diff options
author | Pablo Camarillo <pcamaril@cisco.com> | 2017-04-24 17:51:56 +0200 |
---|---|---|
committer | Neale Ranns <nranns@cisco.com> | 2017-05-05 11:38:39 +0000 |
commit | 5d73eecd63018db69b10bf56adeec9cc5cf92790 (patch) | |
tree | 5fc242e79737b2a95a75d44bfbde3d4d91db4c9f | |
parent | a774b53623f60b5e8ea8ed634d6a41e847743715 (diff) |
First commit SR MPLS
Change-Id: I961685a2a0e4c314049444c64eb6ccf877c278dd
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
40 files changed, 1371 insertions, 180 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index bdc33abe..2f198319 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -76,9 +76,11 @@ VNET IPv4 and IPv6 LPM M: Dave Barach <dave@barachs.net> F: src/vnet/ip/ -VNET IPv6 Segment Routing +VNET Segment Routing (IPv6 and MPLS) M: Pablo Camarillo <pcamaril@cisco.com> -F: src/vnet/sr/ +F: src/vnet/srv6/ +F: src/vnet/srmpls/ +F: src/examples/srv6-sample-localsid/ VNET IPSec M: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com> diff --git a/doxygen/user_doc.md b/doxygen/user_doc.md index 29df6156..d052c53b 100644 --- a/doxygen/user_doc.md +++ b/doxygen/user_doc.md @@ -15,3 +15,4 @@ Several modules provide operational, dataplane-user focused documentation. - @subpage qos_doc - @subpage span_doc - @subpage srv6_doc +- @subpage srmpls_doc diff --git a/src/examples/srv6-sample-localsid/srv6_localsid_sample.h b/src/examples/srv6-sample-localsid/srv6_localsid_sample.h index 474b5de2..ef74ea3e 100644 --- a/src/examples/srv6-sample-localsid/srv6_localsid_sample.h +++ b/src/examples/srv6-sample-localsid/srv6_localsid_sample.h @@ -17,8 +17,8 @@ #include <vnet/vnet.h> #include <vnet/ip/ip.h> -#include <vnet/sr/sr.h> -#include <vnet/sr/sr_packet.h> +#include <vnet/srv6/sr.h> +#include <vnet/srv6/sr_packet.h> #include <vppinfra/hash.h> #include <vppinfra/error.h> diff --git a/src/examples/srv6-sample-localsid/srv6_sample_localsid_doc.md b/src/examples/srv6-sample-localsid/srv6_sample_localsid_doc.md index 78e91ab3..cd717db8 100644 --- a/src/examples/srv6-sample-localsid/srv6_sample_localsid_doc.md +++ b/src/examples/srv6-sample-localsid/srv6_sample_localsid_doc.md @@ -26,5 +26,5 @@ Notice that the plugin only 'defines' a new SRv6 LocalSID behavior, but the exis ## Graph node The current graph node uses the function 'end_srh_processing' to do the Segment Routing Endpoint behavior. Notice that it does not allow the cleanup of a Segment Routing header (as per the SRv6 behavior specs). -This function is identical to the one found in /src/vnet/sr/sr_localsid.c +This function is identical to the one found in /src/vnet/srv6/sr_localsid.c In case that by some other reason you want to do decapsulation, or SRH clean_up you can use the functions 'end_decaps_srh_processing' or 'end_psp_srh_processing' respectively. diff --git a/src/plugins/ioam/ip6/ioam_cache.h b/src/plugins/ioam/ip6/ioam_cache.h index 3f69fa72..e668ad7f 100644 --- a/src/plugins/ioam/ip6/ioam_cache.h +++ b/src/plugins/ioam/ip6/ioam_cache.h @@ -20,7 +20,7 @@ #include <vnet/ip/ip_packet.h> #include <vnet/ip/ip4_packet.h> #include <vnet/ip/ip6_packet.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vppinfra/pool.h> #include <vppinfra/hash.h> diff --git a/src/plugins/ioam/ip6/ioam_cache_tunnel_select_node.c b/src/plugins/ioam/ip6/ioam_cache_tunnel_select_node.c index 0cf742c9..ca06607d 100644 --- a/src/plugins/ioam/ip6/ioam_cache_tunnel_select_node.c +++ b/src/plugins/ioam/ip6/ioam_cache_tunnel_select_node.c @@ -43,7 +43,7 @@ #include <vnet/pg/pg.h> #include <vppinfra/error.h> #include <vnet/ip/ip.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <ioam/ip6/ioam_cache.h> #include <vnet/ip/ip6_hop_by_hop.h> #include <vnet/ip/ip6_hop_by_hop_packet.h> diff --git a/src/plugins/ioam/udp-ping/udp_ping_node.c b/src/plugins/ioam/udp-ping/udp_ping_node.c index 84759b0f..e1a57955 100644 --- a/src/plugins/ioam/udp-ping/udp_ping_node.c +++ b/src/plugins/ioam/udp-ping/udp_ping_node.c @@ -25,7 +25,7 @@ #include <ioam/udp-ping/udp_ping_packet.h> #include <ioam/udp-ping/udp_ping.h> #include <ioam/udp-ping/udp_ping_util.h> -#include <vnet/sr/sr_packet.h> +#include <vnet/srv6/sr_packet.h> typedef enum { diff --git a/src/scripts/vnet/sr/left-linux-ping.sh b/src/scripts/vnet/sr/left-linux-ping.sh deleted file mode 100755 index 55b83506..00000000 --- a/src/scripts/vnet/sr/left-linux-ping.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -ifconfig eth2 inet6 add db02::1/64 -route -A inet6 add db04::1/128 gw db02::2 diff --git a/src/scripts/vnet/sr/leftpeer.conf b/src/scripts/vnet/sr/leftpeer.conf deleted file mode 100644 index 9591d968..00000000 --- a/src/scripts/vnet/sr/leftpeer.conf +++ /dev/null @@ -1,27 +0,0 @@ -comment { test sr segment chunk-offset on } -test sr hmac validate on - -comment { trunk to rightpeer } -set int ip address GigabitEthernet2/3/0 db03::2/64 -enable ip6 interface GigabitEthernet2/3/0 -set int state GigabitEthernet2/3/0 up - -comment { subscriber left-linux-ping } -set int ip address GigabitEthernet2/2/0 db02::2/64 -enable ip6 interface GigabitEthernet2/2/0 -set int state GigabitEthernet2/2/0 up - -sr hmac id 2 key Gozzer -sr hmac id 3 key Hoser - -sr tunnel src db01::1 dst db04::1/128 next db03::1 next db04::1 tag db02::2 clean key Gozzer InPE 1 - -comment { sr unaware service chaining to db03::5 } -comment { sr tunnel src db01::1 dst db04::1/128 next db03::1 next db03::5 next db04::1 tag db02::2 clean key Gozzer InPE 1 } - -comment { tap connect srlocal hwaddr random } -comment { set int ip6 table tap-0 1 } -comment { set int ip address tap-0 db04::99/64 } -comment { enable ip6 interface tap-0 } -comment { set int state tap-0 up } -comment { ip route add table 1 db02::0/64 lookup in table 0 } diff --git a/src/scripts/vnet/sr/mcast b/src/scripts/vnet/sr/mcast deleted file mode 100644 index 50e73efa..00000000 --- a/src/scripts/vnet/sr/mcast +++ /dev/null @@ -1,58 +0,0 @@ - -loop create -loop create -loop create -loop create - -set int state loop0 up -set int state loop1 up -set int state loop2 up -set int state loop3 up - -set int ip address loop0 2001::1/64 -set int ip address loop1 2001:1::1/64 -set int ip address loop2 2001:2::1/64 -set int ip address loop3 2001:3::1/64 - -set ip6 neighbor loop1 2001:1::2 00:00:dd:ee:cc:d1 -set ip6 neighbor loop2 2001:2::2 00:00:dd:ee:cc:d2 -set ip6 neighbor loop3 2001:3::2 00:00:dd:ee:cc:d3 - -ip route 3001::1/128 via 2001:1::2 loop1 -ip route 3001::2/128 via 2001:2::2 loop2 -ip route 3001::3/128 via 2001:3::2 loop3 - -sr tunnel name SR1 src aaaa::2:1 dst ff19::1/128 next 3001::1 clean -sr tunnel name SR2 src aaaa::2:2 dst ff19::2/128 next 3001::2 clean -sr tunnel name SR3 src aaaa::2:3 dst ff19::3/128 next 3001::3 clean - -sr policy name MCAST1 tunnel SR1 tunnel SR2 tunnel SR3 - -sr multicast-map address ff18::1 sr-policy MCAST1 - -packet-generator new { - name x - limit 1 - node ethernet-input - size 64-64 - no-recycle - data { - IP6: 1.2.3 -> 4.5.6 - ICMP: 3002::2 -> ff18::1 - ICMP echo_request - incrementing 100 - } -} -trace add pg-input 100 - -sr multicast-map del address ff18::1 sr-policy MCAST1 -sr policy del name MCAST1 tunnel SR1 tunnel SR2 tunnel SR3 - -ip route del 3001::1/128 via 2001:1::2 loop1 -ip route del 3001::2/128 via 2001:2::2 loop2 -ip route del 3001::3/128 via 2001:3::2 loop3 - -sr tunnel del name SR1 src aaaa::2:1 dst ff19::1/128 next 3001::1 clean -sr tunnel del name SR2 src aaaa::2:2 dst ff19::2/128 next 3001::2 clean -sr tunnel del name SR3 src aaaa::2:3 dst ff19::3/128 next 3001::3 clean - diff --git a/src/scripts/vnet/sr/right-linux-ping.sh b/src/scripts/vnet/sr/right-linux-ping.sh deleted file mode 100755 index 029368db..00000000 --- a/src/scripts/vnet/sr/right-linux-ping.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -ifconfig eth1 inet6 add db04::1/64 -route -A inet6 add db02::1/128 gw db04::2 diff --git a/src/scripts/vnet/sr/rightpeer.conf b/src/scripts/vnet/sr/rightpeer.conf deleted file mode 100644 index 6da7a7af..00000000 --- a/src/scripts/vnet/sr/rightpeer.conf +++ /dev/null @@ -1,22 +0,0 @@ -comment { trunk to leftpeer } -set int ip address GigabitEthernet2/0/0 db03::1/64 -enable ip6 interface GigabitEthernet2/0/0 -set int state GigabitEthernet2/0/0 up - -comment { subscriber right-linux-ping } -set int ip address GigabitEthernet2/2/0 db04::2/64 - -comment { next address to fake out ND on shared LAN segment } -set int ip address GigabitEthernet2/2/0 db02::13/64 - -enable ip6 interface GigabitEthernet2/2/0 -set int state GigabitEthernet2/2/0 up - -sr tunnel src db04::1 dst db02::1/128 next db03::2 next db02::1 tag db04::2 clean - -tap connect srlocal hwaddr random -set int ip6 table tap-0 1 -set int ip address tap-0 db04::99/64 -enable ip6 interface tap-0 -set int state tap-0 up -ip route add table 1 db02::0/64 lookup in table 0 diff --git a/src/scripts/vnet/sr/sr_mpls b/src/scripts/vnet/sr/sr_mpls new file mode 100644 index 00000000..4646372a --- /dev/null +++ b/src/scripts/vnet/sr/sr_mpls @@ -0,0 +1,11 @@ +set interface mpls local0 enable +sr mpls policy add bsid 20001 next 16001 next 16002 next 16003 +sr mpls steer l3 a::/112 via sr policy bsid 20001 + +loop create +set int state loop0 up + +set int ip address loop0 11.0.0.1/24 +set ip arp loop0 11.0.0.2 00:00:11:aa:bb:cc + +mpls local-label 16001 via 11.0.0.2 loop0 out-label 16001 diff --git a/src/scripts/vnet/sr/srlocal.sh b/src/scripts/vnet/sr/srlocal.sh deleted file mode 100755 index 2f568408..00000000 --- a/src/scripts/vnet/sr/srlocal.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -ifconfig srlocal inet6 add db04::1/64 -route -6 add db02::0/64 gw db04::99 diff --git a/src/vnet.am b/src/vnet.am index 6e35df87..121d1a9c 100644 --- a/src/vnet.am +++ b/src/vnet.am @@ -697,21 +697,31 @@ nobase_include_HEADERS += \ # ipv6 segment routing ######################################## -if WITH_LIBSSL libvnet_la_SOURCES += \ - vnet/sr/sr.c \ - vnet/sr/sr_localsid.c \ - vnet/sr/sr_policy_rewrite.c \ - vnet/sr/sr_steering.c \ - vnet/sr/sr_api.c -endif + vnet/srv6/sr.c \ + vnet/srv6/sr_localsid.c \ + vnet/srv6/sr_policy_rewrite.c \ + vnet/srv6/sr_steering.c \ + vnet/srv6/sr_api.c nobase_include_HEADERS += \ - vnet/sr/sr_packet.h \ - vnet/sr/sr.h \ - vnet/sr/sr.api.h + vnet/srv6/sr_packet.h \ + vnet/srv6/sr.h \ + vnet/srv6/sr.api.h + +API_FILES += vnet/srv6/sr.api + +######################################## +# mpls segment routing +######################################## + +libvnet_la_SOURCES += \ + vnet/srmpls/sr_mpls_policy.c \ + vnet/srmpls/sr_mpls_steering.c -API_FILES += vnet/sr/sr.api + +nobase_include_HEADERS += \ + vnet/srmpls/sr.h ######################################## # IPFIX / netflow v10 diff --git a/src/vnet/dpo/mpls_label_dpo.c b/src/vnet/dpo/mpls_label_dpo.c index 4d84b900..18479531 100644 --- a/src/vnet/dpo/mpls_label_dpo.c +++ b/src/vnet/dpo/mpls_label_dpo.c @@ -171,7 +171,7 @@ mpls_label_paint (vlib_buffer_t * b0, hdr0 = vlib_buffer_get_current(b0); - if (PREDICT_TRUE(1 == mld0->mld_n_labels)) + if (1 == mld0->mld_n_labels) { /* optimise for the common case of one label */ *hdr0 = mld0->mld_hdr[0]; diff --git a/src/vnet/fib/fib_entry.h b/src/vnet/fib/fib_entry.h index 2196079b..aa1000e0 100644 --- a/src/vnet/fib/fib_entry.h +++ b/src/vnet/fib/fib_entry.h @@ -49,6 +49,10 @@ typedef enum fib_source_t_ { */ FIB_SOURCE_INTERFACE, /** + * SRv6 and SR-MPLS + */ + FIB_SOURCE_SR, + /** * A high priority source a plugin can use */ FIB_SOURCE_PLUGIN_HI, @@ -65,10 +69,6 @@ typedef enum fib_source_t_ { */ FIB_SOURCE_LISP, /** - * SRv6 - */ - FIB_SOURCE_SR, - /** * IPv[46] Mapping */ FIB_SOURCE_MAP, diff --git a/src/vnet/srmpls/dir.dox b/src/vnet/srmpls/dir.dox new file mode 100755 index 00000000..76ec1d6a --- /dev/null +++ b/src/vnet/srmpls/dir.dox @@ -0,0 +1,22 @@ +/* + * + * Copyright (c) 2013 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + @dir + @brief Segment Routing MPLS code + + An implementation of Segment Routing for the MPLS dataplane. + +*/
\ No newline at end of file diff --git a/src/vnet/srmpls/sr.h b/src/vnet/srmpls/sr.h new file mode 100755 index 00000000..0e106697 --- /dev/null +++ b/src/vnet/srmpls/sr.h @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @brief Segment Routing MPLS data structures definitions + * + */ + +#ifndef included_vnet_srmpls_h +#define included_vnet_srmpls_h + +#include <vnet/vnet.h> +#include <vnet/mpls/packet.h> +#include <vnet/fib/mpls_fib.h> +#include <vnet/ip/ip.h> +#include <vnet/ip/lookup.h> +#include <vnet/dpo/dpo.h> +#include <vnet/dpo/replicate_dpo.h> + +#include <stdlib.h> +#include <string.h> + +/* SR policy types */ +#define SR_POLICY_TYPE_DEFAULT 0 +#define SR_POLICY_TYPE_SPRAY 1 + +#define SR_SEGMENT_LIST_WEIGHT_DEFAULT 1 + +#define SR_STEER_IPV4 4 +#define SR_STEER_IPV6 6 + +/** + * @brief SR Segment List (SID list) + */ +typedef struct +{ + /** + * SIDs (key) + */ + mpls_label_t *segments; + + /** + * SID list weight (wECMP / UCMP) + */ + u32 weight; + +} mpls_sr_sl_t; + +typedef struct +{ + u32 *segments_lists; /**< Pool of SID lists indexes */ + + mpls_label_t bsid; /**< BindingSID (key) */ + + u8 type; /**< Type (default is 0) */ + /* SR Policy specific DPO */ + /* IF Type = DEFAULT Then Load Balancer DPO among SID lists */ + /* IF Type = SPRAY then Spray DPO with all SID lists */ + +} mpls_sr_policy_t; + +/** + * @brief Steering db key + * + * L3 is IPv4/IPv6 + mask + */ +typedef struct +{ + ip46_address_t prefix; /**< IP address of the prefix */ + u32 mask_width; /**< Mask width of the prefix */ + u32 fib_table; /**< VRF of the prefix */ + u8 traffic_type; /**< Traffic type (IPv4, IPv6, L2) */ + u8 padding[3]; +} sr_mpls_steering_key_t; + +typedef struct +{ + sr_mpls_steering_key_t classify; /**< Traffic classification */ + u32 sr_policy; /**< SR Policy index */ +} mpls_sr_steering_policy_t; + +/** + * @brief Segment Routing main datastructure + */ +typedef struct +{ + /** + * SR SID lists + */ + mpls_sr_sl_t *sid_lists; + + /** + * SR MPLS policies + */ + mpls_sr_policy_t *sr_policies; + + /** + * Hash table mapping BindingSID to SR MPLS policy + */ + uword *sr_policies_index_hash; + + /** + * Pool of SR steer policies instances + */ + mpls_sr_steering_policy_t *steer_policies; + + /** + * MHash table mapping steering rules to SR steer instance + */ + mhash_t sr_steer_policies_hash; + + /** + * convenience + */ + vlib_main_t *vlib_main; + vnet_main_t *vnet_main; +} mpls_sr_main_t; + +extern mpls_sr_main_t sr_mpls_main; + +extern int +sr_mpls_policy_add (mpls_label_t bsid, mpls_label_t * segments, + u8 behavior, u32 weight); + +extern int +sr_mpls_policy_mod (mpls_label_t bsid, u32 index, u8 operation, + mpls_label_t * segments, u32 sl_index, u32 weight); + +extern int sr_mpls_policy_del (mpls_label_t bsid, u32 index); + +#endif /* included_vnet_sr_mpls_h */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/srmpls/sr_doc.md b/src/vnet/srmpls/sr_doc.md new file mode 100644 index 00000000..d60592bb --- /dev/null +++ b/src/vnet/srmpls/sr_doc.md @@ -0,0 +1,87 @@ +# SR-MPLS: Segment Routing for MPLS {#srmpls_doc} + +This is a memo intended to contain documentation of the VPP SR-MPLS implementation. +Everything that is not directly obvious should come here. +For any feedback on content that should be explained please mailto:pcamaril@cisco.com + +## Segment Routing + +Segment routing is a network technology focused on addressing the limitations of existing IP and Multiprotocol Label Switching (MPLS) networks in terms of simplicity, scale, and ease of operation. It is a foundation for application engineered routing as it prepares the networks for new business models where applications can control the network behavior. + +Segment routing seeks the right balance between distributed intelligence and centralized optimization and programming. It was built for the software-defined networking (SDN) era. + +Segment routing enhances packet forwarding behavior by enabling a network to transport unicast packets through a specific forwarding path, different from the normal path that a packet usually takes (IGP shortest path or BGP best path). This capability benefits many use cases, and one can build those specific paths based on application requirements. + +Segment routing uses the source routing paradigm. A node, usually a router but also a switch, a trusted server, or a virtual forwarder running on a hypervisor, steers a packet through an ordered list of instructions, called segments. A segment can represent any instruction, topological or service-based. A segment can have a local semantic to a segment-routing node or global within a segment-routing network. Segment routing allows an operator to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the segment-routing network. Segment routing also supports equal-cost multipath (ECMP) by design. + +Segment routing can operate with either an MPLS or an IPv6 data plane. All the currently available MPLS services, such as Layer 3 VPN (L3VPN), L2VPN (Virtual Private Wire Service [VPWS], Virtual Private LAN Services [VPLS], Ethernet VPN [E-VPN], and Provider Backbone Bridging Ethernet VPN [PBB-EVPN]), can run on top of a segment-routing transport network. + +**The implementation of Segment Routing in VPP covers both the IPv6 data plane (SRv6) as well as the MPLS data plane (SR-MPLS). This page contains the SR-MPLS documentation.** + +## Segment Routing terminology + +* SegmentID (SID): is an MPLS label. +* Segment List (SL) (SID List): is the sequence of SIDs that the packet will traverse. +* SR Policy: is a set of candidate paths (SID list+weight). An SR policy is uniquely identified by its Binding SID and associated with a weighted set of Segment Lists. In case several SID lists are defined, traffic steered into the policy is unevenly load-balanced among them according to their respective weights. +* BindingSID: a BindingSID is a SID (only one) associated one-one with an SR Policy. If a packet arrives with MPLS label corresponding to a BindingSID, then the SR policy will be applied to such packet. (BindingSID is popped first.) + +## SR-MPLS features in VPP + +The SR-MPLS implementation is focused on the SR policies, as well on its steering. Others SR-MPLS features, such as for example AdjSIDs, can be achieved using the regular VPP MPLS implementation. + +The <a href="https://datatracker.ietf.org/doc/draft-filsfils-spring-segment-routing-policy/">Segment Routing Policy (*draft-filsfils-spring-segment-routing-policy*)</a> defines SR Policies. + +## Creating a SR Policy + +An SR Policy is defined by a Binding SID and a weighted set of Segment Lists. + +A new SR policy is created with a first SID list using: + + sr mpls policy add bsid 40001 next 16001 next 16002 next 16003 (weight 5) + +* The weight parameter is only used if more than one SID list is associated with the policy. + +An SR policy is deleted with: + + sr mpls policy del bsid 40001 + +The existing SR policies are listed with: + + show sr mpls policies + +### Adding/Removing SID Lists from an SR policy + +An additional SID list is associated with an existing SR policy with: + + sr mpls policy mod bsid 40001 add sl next 16001 next 16002 next 16003 (weight 3) + +Conversely, a SID list can be removed from an SR policy with: + + sr mpls policy mod bsid 4001 del sl index 1 + +Note that this CLI cannot be used to remove the last SID list of a policy. Instead the SR policy delete CLI must be used. + +The weight of a SID list can also be modified with: + + sr mpls policy mod bsid 40001 mod sl index 1 weight 4 + sr mpls policy mod index 1 mod sl index 1 weight 4 + +### SR Policies: Spray policies + +Spray policies are a specific type of SR policies where the packet is replicated on all the SID lists, rather than load-balanced among them. + +SID list weights are ignored with this type of policies. + +A Spray policy is instantiated by appending the keyword **spray** to a regular SR-MPLS policy command, as in: + + sr mpls policy add bsid 40002 next 16001 next 16002 next 16003 spray + +Spray policies are used for removing multicast state from a network core domain, and instead send a linear unicast copy to every access node. The last SID in each list accesses the multicast tree within the access node. + +## Steering packets into a SR Policy + +To steer packets in Transit into an SR policy, the user needs to create an 'sr steering policy'. + + sr mpls steer l3 2001::/64 via sr policy bsid 40001 + sr mpls steer l3 2001::/64 via sr policy bsid 40001 fib-table 3 + sr mpls steer l3 10.0.0.0/16 via sr policy bsid 40001 diff --git a/src/vnet/srmpls/sr_mpls_policy.c b/src/vnet/srmpls/sr_mpls_policy.c new file mode 100755 index 00000000..5ebbc60d --- /dev/null +++ b/src/vnet/srmpls/sr_mpls_policy.c @@ -0,0 +1,569 @@ +/* + * sr_mpls_policy.c: SR-MPLS policies + * + * Copyright (c) 2016 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @brief SR MPLS policy creation and application + * + * Create an SR policy. + * An SR policy can be either of 'default' type or 'spray' type + * An SR policy has attached a list of SID lists. + * In case the SR policy is a default one it will load balance among them. + * An SR policy has associated a BindingSID. + * In case any packet arrives with MPLS_label == BindingSID then the SR policy + * associated to such bindingSID will be applied to such packet. + * + */ + +#include <vlib/vlib.h> +#include <vnet/vnet.h> +#include <vnet/srmpls/sr.h> +#include <vnet/fib/mpls_fib.h> +#include <vnet/dpo/dpo.h> +#include <vnet/dpo/replicate_dpo.h> +#include <vnet/dpo/mpls_label_dpo.h> +#include <vnet/dpo/lookup_dpo.h> + +#include <vppinfra/error.h> +#include <vppinfra/elog.h> + +mpls_sr_main_t sr_mpls_main; + +/*************************** SR LB helper functions **************************/ +/** + * @brief Creates a Segment List and adds it to an SR policy + * + * Creates a Segment List and adds it to the SR policy. Notice that the SL are + * not necessarily unique. Hence there might be two Segment List within the + * same SR Policy with exactly the same segments and same weight. + * + * @param sr_policy is the SR policy where the SL will be added + * @param sl is a vector of IPv6 addresses composing the Segment List + * @param weight is the weight of the SegmentList (for load-balancing purposes) + * @param is_encap represents the mode (SRH insertion vs Encapsulation) + * + * @return pointer to the just created segment list + */ +static inline mpls_sr_sl_t * +create_sl (mpls_sr_policy_t * sr_policy, mpls_label_t * sl, u32 weight) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + mpls_sr_sl_t *segment_list; + + pool_get (sm->sid_lists, segment_list); + memset (segment_list, 0, sizeof (*segment_list)); + + vec_add1 (sr_policy->segments_lists, segment_list - sm->sid_lists); + + /* Fill in segment list */ + segment_list->weight = + (weight != (u32) ~ 0 ? weight : SR_SEGMENT_LIST_WEIGHT_DEFAULT); + segment_list->segments = vec_dup (sl); + + fib_route_path_t path = { + .frp_proto = FIB_PROTOCOL_MPLS, + .frp_sw_if_index = ~0, + .frp_fib_index = 0, + .frp_weight = segment_list->weight, + .frp_flags = FIB_ROUTE_PATH_FLAG_NONE, + .frp_label_stack = NULL, + .frp_local_label = sl[0], + }; + + vec_add (path.frp_label_stack, sl + 1, vec_len (sl) - 1); + + fib_route_path_t *paths = NULL; + vec_add1 (paths, path); + + mpls_eos_bit_t eos; + FOR_EACH_MPLS_EOS_BIT (eos) + { + /* *INDENT-OFF* */ + fib_prefix_t pfx = { + .fp_len = 21, + .fp_proto = FIB_PROTOCOL_MPLS, + .fp_label = sr_policy->bsid, + .fp_eos = eos, + .fp_payload_proto = DPO_PROTO_MPLS, + }; + /* *INDENT-ON* */ + + fib_table_entry_path_add2 (0, + &pfx, + FIB_SOURCE_SR, + (sr_policy->type == SR_POLICY_TYPE_DEFAULT ? + FIB_ENTRY_FLAG_NONE : + FIB_ENTRY_FLAG_MULTICAST), paths); + } + + vec_free (paths); + + return segment_list; +} + +/******************************* SR rewrite API *******************************/ +/* Three functions for handling sr policies: + * -> sr_mpls_policy_add + * -> sr_mpls_policy_del + * -> sr_mpls_policy_mod + * All of them are API. CLI function on sr_policy_command_fn */ + +/** + * @brief Create a new SR policy + * + * @param bsid is the bindingSID of the SR Policy + * @param segments is a vector of MPLS labels composing the segment list + * @param behavior is the behavior of the SR policy. (default//spray) + * @param fib_table is the VRF where to install the FIB entry for the BSID + * @param weight is the weight of this specific SID list + * + * @return 0 if correct, else error + */ +int +sr_mpls_policy_add (mpls_label_t bsid, mpls_label_t * segments, + u8 behavior, u32 weight) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + mpls_sr_policy_t *sr_policy = 0; + uword *p; + + /* Search for existing keys (BSID) */ + p = hash_get (sm->sr_policies_index_hash, bsid); + if (p) + { + /* Add SR policy that already exists; complain */ + return -12; + } + + /* Add an SR policy object */ + pool_get (sm->sr_policies, sr_policy); + memset (sr_policy, 0, sizeof (*sr_policy)); + sr_policy->bsid = bsid; + sr_policy->type = behavior; + + /* Copy the key */ + hash_set (sm->sr_policies_index_hash, bsid, sr_policy - sm->sr_policies); + + /* Create a segment list and add the index to the SR policy */ + create_sl (sr_policy, segments, weight); + + return 0; +} + +/** + * @brief Delete a SR policy + * + * @param bsid is the bindingSID of the SR Policy + * @param index is the index of the SR policy + * + * @return 0 if correct, else error + */ +int +sr_mpls_policy_del (mpls_label_t bsid, u32 index) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + mpls_sr_policy_t *sr_policy = 0; + mpls_sr_sl_t *segment_list; + mpls_eos_bit_t eos; + u32 *sl_index; + uword *p; + + if (bsid) + { + p = hash_get (sm->sr_policies_index_hash, bsid); + if (p) + sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); + else + return -1; + } + else + { + sr_policy = pool_elt_at_index (sm->sr_policies, index); + if (!sr_policy) + return -1; + } + + /* Clean SID Lists */ + vec_foreach (sl_index, sr_policy->segments_lists) + { + segment_list = pool_elt_at_index (sm->sid_lists, *sl_index); + + fib_route_path_t path = { + .frp_proto = FIB_PROTOCOL_MPLS, + .frp_sw_if_index = ~0, + .frp_fib_index = 0, + .frp_weight = segment_list->weight, + .frp_flags = FIB_ROUTE_PATH_FLAG_NONE, + .frp_local_label = segment_list->segments[0], + }; + + fib_route_path_t *paths = NULL; + vec_add1 (paths, path); + + /* remove each of the MPLS routes */ + FOR_EACH_MPLS_EOS_BIT (eos) + { + /* *INDENT-OFF* */ + fib_prefix_t pfx = { + .fp_len = 21, + .fp_proto = FIB_PROTOCOL_MPLS, + .fp_label = sr_policy->bsid, + .fp_eos = eos, + .fp_payload_proto = DPO_PROTO_MPLS, + }; + /* *INDENT-ON* */ + + fib_table_entry_path_remove2 (0, &pfx, FIB_SOURCE_SR, paths); + } + vec_free (paths); + vec_free (segment_list->segments); + pool_put_index (sm->sid_lists, *sl_index); + } + + /* Remove SR policy entry */ + hash_unset (sm->sr_policies_index_hash, sr_policy->bsid); + pool_put (sm->sr_policies, sr_policy); + + return 0; +} + +/** + * @brief Modify an existing SR policy + * + * The possible modifications are adding a new Segment List, modifying an + * existing Segment List (modify the weight only) and delete a given + * Segment List from the SR Policy. + * + * @param bsid is the bindingSID of the SR Policy + * @param index is the index of the SR policy + * @param fib_table is the VRF where to install the FIB entry for the BSID + * @param operation is the operation to perform (among the top ones) + * @param segments is a vector of IPv6 address composing the segment list + * @param sl_index is the index of the Segment List to modify/delete + * @param weight is the weight of the sid list. optional. + * + * @return 0 if correct, else error + */ +int +sr_mpls_policy_mod (mpls_label_t bsid, u32 index, u8 operation, + mpls_label_t * segments, u32 sl_index, u32 weight) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + mpls_sr_policy_t *sr_policy = 0; + mpls_sr_sl_t *segment_list; + u32 *sl_index_iterate; + uword *p; + + if (bsid) + { + p = hash_get (sm->sr_policies_index_hash, bsid); + if (p) + sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); + else + return -1; + } + else + { + sr_policy = pool_elt_at_index (sm->sr_policies, index); + if (!sr_policy) + return -1; + } + + if (operation == 1) /* Add SR List to an existing SR policy */ + { + /* Create the new SL */ + segment_list = create_sl (sr_policy, segments, weight); + + } + else if (operation == 2) /* Delete SR List from an existing SR policy */ + { + /* Check that currently there are more than one SID list */ + if (vec_len (sr_policy->segments_lists) == 1) + return -21; + + /* Check that the SR list does exist and is assigned to the sr policy */ + vec_foreach (sl_index_iterate, sr_policy->segments_lists) + if (*sl_index_iterate == sl_index) + break; + + if (*sl_index_iterate != sl_index) + return -22; + + /* Remove the lucky SR list that is being kicked out */ + segment_list = pool_elt_at_index (sm->sid_lists, sl_index); + + mpls_eos_bit_t eos; + fib_route_path_t path = { + .frp_proto = FIB_PROTOCOL_MPLS, + .frp_sw_if_index = ~0, + .frp_fib_index = 0, + .frp_weight = segment_list->weight, + .frp_flags = FIB_ROUTE_PATH_FLAG_NONE, + .frp_local_label = segment_list->segments[0], + }; + + fib_route_path_t *paths = NULL; + vec_add1 (paths, path); + + FOR_EACH_MPLS_EOS_BIT (eos) + { + /* *INDENT-OFF* */ + fib_prefix_t pfx = { + .fp_len = 21, + .fp_proto = FIB_PROTOCOL_MPLS, + .fp_label = sr_policy->bsid, + .fp_eos = eos, + .fp_payload_proto = DPO_PROTO_MPLS, + }; + /* *INDENT-ON* */ + + fib_table_entry_path_remove2 (0, &pfx, FIB_SOURCE_SR, paths); + } + + vec_free (paths); + vec_free (segment_list->segments); + pool_put_index (sm->sid_lists, sl_index); + vec_del1 (sr_policy->segments_lists, + sl_index_iterate - sr_policy->segments_lists); + } + else if (operation == 3) /* Modify the weight of an existing SR List */ + { + /* Find the corresponding SL */ + vec_foreach (sl_index_iterate, sr_policy->segments_lists) + if (*sl_index_iterate == sl_index) + break; + + if (*sl_index_iterate != sl_index) + return -32; + + /* Change the weight */ + segment_list = pool_elt_at_index (sm->sid_lists, sl_index); + segment_list->weight = weight; + + /* Update LB */ + //FIXME + } + return 0; +} + +/** + * @brief CLI for 'sr mpls policies' command family + */ +static clib_error_t * +sr_mpls_policy_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + int rv = -1; + char is_del = 0, is_add = 0, is_mod = 0; + char policy_set = 0; + mpls_label_t bsid, next_label; + u32 sr_policy_index = (u32) ~ 0, sl_index = (u32) ~ 0; + u32 weight = (u32) ~ 0; + mpls_label_t *segments = 0; + u8 operation = 0; + u8 is_spray = 0; + + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (!is_add && !is_mod && !is_del && unformat (input, "add")) + is_add = 1; + else if (!is_add && !is_mod && !is_del && unformat (input, "del")) + is_del = 1; + else if (!is_add && !is_mod && !is_del && unformat (input, "mod")) + is_mod = 1; + else if (!policy_set + && unformat (input, "bsid %U", unformat_mpls_unicast_label, + &bsid)) + policy_set = 1; + else if (!is_add && !policy_set + && unformat (input, "index %d", &sr_policy_index)) + policy_set = 1; + else if (unformat (input, "weight %d", &weight)); + else + if (unformat + (input, "next %U", unformat_mpls_unicast_label, &next_label)) + { + vec_add (segments, &next_label, 1); + } + else if (unformat (input, "add sl")) + operation = 1; + else if (unformat (input, "del sl index %d", &sl_index)) + operation = 2; + else if (unformat (input, "mod sl index %d", &sl_index)) + operation = 3; + else if (unformat (input, "spray")) + is_spray = 1; + else + break; + } + + if (!is_add && !is_mod && !is_del) + return clib_error_return (0, "Incorrect CLI"); + + if (!policy_set) + return clib_error_return (0, "No SR policy BSID or index specified"); + + if (is_add) + { + if (vec_len (segments) == 0) + return clib_error_return (0, "No Segment List specified"); + + rv = sr_mpls_policy_add (bsid, segments, + (is_spray ? SR_POLICY_TYPE_SPRAY : + SR_POLICY_TYPE_DEFAULT), weight); + } + else if (is_del) + rv = + sr_mpls_policy_del ((sr_policy_index != (u32) ~ 0 ? (u32) ~ 0 : bsid), + sr_policy_index); + else if (is_mod) + { + if (!operation) + return clib_error_return (0, "No SL modification specified"); + if (operation != 1 && sl_index == (u32) ~ 0) + return clib_error_return (0, "No Segment List index specified"); + if (operation == 1 && vec_len (segments) == 0) + return clib_error_return (0, "No Segment List specified"); + if (operation == 3 && weight == (u32) ~ 0) + return clib_error_return (0, "No new weight for the SL specified"); + rv = + sr_mpls_policy_mod ((sr_policy_index != (u32) ~ 0 ? (u32) ~ 0 : bsid), + sr_policy_index, operation, segments, + sl_index, weight); + } + + switch (rv) + { + case 0: + break; + case 1: + return 0; + case -12: + return clib_error_return (0, + "There is already a FIB entry for the BindingSID address.\n" + "The SR policy could not be created."); + case -21: + return clib_error_return (0, + "The selected SR policy only contains ONE segment list. " + "Please remove the SR policy instead"); + case -22: + return clib_error_return (0, + "Could not delete the segment list. " + "It is not associated with that SR policy."); + case -32: + return clib_error_return (0, + "Could not modify the segment list. " + "The given SL is not associated with such SR policy."); + default: + return clib_error_return (0, "BUG: sr policy returns %d", rv); + } + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (sr_mpls_policy_command, static) = { + .path = "sr mpls policy", + .short_help = "sr mpls policy [add||del||mod] bsid 2999 " + "next 10 next 20 next 30 (weight 1) (spray)", + .long_help = "TBD.\n", + .function = sr_mpls_policy_command_fn, +}; +/* *INDENT-ON* */ + +/** + * @brief CLI to display onscreen all the SR MPLS policies + */ +static clib_error_t * +show_sr_mpls_policies_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + mpls_sr_sl_t *segment_list = 0; + mpls_sr_policy_t *sr_policy = 0; + mpls_sr_policy_t **vec_policies = 0; + mpls_label_t *label; + u32 *sl_index; + u8 *s; + int i = 0; + + vlib_cli_output (vm, "SR MPLS policies:"); + + /* *INDENT-OFF* */ + pool_foreach (sr_policy, sm->sr_policies, {vec_add1 (vec_policies, sr_policy); } ); + /* *INDENT-ON* */ + + vec_foreach_index (i, vec_policies) + { + sr_policy = vec_policies[i]; + vlib_cli_output (vm, "[%u].-\tBSID: %U", + (u32) (sr_policy - sm->sr_policies), + format_mpls_unicast_label, sr_policy->bsid); + vlib_cli_output (vm, "\tType: %s", + (sr_policy->type == + SR_POLICY_TYPE_DEFAULT ? "Default" : "Spray")); + vlib_cli_output (vm, "\tSegment Lists:"); + vec_foreach (sl_index, sr_policy->segments_lists) + { + s = NULL; + segment_list = pool_elt_at_index (sm->sid_lists, *sl_index); + s = format (s, "\t[%u].- ", *sl_index); + s = format (s, "< "); + vec_foreach (label, segment_list->segments) + { + s = format (s, "%U, ", format_mpls_unicast_label, *label); + } + s = format (s, "\b\b > "); + vlib_cli_output (vm, " %s", s); + } + vlib_cli_output (vm, "-----------"); + } + vec_free (vec_policies); + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (show_sr_mpls_policies_command, static) = { + .path = "show sr mpls policies", + .short_help = "show sr mpls policies", + .function = show_sr_mpls_policies_command_fn, +}; +/* *INDENT-ON* */ + +/********************* SR MPLS Policy initialization ***********************/ +/** + * @brief SR MPLS Policy initialization + */ +clib_error_t * +sr_mpls_policy_rewrite_init (vlib_main_t * vm) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + + /* Init memory for sr policy keys (bsid <-> ip6_address_t) */ + sm->sr_policies_index_hash = hash_create (0, sizeof (mpls_label_t)); + + return 0; +} + +VLIB_INIT_FUNCTION (sr_mpls_policy_rewrite_init); + +/* +* fd.io coding-style-patch-verification: ON +* +* Local Variables: +* eval: (c-set-style "gnu") +* End: +*/ diff --git a/src/vnet/srmpls/sr_mpls_steering.c b/src/vnet/srmpls/sr_mpls_steering.c new file mode 100755 index 00000000..37707049 --- /dev/null +++ b/src/vnet/srmpls/sr_mpls_steering.c @@ -0,0 +1,453 @@ +/* + * sr_steering.c: ipv6 segment routing steering into SR policy + * + * Copyright (c) 2016 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @brief Packet steering into SR-MPLS Policies + * + * This file is in charge of handling the FIB appropiatly to steer packets + * through SR Policies as defined in 'sr_mpls_policy.c'. Notice that here + * we are only doing steering. SR policy application is done in + * sr_policy_rewrite.c + * + * Supports: + * - Steering of IPv6 traffic Destination Address based + * - Steering of IPv4 traffic Destination Address based + */ + +#include <vlib/vlib.h> +#include <vnet/vnet.h> +#include <vnet/srmpls/sr.h> +#include <vnet/ip/ip4_packet.h> +#include <vnet/ip/ip6_packet.h> +#include <vnet/fib/mpls_fib.h> + +#include <vppinfra/error.h> +#include <vppinfra/elog.h> + +/** + * @brief Steer traffic L3 traffic through a given SR-MPLS policy + * + * @param is_del + * @param bsid is the bindingSID of the SR Policy (alt to sr_policy_index) + * @param sr_policy is the index of the SR Policy (alt to bsid) + * @param table_id is the VRF where to install the FIB entry for the BSID + * @param prefix is the IPv4/v6 address for L3 traffic type + * @param mask_width is the mask for L3 traffic type + * @param traffic_type describes the type of traffic + * + * @return 0 if correct, else error + */ +int +sr_mpls_steering_policy (int is_del, mpls_label_t bsid, u32 sr_policy_index, + u32 table_id, ip46_address_t * prefix, + u32 mask_width, u8 traffic_type) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + sr_mpls_steering_key_t key; + mpls_sr_steering_policy_t *steer_pl; + fib_prefix_t pfx = { 0 }; + + mpls_sr_policy_t *sr_policy = 0; + uword *p = 0; + + memset (&key, 0, sizeof (sr_mpls_steering_key_t)); + + /* Compute the steer policy key */ + if (traffic_type == SR_STEER_IPV4 || traffic_type == SR_STEER_IPV6) + { + key.prefix.as_u64[0] = prefix->as_u64[0]; + key.prefix.as_u64[1] = prefix->as_u64[1]; + key.mask_width = mask_width; + key.fib_table = (table_id != (u32) ~ 0 ? table_id : 0); + } + else + return -1; + + key.traffic_type = traffic_type; + + /* Search for the item */ + p = mhash_get (&sm->sr_steer_policies_hash, &key); + + if (p) + { + /* Retrieve Steer Policy function */ + steer_pl = pool_elt_at_index (sm->steer_policies, p[0]); + + if (is_del) + { + if (steer_pl->classify.traffic_type == SR_STEER_IPV6) + { + /* Remove FIB entry */ + pfx.fp_proto = FIB_PROTOCOL_IP6; + pfx.fp_len = steer_pl->classify.mask_width; + pfx.fp_addr.ip6 = steer_pl->classify.prefix.ip6; + + fib_table_entry_delete (fib_table_find + (FIB_PROTOCOL_MPLS, + steer_pl->classify.fib_table), &pfx, + FIB_SOURCE_SR); + } + else if (steer_pl->classify.traffic_type == SR_STEER_IPV4) + { + /* Remove FIB entry */ + pfx.fp_proto = FIB_PROTOCOL_IP4; + pfx.fp_len = steer_pl->classify.mask_width; + pfx.fp_addr.ip4 = steer_pl->classify.prefix.ip4; + + fib_table_entry_delete (fib_table_find + (FIB_PROTOCOL_MPLS, + steer_pl->classify.fib_table), &pfx, + FIB_SOURCE_SR); + } + + /* Delete SR steering policy entry */ + pool_put (sm->steer_policies, steer_pl); + mhash_unset (&sm->sr_steer_policies_hash, &key, NULL); + + return 1; + } + else /* It means user requested to update an existing SR steering policy */ + { + /* Retrieve SR steering policy */ + if (bsid) //TODO FIXME + { + p = hash_get (sm->sr_policies_index_hash, bsid); + if (p) + sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); + else + return -2; + } + else + sr_policy = pool_elt_at_index (sm->sr_policies, sr_policy_index); + + if (!sr_policy) + return -2; + + steer_pl->sr_policy = sr_policy - sm->sr_policies; + + /* Remove old FIB/hw redirection and create a new one */ + if (steer_pl->classify.traffic_type == SR_STEER_IPV6) + { + /* Remove FIB entry */ + pfx.fp_proto = FIB_PROTOCOL_IP6; + pfx.fp_len = steer_pl->classify.mask_width; + pfx.fp_addr.ip6 = steer_pl->classify.prefix.ip6; + + fib_table_entry_delete (fib_table_find + (FIB_PROTOCOL_IP6, + steer_pl->classify.fib_table), &pfx, + FIB_SOURCE_SR); + + /* Create a new one */ + goto update_fib; + } + else if (steer_pl->classify.traffic_type == SR_STEER_IPV4) + { + /* Remove FIB entry */ + pfx.fp_proto = FIB_PROTOCOL_IP4; + pfx.fp_len = steer_pl->classify.mask_width; + pfx.fp_addr.ip4 = steer_pl->classify.prefix.ip4; + + fib_table_entry_delete (fib_table_find + (FIB_PROTOCOL_IP4, + steer_pl->classify.fib_table), &pfx, + FIB_SOURCE_SR); + + /* Create a new one */ + goto update_fib; + } + } + } + else + /* delete; steering policy does not exist; complain */ + if (is_del) + return -4; + + /* Retrieve SR policy */ + if (bsid) //FIX + { + p = hash_get (sm->sr_policies_index_hash, bsid); + if (p) + sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); + else + return -2; + } + else + sr_policy = pool_elt_at_index (sm->sr_policies, sr_policy_index); + + /* Create a new steering policy */ + pool_get (sm->steer_policies, steer_pl); + memset (steer_pl, 0, sizeof (*steer_pl)); + + if (traffic_type == SR_STEER_IPV4 || traffic_type == SR_STEER_IPV6) + { + clib_memcpy (&steer_pl->classify.prefix, prefix, + sizeof (ip46_address_t)); + steer_pl->classify.mask_width = mask_width; + steer_pl->classify.fib_table = (table_id != (u32) ~ 0 ? table_id : 0); + steer_pl->classify.traffic_type = traffic_type; + } + else + { + /* Incorrect API usage. Should never get here */ + pool_put (sm->steer_policies, steer_pl); + mhash_unset (&sm->sr_steer_policies_hash, &key, NULL); + return -1; + } + steer_pl->sr_policy = sr_policy - sm->sr_policies; + + /* Create and store key */ + mhash_set (&sm->sr_steer_policies_hash, &key, steer_pl - sm->steer_policies, + NULL); + +update_fib:; + + fib_route_path_t path = { + .frp_proto = FIB_PROTOCOL_MPLS, + .frp_local_label = sr_policy->bsid, + .frp_eos = MPLS_EOS, + .frp_sw_if_index = ~0, + .frp_fib_index = 0, + .frp_weight = 1, + .frp_flags = FIB_ROUTE_PATH_FLAG_NONE, + .frp_label_stack = NULL + }; + + fib_route_path_t *paths = NULL; + + /* FIB API calls - Recursive route through the BindingSID */ + if (traffic_type == SR_STEER_IPV6) + { + pfx.fp_proto = FIB_PROTOCOL_IP6; + pfx.fp_len = steer_pl->classify.mask_width; + pfx.fp_addr.ip6 = steer_pl->classify.prefix.ip6; + path.frp_fib_index = 0; + + vec_add1 (paths, path); + + fib_table_entry_path_add2 (fib_table_find + (FIB_PROTOCOL_IP6, + (table_id != (u32) ~ 0 ? table_id : 0)), + &pfx, FIB_SOURCE_SR, + FIB_ENTRY_FLAG_LOOSE_URPF_EXEMPT, paths); + + vec_free (paths); + } + else if (traffic_type == SR_STEER_IPV4) + { + pfx.fp_proto = FIB_PROTOCOL_IP4; + pfx.fp_len = steer_pl->classify.mask_width; + pfx.fp_addr.ip4 = steer_pl->classify.prefix.ip4; + path.frp_fib_index = 0; + + vec_add1 (paths, path); + + fib_table_entry_path_add2 (fib_table_find + (FIB_PROTOCOL_IP4, + (table_id != (u32) ~ 0 ? table_id : 0)), + &pfx, FIB_SOURCE_SR, + FIB_ENTRY_FLAG_LOOSE_URPF_EXEMPT, paths); + + vec_free (paths); + } + + return 0; +} + +static clib_error_t * +sr_mpls_steer_policy_command_fn (vlib_main_t * vm, unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + int is_del = 0; + + ip46_address_t prefix; + u32 dst_mask_width = 0; + u8 traffic_type = 0; + u32 fib_table = (u32) ~ 0; + + mpls_label_t bsid; + u32 sr_policy_index = (u32) ~ 0; + + u8 sr_policy_set = 0; + + memset (&prefix, 0, sizeof (ip46_address_t)); + + int rv; + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "del")) + is_del = 1; + else if (!traffic_type + && unformat (input, "l3 %U/%d", unformat_ip6_address, + &prefix.ip6, &dst_mask_width)) + traffic_type = SR_STEER_IPV6; + else if (!traffic_type + && unformat (input, "l3 %U/%d", unformat_ip4_address, + &prefix.ip4, &dst_mask_width)) + traffic_type = SR_STEER_IPV4; + else if (!sr_policy_set + && unformat (input, "via sr policy index %d", + &sr_policy_index)) + sr_policy_set = 1; + else if (!sr_policy_set + && unformat (input, "via sr policy bsid %U", + unformat_mpls_unicast_label, &bsid)) + sr_policy_set = 1; + else if (fib_table == (u32) ~ 0 + && unformat (input, "fib-table %d", &fib_table)); + else + break; + } + + if (!traffic_type) + return clib_error_return (0, "No L3 traffic specified"); + if (!sr_policy_set) + return clib_error_return (0, "No SR policy specified"); + + /* Make sure that the prefixes are clean */ + if (traffic_type == SR_STEER_IPV4) + { + u32 mask = + (dst_mask_width ? (0xFFFFFFFFu >> (32 - dst_mask_width)) : 0); + prefix.ip4.as_u32 &= mask; + } + else if (traffic_type == SR_STEER_IPV6) + { + ip6_address_t mask; + ip6_address_mask_from_width (&mask, dst_mask_width); + ip6_address_mask (&prefix.ip6, &mask); + } + + rv = + sr_mpls_steering_policy (is_del, bsid, + sr_policy_index, fib_table, &prefix, + dst_mask_width, traffic_type); + + switch (rv) + { + case 0: + break; + case 1: + return 0; + case -1: + return clib_error_return (0, "Incorrect API usage."); + case -2: + return clib_error_return (0, + "The requested SR policy could not be located. Review the BSID/index."); + case -3: + return clib_error_return (0, + "Unable to do SW redirect. Incorrect interface."); + case -4: + return clib_error_return (0, + "The requested SR steering policy could not be deleted."); + case -5: + return clib_error_return (0, + "The SR policy is not an encapsulation one."); + default: + return clib_error_return (0, "BUG: sr steer policy returns %d", rv); + } + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (sr_mpls_steer_policy_command, static) = { + .path = "sr mpls steer", + .short_help = "sr mpls steer (del) l3 <ip_addr/mask>" + "via sr policy bsid <mpls_label> (fib-table <fib_table_index>)", + .long_help = + "\tSteer L3 traffic through an existing SR policy.\n" + "\tExamples:\n" + "\t\tsr steer l3 2001::/64 via sr_policy index 5\n" + "\t\tsr steer l3 2001::/64 via sr_policy bsid 29999\n" + "\t\tsr steer del l3 2001::/64 via sr_policy index 5\n", + .function = sr_mpls_steer_policy_command_fn, +}; +/* *INDENT-ON* */ + +static clib_error_t * +show_sr_mpls_steering_policies_command_fn (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + mpls_sr_steering_policy_t **steer_policies = 0; + mpls_sr_steering_policy_t *steer_pl; + + mpls_sr_policy_t *pl = 0; + int i; + + vlib_cli_output (vm, "SR MPLS steering policies:"); + /* *INDENT-OFF* */ + pool_foreach (steer_pl, sm->steer_policies, ({vec_add1(steer_policies, steer_pl);})); + /* *INDENT-ON* */ + vlib_cli_output (vm, "Traffic\t\tSR policy BSID"); + for (i = 0; i < vec_len (steer_policies); i++) + { + steer_pl = steer_policies[i]; + pl = pool_elt_at_index (sm->sr_policies, steer_pl->sr_policy); + if (steer_pl->classify.traffic_type == SR_STEER_IPV4) + { + vlib_cli_output (vm, "L3 %U/%d\t%U", + format_ip4_address, + &steer_pl->classify.prefix.ip4, + steer_pl->classify.mask_width, + format_mpls_unicast_label, pl->bsid); + } + else if (steer_pl->classify.traffic_type == SR_STEER_IPV6) + { + vlib_cli_output (vm, "L3 %U/%d\t%U", + format_ip6_address, + &steer_pl->classify.prefix.ip6, + steer_pl->classify.mask_width, + format_mpls_unicast_label, pl->bsid); + } + } + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (show_sr_mpls_steering_policies_command, static) = { + .path = "show sr mpls steering policies", + .short_help = "show sr mpls steering policies", + .function = show_sr_mpls_steering_policies_command_fn, +}; +/* *INDENT-ON* */ + +clib_error_t * +sr_mpls_steering_init (vlib_main_t * vm) +{ + mpls_sr_main_t *sm = &sr_mpls_main; + + /* Init memory for function keys */ + mhash_init (&sm->sr_steer_policies_hash, sizeof (uword), + sizeof (sr_mpls_steering_key_t)); + + return 0; +} + +/* *INDENT-OFF* */ +VLIB_INIT_FUNCTION (sr_mpls_steering_init); +/* *INDENT-ON* */ + +/* +* fd.io coding-style-patch-verification: ON +* +* Local Variables: +* eval: (c-set-style "gnu") +* End: +*/ diff --git a/src/vnet/sr/dir.dox b/src/vnet/srv6/dir.dox index 3f539a58..3f539a58 100755 --- a/src/vnet/sr/dir.dox +++ b/src/vnet/srv6/dir.dox diff --git a/src/vnet/sr/ietf_draft_05.txt b/src/vnet/srv6/ietf_draft_05.txt index e9bff04f..e9bff04f 100755 --- a/src/vnet/sr/ietf_draft_05.txt +++ b/src/vnet/srv6/ietf_draft_05.txt diff --git a/src/vnet/sr/sr.api b/src/vnet/srv6/sr.api index 9e900741..9e900741 100644 --- a/src/vnet/sr/sr.api +++ b/src/vnet/srv6/sr.api diff --git a/src/vnet/sr/sr.c b/src/vnet/srv6/sr.c index 34344fce..eb4f09e7 100755 --- a/src/vnet/sr/sr.c +++ b/src/vnet/srv6/sr.c @@ -22,7 +22,7 @@ */ #include <vnet/vnet.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vnet/fib/ip6_fib.h> #include <vnet/mfib/mfib_table.h> #include <vnet/dpo/dpo.h> diff --git a/src/vnet/sr/sr.h b/src/vnet/srv6/sr.h index b832c0fc..2014a23e 100755 --- a/src/vnet/sr/sr.h +++ b/src/vnet/srv6/sr.h @@ -19,11 +19,11 @@ * */ -#ifndef included_vnet_sr_h -#define included_vnet_sr_h +#ifndef included_vnet_srv6_h +#define included_vnet_srv6_h #include <vnet/vnet.h> -#include <vnet/sr/sr_packet.h> +#include <vnet/srv6/sr_packet.h> #include <vnet/ip/ip6_packet.h> #include <vnet/ethernet/ethernet.h> @@ -83,9 +83,9 @@ typedef struct ip6_address_t bsid; /**< BindingSID (key) */ u8 type; /**< Type (default is 0) */ - /* SR Policy specific DPO */ + /* SR Policy specific DPO */ /* IF Type = DEFAULT Then Load Balancer DPO among SID lists */ - /* IF Type = SPRAY then Spray DPO with all SID lists */ + /* IF Type = SPRAY then Spray DPO with all SID lists */ dpo_id_t bsid_dpo; /**< SR Policy specific DPO - BSID */ dpo_id_t ip4_dpo; /**< SR Policy specific DPO - IPv6 */ dpo_id_t ip6_dpo; /**< SR Policy specific DPO - IPv4 */ @@ -193,10 +193,10 @@ typedef struct /* SR SID lists */ ip6_sr_sl_t *sid_lists; - /* SR policies */ + /* SRv6 policies */ ip6_sr_policy_t *sr_policies; - /* Hash table mapping BindingSID to SR policy */ + /* Hash table mapping BindingSID to SRv6 policy */ mhash_t sr_policies_index_hash; /* Pool of SR localsid instances */ @@ -236,39 +236,41 @@ typedef struct vnet_main_t *vnet_main; } ip6_sr_main_t; -ip6_sr_main_t sr_main; +extern ip6_sr_main_t sr_main; extern vlib_node_registration_t sr_policy_rewrite_encaps_node; extern vlib_node_registration_t sr_policy_rewrite_insert_node; extern vlib_node_registration_t sr_localsid_node; extern vlib_node_registration_t sr_localsid_d_node; -void sr_dpo_lock (dpo_id_t * dpo); -void sr_dpo_unlock (dpo_id_t * dpo); +extern void sr_dpo_lock (dpo_id_t * dpo); +extern void sr_dpo_unlock (dpo_id_t * dpo); -int sr_localsid_register_function (vlib_main_t * vm, u8 * fn_name, - u8 * keyword_str, u8 * def_str, - u8 * params_str, dpo_type_t * dpo, - format_function_t * ls_format, - unformat_function_t * ls_unformat, - sr_plugin_callback_t * creation_fn, - sr_plugin_callback_t * removal_fn); +extern int +sr_localsid_register_function (vlib_main_t * vm, u8 * fn_name, + u8 * keyword_str, u8 * def_str, + u8 * params_str, dpo_type_t * dpo, + format_function_t * ls_format, + unformat_function_t * ls_unformat, + sr_plugin_callback_t * creation_fn, + sr_plugin_callback_t * removal_fn); -int +extern int sr_policy_add (ip6_address_t * bsid, ip6_address_t * segments, u32 weight, u8 behavior, u32 fib_table, u8 is_encap); -int +extern int sr_policy_mod (ip6_address_t * bsid, u32 index, u32 fib_table, u8 operation, ip6_address_t * segments, u32 sl_index, u32 weight); -int sr_policy_del (ip6_address_t * bsid, u32 index); +extern int sr_policy_del (ip6_address_t * bsid, u32 index); -int sr_cli_localsid (char is_del, ip6_address_t * localsid_addr, - char end_psp, u8 behavior, u32 sw_if_index, - u32 vlan_index, u32 fib_table, ip46_address_t * nh_addr, - void *ls_plugin_mem); +extern int +sr_cli_localsid (char is_del, ip6_address_t * localsid_addr, + char end_psp, u8 behavior, u32 sw_if_index, + u32 vlan_index, u32 fib_table, ip46_address_t * nh_addr, + void *ls_plugin_mem); -int +extern int sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, u32 table_id, ip46_address_t * prefix, u32 mask_width, u32 sw_if_index, u8 traffic_type); diff --git a/src/vnet/sr/sr_api.c b/src/vnet/srv6/sr_api.c index f4e1c346..925b50a1 100644 --- a/src/vnet/sr/sr_api.c +++ b/src/vnet/srv6/sr_api.c @@ -18,7 +18,7 @@ */ #include <vnet/vnet.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vlibmemory/api.h> #include <vnet/interface.h> diff --git a/src/vnet/sr/sr_doc.md b/src/vnet/srv6/sr_doc.md index fd92bdf2..5cdfc906 100644 --- a/src/vnet/sr/sr_doc.md +++ b/src/vnet/srv6/sr_doc.md @@ -16,7 +16,7 @@ Segment routing uses the source routing paradigm. A node, usually a router but a Segment routing can operate with either an MPLS or an IPv6 data plane. All the currently available MPLS services, such as Layer 3 VPN (L3VPN), L2VPN (Virtual Private Wire Service [VPWS], Virtual Private LAN Services [VPLS], Ethernet VPN [E-VPN], and Provider Backbone Bridging Ethernet VPN [PBB-EVPN]), can run on top of a segment-routing transport network. -**The implementation of Segment Routing in VPP only covers the IPv6 data plane (SRv6).** +**The implementation of Segment Routing in VPP covers both the IPv6 data plane (SRv6) as well as the MPLS data plane (SR-MPLS). This page contains the SRv6 documentation.** ## Segment Routing terminology diff --git a/src/vnet/sr/sr_localsid.c b/src/vnet/srv6/sr_localsid.c index 32fc5f82..bdc66386 100755 --- a/src/vnet/sr/sr_localsid.c +++ b/src/vnet/srv6/sr_localsid.c @@ -29,9 +29,9 @@ #include <vlib/vlib.h> #include <vnet/vnet.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vnet/ip/ip.h> -#include <vnet/sr/sr_packet.h> +#include <vnet/srv6/sr_packet.h> #include <vnet/ip/ip6_packet.h> #include <vnet/fib/ip6_fib.h> #include <vnet/dpo/dpo.h> diff --git a/src/vnet/sr/sr_localsid.md b/src/vnet/srv6/sr_localsid.md index 340af4a3..340af4a3 100644 --- a/src/vnet/sr/sr_localsid.md +++ b/src/vnet/srv6/sr_localsid.md diff --git a/src/vnet/sr/sr_packet.h b/src/vnet/srv6/sr_packet.h index 7af4ad4d..7af4ad4d 100755 --- a/src/vnet/sr/sr_packet.h +++ b/src/vnet/srv6/sr_packet.h diff --git a/src/vnet/sr/sr_policy.md b/src/vnet/srv6/sr_policy.md index 521b8461..521b8461 100644 --- a/src/vnet/sr/sr_policy.md +++ b/src/vnet/srv6/sr_policy.md diff --git a/src/vnet/sr/sr_policy_rewrite.c b/src/vnet/srv6/sr_policy_rewrite.c index c4024070..7a37a66b 100755 --- a/src/vnet/sr/sr_policy_rewrite.c +++ b/src/vnet/srv6/sr_policy_rewrite.c @@ -40,9 +40,9 @@ #include <vlib/vlib.h> #include <vnet/vnet.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vnet/ip/ip.h> -#include <vnet/sr/sr_packet.h> +#include <vnet/srv6/sr_packet.h> #include <vnet/ip/ip6_packet.h> #include <vnet/fib/ip6_fib.h> #include <vnet/dpo/dpo.h> diff --git a/src/vnet/sr/sr_steering.c b/src/vnet/srv6/sr_steering.c index 04646198..a7903751 100755 --- a/src/vnet/sr/sr_steering.c +++ b/src/vnet/srv6/sr_steering.c @@ -32,9 +32,9 @@ #include <vlib/vlib.h> #include <vnet/vnet.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vnet/ip/ip.h> -#include <vnet/sr/sr_packet.h> +#include <vnet/srv6/sr_packet.h> #include <vnet/ip/ip6_packet.h> #include <vnet/fib/ip6_fib.h> #include <vnet/dpo/dpo.h> diff --git a/src/vnet/sr/sr_steering.md b/src/vnet/srv6/sr_steering.md index cf446f81..cf446f81 100644 --- a/src/vnet/sr/sr_steering.md +++ b/src/vnet/srv6/sr_steering.md diff --git a/src/vnet/vnet_all_api_h.h b/src/vnet/vnet_all_api_h.h index 9d3abae5..566e22ec 100644 --- a/src/vnet/vnet_all_api_h.h +++ b/src/vnet/vnet_all_api_h.h @@ -50,7 +50,7 @@ #include <vnet/lisp-cp/one.api.h> #include <vnet/session/session.api.h> #include <vnet/mpls/mpls.api.h> -#include <vnet/sr/sr.api.h> +#include <vnet/srv6/sr.api.h> #include <vnet/classify/classify.api.h> #include <vnet/flow/flow.api.h> #include <vnet/dhcp/dhcp.api.h> diff --git a/src/vpp/api/api.c b/src/vpp/api/api.c index baf45d5c..16d51225 100644 --- a/src/vpp/api/api.c +++ b/src/vpp/api/api.c @@ -53,7 +53,7 @@ #include <vnet/ip/ip6.h> #include <vnet/ip/ip6_neighbor.h> #if WITH_LIBSSL > 0 -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #endif #include <vlib/vlib.h> #include <vlib/unix/unix.h> diff --git a/src/vpp/api/custom_dump.c b/src/vpp/api/custom_dump.c index 000fe0d4..107e83f3 100644 --- a/src/vpp/api/custom_dump.c +++ b/src/vpp/api/custom_dump.c @@ -24,7 +24,7 @@ #include <vnet/dhcp/dhcp_proxy.h> #include <vnet/l2tp/l2tp.h> #include <vnet/l2/l2_input.h> -#include <vnet/sr/sr.h> +#include <vnet/srv6/sr.h> #include <vnet/vxlan-gpe/vxlan_gpe.h> #include <vnet/classify/policer_classify.h> #include <vnet/policer/xlate.h> diff --git a/src/vpp/api/vpe.api b/src/vpp/api/vpe.api index 7c07c822..99ae4784 100644 --- a/src/vpp/api/vpe.api +++ b/src/vpp/api/vpe.api @@ -40,7 +40,7 @@ * LISP-GPE APIs: see .../src/vnet/lisp-gpe/{lisp_gpe.api, lisp_gpe_api.c} * SESSION APIs: .../vnet/session/{session.api session_api.c} * MPLS APIs: see .../src/vnet/mpls/{mpls.api, mpls_api.c} - * SR APIs: see .../src/vnet/sr/{sr.api, sr_api.c} + * SR APIs: see .../src/vnet/srv6/{sr.api, sr_api.c} * CLASSIFY APIs: see ... /src/vnet/classify/{classify.api, classify_api.c} * FLOW APIs: see ... /src/vnet/flow/{flow.api, flow_api.c} * DHCP APIs: see ... /src/vnet/dhcp/{dhcpk.api, dhcp_api.c} |