diff options
| author |   Christian Ehrhardt <christian.ehrhardt@canonical.com> | 2016-07-06 09:22:35 +0200 |
|---|---|---|
| committer | Christian Ehrhardt <christian.ehrhardt@canonical.com> | 2016-07-06 16:09:40 +0200 |
| commit | 8b25d1ad5d2264bdfc2818c7bda74ee2697df6db (patch) | |
| tree | 8c3c769777f7e66a2d1ba7dd7651b563cfde370b /examples/ip_pipeline/config/network_layers.cfg | |
| parent | 97f17497d162afdb82c8704bf097f0fee3724b2e (diff) | |
Imported Upstream version 16.07-rc1
Change-Id: I40a523e52f12e8496fdd69e902824b0226c303de
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Diffstat (limited to 'examples/ip_pipeline/config/network_layers.cfg')
| -rw-r--r-- | examples/ip_pipeline/config/network_layers.cfg | 223 |
1 files changed, 223 insertions, 0 deletions
diff --git a/examples/ip_pipeline/config/network_layers.cfg b/examples/ip_pipeline/config/network_layers.cfg new file mode 100644 index 00000000..8054d9fe --- /dev/null +++ b/examples/ip_pipeline/config/network_layers.cfg @@ -0,0 +1,223 @@ +; BSD LICENSE +; +; Copyright(c) 2016 Intel Corporation. All rights reserved. +; All rights reserved. +; +; Redistribution and use in source and binary forms, with or without +; modification, are permitted provided that the following conditions +; are met: +; +; * Redistributions of source code must retain the above copyright +; notice, this list of conditions and the following disclaimer. +; * Redistributions in binary form must reproduce the above copyright +; notice, this list of conditions and the following disclaimer in +; the documentation and/or other materials provided with the +; distribution. +; * Neither the name of Intel Corporation nor the names of its +; contributors may be used to endorse or promote products derived +; from this software without specific prior written permission. +; +; THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +; "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +; LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +; A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +; OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +; SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +; LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +; DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +; THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +; (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +; OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +; The diagram below shows how additional protocol components can be plugged into +; the IP layer implemented by the ip_pipeline application. Pick your favorite +; open source components for dynamic ARP, ICMP, UDP or TCP termination, etc and +; connect them through SWQs to the IP infrastructure. +; +; The input packets with local destination are sent to the UDP/TCP applications +; while the input packets with remote destination are routed back to the +; network. Additional features can easily be added to this setup: +; * IP Reassembly: add SWQs with IP reassembly enabled (typically required for +; the input traffic with local destination); +; * IP Fragmentation: add SWQs with IP fragmentation enabled (typically +; required to enforce the MTU for the routed output traffic); +; * Traffic Metering: add Flow Action pipeline instances (e.g. for metering the +; TCP connections or ICMP input traffic); +; * Traffic Management: add TMs for the required output LINKs; +; * Protocol encapsulations (QinQ, MPLS) for the output packets: part of the +; routing pipeline configuration. +; +; _________ _________ +; | | | | +; | UDP | | TCP | +; | App | | App | +; |_________| |_________| +; ^ | ^ | +; __|___V__ __|___V__ +; | | SWQ0 (UDP TX) | | SWQ1 (TCP TX) +; | UDP |-------+ | TCP |------------+ +; | | | | | | +; |_________| | |_________| | +; ^ | ^ | +; | SWQ2 | | SWQ3 | +; | (UDP RX) | | (TCP RX) | +; ____|____ | ____|____ | +; | | | | | | +; RXQ<0..3>.1 ------>|Firewall +--->| | +------>| Flow +--->| | +; (UDP local dest) | (P2) | SINK0 | | | (P3) | SINK1 | +; |_________| (Deny)| | |_________| (RST) | +; RXQ<0..3>.2 -------------------------|-----+ | +; (TCP local dest) | | +; | +------------------------------+ +; | | +; _V_____V_ +; | | +; | Routing | TXQ<0..3>.0 +; RXQ<0..3>.0 ---------------------->| & ARP +-----------------------------> +; (IP remote dest) | (P1) | +; |_________| +; | ^ | +; SWQ4 +-------------+ | | SWQ5 (ARP miss) +; (Route miss) | | +------------+ +; | +-------------+ | +; ___V__|__ SWQ6 ____V____ +; | | (ICMP TX) | | TXQ<0..3>.1 +; RXQ<0..3>.3 ------>| ICMP | +------>| Dyn ARP +-------------> +; (IP local dest) | | | | | +; |_________| | |_________| +; RXQ<0..3>.4 -------------------------------+ +; (ARP) +; +; This configuration file implements the diagram presented below, where the +; dynamic ARP, ICMP, UDP and TCP components have been stubbed out and replaced +; with loop-back and packet drop devices. +; +; _________ _________ +; | | SWQ0 (UDP TX) | | SWQ1 (TCP TX) +; |Loobpack |-------+ |Loopback |------------+ +; | (P4) | | | (P5) | | +; |_________| | |_________| | +; ^ | ^ | +; | SWQ2 | | SWQ3 | +; | (UDP RX) | | (TCP RX) | +; ____|____ | ____|____ | +; | | | | | | +; RXQ<0..3>.1 ------>|Firewall +--->| | +------>| Flow +--->| | +; (UDP local dest) | (P2) | SINK0 | | | (P3) | SINK1 | +; |_________| (Deny)| | |_________| (RST) | +; RXQ<0..3>.2 -------------------------|-----+ | +; (TCP local dest) | | +; | +------------------------------+ +; | | +; _V_____V_ +; | | +; | Routing | TXQ<0..3>.0 +; RXQ<0..3>.0 ---------------------->| & ARP +-----------------------------> +; (IP remote dest) | (P1) | +; |_________| +; | | +; SINK2 |<---+ +--->| SINK3 +; (Route miss) (ARP miss) +; +; _________ _________ +; | | | | +; RXQ<0..3>.3 ------>| Drop +--->| SINK<4..7> +------>| Drop +--->| SINK<8..11> +; (IP local dest) | (P6) | (IP local dest) | | (P7) | (ARP) +; |_________| | |_________| +; RXQ<0..3>.4 ------------------------------------+ +; (ARP) +; +; +; Input packet: Ethernet/IPv4 or Ethernet/ARP +; Output packet: Ethernet/IPv4 or Ethernet/ARP +; +; Packet buffer layout (for input IPv4 packets): +; # Field Name Offset (Bytes) Size (Bytes) +; 0 Mbuf 0 128 +; 1 Headroom 128 128 +; 2 Ethernet header 256 14 +; 3 IPv4 header 270 20 +; 4 ICMP/UDP/TCP header 290 8/8/20 + +[EAL] +log_level = 0 + +[LINK0] +udp_local_q = 1 +tcp_local_q = 2 +ip_local_q = 3 +arp_q = 4 + +[LINK1] +udp_local_q = 1 +tcp_local_q = 2 +ip_local_q = 3 +arp_q = 4 + +[LINK2] +udp_local_q = 1 +tcp_local_q = 2 +ip_local_q = 3 +arp_q = 4 + +[LINK3] +udp_local_q = 1 +tcp_local_q = 2 +ip_local_q = 3 +arp_q = 4 + +[PIPELINE0] +type = MASTER +core = 0 + +[PIPELINE1] +type = ROUTING +core = 1 +pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0 SWQ0 SWQ1 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 SINK2 SINK3 +port_local_dest = 4 ; SINK2 (Drop) +n_arp_entries = 1000 +ip_hdr_offset = 270 +arp_key_offset = 128 + +[PIPELINE2] +type = FIREWALL +core = 1 +pktq_in = RXQ0.1 RXQ1.1 RXQ2.1 RXQ3.1 +pktq_out = SWQ2 SINK0 +n_rules = 4096 + +[PIPELINE3] +type = FLOW_CLASSIFICATION +core = 1 +pktq_in = RXQ0.2 RXQ1.2 RXQ2.2 RXQ3.2 +pktq_out = SWQ3 SINK1 +n_flows = 65536 +key_size = 16 ; IPv4 5-tuple key size +key_offset = 278 ; IPv4 5-tuple key offset +key_mask = 00FF0000FFFFFFFFFFFFFFFFFFFFFFFF ; IPv4 5-tuple key mask +flowid_offset = 128 ; Flow ID effectively acts as TCP socket ID + +[PIPELINE4] +type = PASS-THROUGH ; Loop-back (UDP place-holder) +core = 1 +pktq_in = SWQ2 +pktq_out = SWQ0 + +[PIPELINE5] +type = PASS-THROUGH ; Loop-back (TCP place-holder) +core = 1 +pktq_in = SWQ3 +pktq_out = SWQ1 + +[PIPELINE6] +type = PASS-THROUGH ; Drop (ICMP place-holder) +core = 1 +pktq_in = RXQ0.3 RXQ1.3 RXQ2.3 RXQ3.3 +pktq_out = SINK4 SINK5 SINK6 SINK7 + +[PIPELINE7] +type = PASS-THROUGH ; Drop (Dynamic ARP place-holder) +core = 1 +pktq_in = RXQ0.4 RXQ1.4 RXQ2.4 RXQ3.4 +pktq_out = SINK8 SINK9 SINK10 SINK11 |