUNDIR:PATH=/run \
+	    -DCMAKE_C_FLAGS='-fPIC' -DNO_MAN_PAGES=ON | tee $(rdma-core_config_log)
 endef
 
 define  rdma-core_build_cmds
-	$(CMAKE) --build $(rdma-core_build_dir) -- libccan.a libibverbs.a librdma_util.a libmlx5.a libmlx4.a > $(rdma-core_build_log)
-	sed 's/^Libs.private:.*/Libs.private: -lmlx4 -lmlx5 -libverbs -lrdma_util -lccan -lpthread/' -i $(rdma-core_build_dir)/lib/pkgconfig/libibverbs.pc >> $(rdma-core_build_log)
+	$(CMAKE) --build $(rdma-core_build_dir) | tee $(rdma-core_build_log)
 endef
 
 define  rdma-core_install_cmds
-	mkdir -p $(rdma-core_install_dir)/lib/pkgconfig
-	cp -avL $(rdma-core_build_dir)/include $(rdma-core_install_dir) > $(rdma-core_install_log)
-	cp -avL $(rdma-core_build_dir)/lib/pkgconfig/libibverbs.pc \
-	  $(rdma-core_build_dir)/lib/pkgconfig/libmlx5.pc \
-	  $(rdma-core_build_dir)/lib/pkgconfig/libmlx4.pc \
-	  $(rdma-core_install_dir)/lib/pkgconfig >> $(rdma-core_install_log)
-	cp -avL $(rdma-core_build_dir)/lib/statics/libibverbs.a \
-	  $(rdma-core_build_dir)/lib/statics/libmlx5.a \
-	  $(rdma-core_build_dir)/lib/statics/libmlx4.a \
-	  $(rdma-core_build_dir)/util/librdma_util.a \
-	  $(rdma-core_build_dir)/ccan/libccan.a \
-	  $(rdma-core_install_dir)/lib >> $(rdma-core_install_log)
+	$(CMAKE) --install $(rdma-core_build_dir) | tee $(rdma-core_install_log)
 endef
 
 $(eval $(call package,rdma-core))

build/external/patches/dpdk_22.03/0001-bus-vmbus-add-support-allow-block-scan-mode.patch

@@ -0,0 +1,76 @@
+From 16449a64d38c7f4b880601ddf3d34087da5e8577 Mon Sep 17 00:00:00 2001
+From: Xiaoming Jiang <jiangxiaoming@outlook.com>
+Date: Thu, 9 Jun 2022 06:15:51 +0000
+Subject: [PATCH 1/1] bus/vmbus: add support allow/block scan mode
+
+---
+ drivers/bus/vmbus/vmbus_common.c | 32 +++++++++++++++++++++++++++++---
+ 1 file changed, 29 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/bus/vmbus/vmbus_common.c b/drivers/bus/vmbus/vmbus_common.c
+index 3677273..47edacb 100644
+--- a/drivers/bus/vmbus/vmbus_common.c
++++ b/drivers/bus/vmbus/vmbus_common.c
+@@ -102,7 +102,12 @@ vmbus_probe_one_driver(struct rte_vmbus_driver *dr,
+ 	VMBUS_LOG(INFO, "VMBUS device %s on NUMA socket %i",
+ 		  guid, dev->device.numa_node);
+ 
+-	/* TODO add block/allow logic */
++	/* no initialization when marked as blocked, return without error */
++	if (dev->device.devargs != NULL &&
++		dev->device.devargs->policy == RTE_DEV_BLOCKED) {
++		RTE_LOG(INFO, EAL, "  Device is blocked, not initializing\n");
++		return 1;
++	}
+ 
+ 	/* map resources for device */
+ 	ret = rte_vmbus_map_device(dev);
+@@ -134,7 +139,7 @@ vmbus_probe_one_driver(struct rte_vmbus_driver *dr,
+ 
+ /*
+  * If device class GUID matches, call the probe function of
+- * register drivers for the vmbus device.
++ * registere drivers for the vmbus device.
+  * Return -1 if initialization failed,
+  * and 1 if no driver found for this device.
+  */
+@@ -163,6 +168,25 @@ vmbus_probe_all_drivers(struct rte_vmbus_device *dev)
+ 	return 1;
+ }
+ 
++static bool
++rte_vmbus_ignore_device(struct rte_vmbus_device *dev)
++{
++	struct rte_devargs *devargs = vmbus_devargs_lookup(dev);
++
++	switch (rte_vmbus_bus.bus.conf.scan_mode) {
++	case RTE_BUS_SCAN_ALLOWLIST:
++		if (devargs && devargs->policy == RTE_DEV_ALLOWED)
++			return false;
++		break;
++	case RTE_BUS_SCAN_UNDEFINED:
++	case RTE_BUS_SCAN_BLOCKLIST:
++		if (devargs == NULL || devargs->policy != RTE_DEV_BLOCKED)
++			return false;
++		break;
++	}
++	return true;
++}
++
+ /*
+  * Scan the vmbus, and call the devinit() function for
+  * all registered drivers that have a matching entry in its id_table
+@@ -180,7 +204,9 @@ rte_vmbus_probe(void)
+ 
+ 		rte_uuid_unparse(dev->device_id, ubuf, sizeof(ubuf));
+ 
+-		/* TODO: add allowlist/blocklist */
++		if (rte_vmbus_ignore_device(dev)) {
++			continue;
++		}
+ 
+ 		if (vmbus_probe_all_drivers(dev) < 0) {
+ 			VMBUS_LOG(NOTICE,
+-- 
+2.32.0
+

docs/aboutvpp/releasenotes/index.rst

@@ -6,7 +6,9 @@ Release notes
 .. toctree::
     :maxdepth: 2
 
+    v22.10.1
+    v22.10
+    v22.06.1
+    v22.06
     v22.02
-    v21.10.1
-    v21.10
     past

docs/aboutvpp/releasenotes/past.rst

@@ -6,6 +6,8 @@ Past releases
 .. toctree::
     :maxdepth: 1
 
+    v21.10.1
+    v21.10
     v21.06
     v21.01
     v20.09
@@ -37,4 +39,3 @@ Past releases
     v17.01
     v16.09
     v16.06
-

docs/aboutvpp/releasenotes/v22.06.1.rst

@@ -0,0 +1,12 @@
+Release notes for VPP 22.06.1
+=============================
+
+This is bug fix release.
+
+Of particular importance, this release contains the fix for
+`JIRA VPP-2307: CVE-2022-46397 FD.io VPP (Vector Packet Processor) IPSec generates a predictable IV in AES-CBC mode <https://jira.fd.io/browse/VPP-2037>`__
+
+For the full list of fixed issues please refer to:
+
+- fd.io `JIRA <https://jira.fd.io>`__
+- git `commit log <https://git.fd.io/vpp/log/?h=stable/2206>`__

docs/aboutvpp/releasenotes/v22.10.1.rst

@@ -0,0 +1,12 @@
+Release notes for VPP 22.10.1
+=============================
+
+This is bug fix release.
+
+Of particular importance, this release contains the fix for
+`JIRA VPP-2307: CVE-2022-46397 FD.io VPP (Vector Packet Processor) IPSec generates a predictable IV in AES-CBC mode <https://jira.fd.io/browse/VPP-2037>`__
+
+For the full list of fixed issues please refer to:
+
+- fd.io `JIRA <https://jira.fd.io>`__
+- git `commit log <https://git.fd.io/vpp/log/?h=stable/2210>`__

docs/developer/build-run-debug/building.rst

@@ -3,11 +3,95 @@
 .. toctree::
 
 Building VPP
-============
+=====================
 
 To get started developing with VPP, you need to get the required VPP sources and then build the packages.
 For more detailed information on the build system please refer to :ref:`buildsystem`.
 
+.. _makesureinstalled:
+
+VPP for Ubuntu: Environment Setup
+-------------------------------------------
+
+If you are not downloading VPP on Ubuntu with WSL (Windows Subsystem for Linux), please disregard this section
+and jump to 'Get the VPP Sources'.
+
+Before starting on VPP for Ubuntu, make sure WSL2 and Ubuntu are installed.
+
+To install WSL2 and Ubuntu, run Windows PowerShell as an administrator and enter this in the terminal:
+
+.. code-block:: console
+
+    $ wsl --install
+
+Next, go to the 'resolv.conf' file in Ubuntu's '/etc' folder.
+It should have been automatically generated when Ubuntu was installed; if it doesn't exist, create it.
+Please use 'sudo' to avoid "File resolv.conf is unwritable" errors.
+
+.. code-block:: console
+
+    $ cd /etc
+    $ sudo nano resolv.conf
+
+In the file, add the following content in place of the current 'nameserver X.X.X.X' line:
+
+.. code-block:: console
+
+    nameserver 8.8.8.8
+
+This replaces the DNS nameserver on your machine with the Google DNS service,
+resolving any DNS Internet connection issues.
+
+Note: by default, the 'resolv.conf' file regenerates every time you restart Ubuntu, so your changes won't be saved.
+To keep your changes, run the following command to make 'resolv.conf' immutable:
+
+.. code-block:: console
+
+    $ sudo chattr +i /etc/resolv.conf
+
+
+Now copy the following lines from 'resolv.conf':
+
+.. code-block:: console
+
+    [network]
+    generateResolvConf = false
+
+Then, go to the 'wsl.conf' file in '/etc' and paste the lines there.
+Please use 'sudo' here as well to avoid "File wsl.conf is unwritable" errors.
+
+.. code-block:: console
+
+    $ sudo nano wsl.conf
+
+In order to test your DNS server connection, please ping 8.8.8.8 on the terminal:
+
+.. code-block:: console
+
+    $ ping 8.8.8.8
+    PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
+    64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=9.58 ms
+    64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=45.8 ms
+    64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=9.62 ms
+    64 bytes from 8.8.8.8: icmp_seq=4 ttl=116 time=11.4 ms
+    64 bytes from 8.8.8.8: icmp_seq=5 ttl=116 time=12.2 ms
+    64 bytes from 8.8.8.8: icmp_seq=6 ttl=116 time=8.69 ms
+    64 bytes from 8.8.8.8: icmp_seq=7 ttl=116 time=52.4 ms
+    64 bytes from 8.8.8.8: icmp_seq=8 ttl=116 time=11.0 ms
+    ...
+
+While still in /etc, run the following commands:
+
+.. code-block:: console
+
+    $ sudo apt-get update
+    $ sudo apt-get dist-upgrade
+    $ sudo apt-get install --reinstall ca-certificates
+    $ sudo update-ca-certificates
+
+
+Finally, head back to your home directory and jump to 'Get the VPP Sources'.
+
 .. _setupproxies:
 
 Set up Proxies
@@ -45,6 +129,13 @@ installed, by entering the following commands:
 
 There should be no output, or no packages shown after the above commands are run.
 
+Please make sure **make** is installed before running the next command.
+If it is not installed, run the following command first:
+
+.. code-block:: console
+
+    $ sudo apt install make
+
 Run the following **make** command to install the dependencies for FD.io VPP.
 
 If the download hangs at any point, then you may need to
@@ -119,9 +210,19 @@ Use the following **make** command below to build the release version of FD.io V
 
     $ make build-release
 
+Installing External Dependencies
+-------------------------------------------
+At this point, there are still some VPP external dependencies left to install. They could be installed
+using 'make-build', but this only installs them locally in the VPP tree, not in the operating system.
+In order to fix this and save time, run the following command:
 
+.. code-block:: console
+
+    $ make install-ext-deps
+
+-------------------------------------------
 Building Necessary Packages
---------------------------------------------
+-------------------------------------------
 
 The package that needs to be built depends on the type system VPP will be running on:
 

docs/developer/build-run-debug/running_vpp.rst

@@ -33,6 +33,13 @@ _________________________
 
 With the following commands you can run VPP and then be dropped into the GDB prompt.
 
+Before running either command, please make sure that the 'gdb' package is installed.
+If it's not installed, run the following command first:
+
+.. code-block:: console
+
+   $ sudo apt install gdb
+
 Running the release image:
 
 .. code-block:: console
@@ -46,3 +53,4 @@ Running the debug image:
 
    # make debug
    (gdb)
+

docs/developer/plugins/index.rst

@@ -25,6 +25,7 @@ For more on plugins please refer to :ref:`add_plugin`.
     lldp
     nat64
     nat44_ei_ha
+    nat44_ed_doc
     pnat
     lb
     lacp

docs/developer/plugins/nat44_ed_doc.rst

@@ -0,0 +1 @@
+../../../src/plugins/nat/nat44-ed/nat44_ed_doc.rst

docs/gettingstarted/installing/index.rst

@@ -10,16 +10,16 @@ Downloading and Installing VPP
 If you want to use VPP it can be convenient to install the binaries from
 existing packages. This guide describes how to pull, install and run the VPP packages.
 
-This section provides directions on how to Install VPP binaries on
-Ubuntu, and Centos platforms.
-
-FD.io VPP is installed using Package Cloud. For a complete set of
-instructions on how to install VPP with package cloud please refer
-to `Package Cloud <https://packagecloud.io/fdio/release>`_.
+FD.io VPP packages are stored in Packagecloud.io package repositories. There is
+a package repository for the latest VPP release packages as well as a package
+repository associated with each branch in the VPP git repository.  The VPP merge
+jobs which run on Jenkins (https://jenkins.fd.io) for each actively supported
+git branch uploads packages to packagecloud that are built from the vpp code in
+the branch.
 
 
-Installing on Ubuntu
----------------------------------
+Installing on Ubuntu / Debian OS Distros
+----------------------------------------
 
 The following are instructions on how to install VPP on Ubuntu.
 

docs/gettingstarted/installing/ubuntu.rst

@@ -8,53 +8,58 @@ Ubuntu - Setup the FD.io Repository
 Choose one of the following releases to install.
 
 Update the OS
------------------------
+-------------
 
 It is a good idea to first update and upgrade the OS before starting; run the
-following command to update the OS:
+following commands to upgrade the OS and install the curl package to download
+the setup script from packagecloud.io:
 
 .. code-block:: console
 
-    apt-get update
+    sudo apt-get update
+    sudo apt-get dist-upgrade -y
+    sudo apt-get install curl
 
+Configure Apt Using the Packagecloud Setup Script
+-------------------------------------------------
 
-Point to the Repository
------------------------------------
+FD.io Packagecloud Repositories provides pop-up menu that provides the
+ability to copy a one-line bash command to fetch the packagecloud setup script.
+In general, start at the FD.io packagecloud URL:
+
+https://packagecloud.io/fdio
+
+Then choose the desired repository link (e.g. 'release') and select the "Debian"
+package icon in the section named "Quick install instructions".  When the pop-up
+dialog appears, select the "Copy" button to copy the command to run the setup
+script and paste it into a terminal on your server.
 
-Create a file **/etc/apt/sources.list.d/99fd.io.list** with contents that point to
-the version needed. The contents needed are shown below.
 
 .. _install_vpp:
 
-VPP latest Release
+VPP Release Repo
 ^^^^^^^^^^^^^^^^^^^
 
-Create the file **/etc/apt/sources.list.d/99fd.io.list** that contain the following contents:
+The URL to install the latest VPP release is
 
-.. code-block:: console
+https://packagecloud.io/fdio/release
 
-   deb [trusted=yes] https://packagecloud.io/fdio/release/ubuntu bionic main
 
-Get the key:
+VPP master Branch Repo
+^^^^^^^^^^^^^^^^^^^^^^
+The URL to install the latest VPP release is
 
-.. code-block:: console
+https://packagecloud.io/fdio/release
 
-  curl -L https://packagecloud.io/fdio/release/gpgkey | sudo apt-key add -
 
-VPP master Branch
-^^^^^^^^^^^^^^^^^^^^
+VPP stable release Branch Repo
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-Create the file **/etc/apt/sources.list.d/99fd.io.list** that contain the following contents:
+Stable release branches are named "stable/YYMM" (e.g. stable/2206) and the associated
+packagecloud repositories are named "YYMM" (e.g 2206).  For example, the URL to
+the VPP 22.06 stable release branch package repository is:
 
-.. code-block:: console
-
-   deb [trusted=yes] https://packagecloud.io/fdio/master/ubuntu bionic main
-
-Get the key:
-
-.. code-block:: console
-
-  curl -L https://packagecloud.io/fdio/master/gpgkey | sudo apt-key add -
+https://packagecloud.io/fdio/2206
 
 
 Install the Mandatory Packages
@@ -86,3 +91,14 @@ Uninstall the  packages by running the following command:
 .. code-block:: console
 
   sudo apt-get remove --purge "vpp*"
+
+
+Remove FD.io Apt source lists
+=============================
+
+Remove FD.io Apt source list files created by the packagecloud apt setup script
+by running the following command:
+
+.. code-block:: console
+
+  sudo rm /etc/apt/sources.list.d/fdio*.list

docs/gettingstarted/progressivevpp/interface.rst

@@ -16,17 +16,17 @@ Skills to be Learned
 VPP commands learned in this exercise
 --------------------------------------
 
-#. `create host-interface <https://docs.fd.io/vpp/17.04/clicmd_src_vnet_devices_af_packet.html#clicmd_create_host-interface>`_
-#. `set int state <https://docs.fd.io/vpp/17.04/clicmd_src_vnet.html#clicmd_set_interface_state>`_
-#. `set int ip address <https://docs.fd.io/vpp/17.04/clicmd_src_vnet_ip.html#clicmd_set_interface_ip_address>`_
-#. `show hardware <https://docs.fd.io/vpp/17.04/clicmd_src_vnet.html#clicmd_show_hardware-interfaces>`_
-#. `show int <https://docs.fd.io/vpp/17.04/clicmd_src_vnet.html#clicmd_show_interfaces>`_
-#. `show int addr <https://docs.fd.io/vpp/17.04/clicmd_src_vnet.html#clicmd_show_interfaces>`_
-#. `trace add <https://docs.fd.io/vpp/17.04/clicmd_src_vlib.html#clicmd_trace_add>`_
-#. `clear trace <https://docs.fd.io/vpp/17.04/clicmd_src_vlib.html#clicmd_clear_trace>`_
-#. `ping <https://docs.fd.io/vpp/17.04/clicmd_src_vnet_ip.html#clicmd_ping>`_
-#. `show ip neighbors <https://docs.fd.io/vpp/21.06/db/dba/clicmd_src_vnet_ip-neighbor.html#clicmd_show_ip_neighbors>`_
-#. `show ip fib <https://docs.fd.io/vpp/17.04/clicmd_src_vnet_fib.html#clicmd_show_ip_fib>`_
+#. `create host-interface <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet_devices_af_packet.html#create-host-interface>`_
+#. `set int state <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet.html#set-interface-state>`_
+#. `set int ip address <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet_ip.html#set-interface-ip-address>`_
+#. `show hardware <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet.html#show-hardware-interfaces>`_
+#. `show int <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet.html#show-interface>`_
+#. `show int addr <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet.html#show-interface>`_
+#. `trace add <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vlib.html#trace-add>`_
+#. `clear trace <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vlib.html#clear-trace>`_
+#. `ping <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_plugins_ping.html>`_
+#. `show ip neighbors <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet_ip-neighbor.html#show-ip-neighbors>`_
+#. `show ip fib <https://docs.fd.io/vpp/22.06/cli-reference/clis/clicmd_src_vnet_fib.html#show-ip-fib>`_
 
 Topology
 ---------

docs/gettingstarted/troubleshooting/mem.rst

@@ -26,7 +26,7 @@ To dump memory traces for analysis:
 
 .. code-block:: console
 
-    $ vppctl show memory-trace on main-heap
+    $ vppctl show memory main-heap verbose
     Thread 0 vpp_main
       base 0x7fffb6422000, size 1g, locked, unmap-on-destroy, name 'main heap'
 	page stats: page-size 4K, total 262144, mapped 30343, not-mapped 231801

docs/usecases/vpp_testbench/index.rst

@@ -10,7 +10,7 @@ back-and-forth (i.e. ICMP echo/ping requests and HTTP GET requests).
 The intent of this example is to provide a relatively simple example of
 connecting containers via VPP and allowing others to use it as a springboard of
 sorts for their own projects and examples. Besides Docker and a handful of
-common Linux command-line utlities, not much else is required to build this
+common Linux command-line utilities, not much else is required to build this
 example (due to most of the dependencies being lumped inside the containers
 themselves).
 
@@ -60,7 +60,7 @@ project.
   other scripts in this project. Intended to be sourced (i.e. not intended to
   be run directly). Some of the helper functions are used at run-time within
   the containers, while others are intended to be run in the default namespace
-  on the host operating system to help with run-time configuration/bringup of
+  on the host operating system to help with run-time configuration/bring up of
   the testbench.
 * ``Dockerfile.vpp_testbench``: used to build the various Docker images used in
   this project (i.e. so VPP, our test tools, etc.; are all encapsulated within
@@ -81,7 +81,7 @@ Getting Started
 ^^^^^^^^^^^^^^^
 
 First, we'll assume you are running on a Ubuntu 20.04 x86_64 setup (either on a
-bare metal host or in a virtual machine), and have acquirec a copy of the
+bare metal host or in a virtual machine), and have acquired a copy of the
 project files (either by cloning the VPP git repository, or duplicating them
 from :ref:`sec_file_listings_vpp_testbench`). Now, just run ``make``. The
 process should take a few minutes as it pulls the baseline Ubuntu Docker image,
@@ -96,11 +96,11 @@ can be cleaned-up via ``make stop``, and the whole process of starting,
 testing, stopping, etc.; can be repeated as needed.
 
 In addition to starting up the containers, ``make start`` will establish
-variaous types of links/connections between the two containers, making use of
+various types of links/connections between the two containers, making use of
 both the Linux network stack, as well as VPP, to handle the "plumbing"
 involved. This is to allow various types of connections between the two
 containers, and to allow the reader to experiment with them (i.e. using
-``vppctl`` to congfigure or trace packets going over VPP-managed links, use
+``vppctl`` to configure or trace packets going over VPP-managed links, use
 traditional Linux command line utilities like ``tcpdump``, ``iproute2``,
 ``ping``, etc.; to accomplish similar tasks over links managed purely by the
 Linux network stack, etc.). Later labs will also encourage readers to compare
@@ -177,4 +177,3 @@ entrypoint_server.sh
    :caption: entrypoint_server.sh
    :language: shell
    :linenos:
-

extras/deprecated/plugins/gbp/gbp_endpoint.c

@@ -771,15 +771,13 @@ gbb_endpoint_fwd_recalc (gbp_endpoint_t * ge)
 	    gbp_endpoint_add_itf (gbp_itf_get_sw_if_index (gef->gef_itf),
 				  gei);
 	    if (FIB_PROTOCOL_IP4 == pfx->fp_proto)
-	      ip4_neighbor_advertise (vlib_get_main (),
-				      vnet_get_main (),
-				      gg->gg_uplink_sw_if_index,
-				      &pfx->fp_addr.ip4);
+	      ip4_neighbor_advertise (
+		vlib_get_main (), vnet_get_main (), gg->gg_uplink_sw_if_index,
+		vlib_get_thread_index (), &pfx->fp_addr.ip4);
 	    else
-	      ip6_neighbor_advertise (vlib_get_main (),
-				      vnet_get_main (),
-				      gg->gg_uplink_sw_if_index,
-				      &pfx->fp_addr.ip6);
+	      ip6_neighbor_advertise (
+		vlib_get_main (), vnet_get_main (), gg->gg_uplink_sw_if_index,
+		vlib_get_thread_index (), &pfx->fp_addr.ip6);
 	  }
       }
   }

extras/deprecated/plugins/gbp/test_gbp.py

@@ -1162,6 +1162,31 @@ class TestGBP(VppTestCase):
             lf = VppL2FibEntry(self, epg_nat.bd.bd, ep.mac, ep.recirc.recirc, bvi_mac=0)
             lf.add_vpp_config()
 
+        self.assert_equal(
+            self.statistics["/net/arp/tx/gratuitous"][
+                :, epgs[0].uplink.sw_if_index
+            ].sum(),
+            2,
+        )
+        self.assert_equal(
+            self.statistics["/net/arp/tx/gratuitous"][
+                :, epgs[1].uplink.sw_if_index
+            ].sum(),
+            1,
+        )
+        self.assert_equal(
+            self.statistics["/net/ip6-nd/tx/gratuitous"][
+                :, epgs[0].uplink.sw_if_index
+            ].sum(),
+            2,
+        )
+        self.assert_equal(
+            self.statistics["/net/ip6-nd/tx/gratuitous"][
+                :, epgs[1].uplink.sw_if_index
+            ].sum(),
+            1,
+        )
+
         #
         # ARP packets for unknown IP are sent to the EPG uplink
         #