diff options
6 files changed, 47 insertions, 38 deletions
diff --git a/v3po/api/src/main/yang/vpp-classfier-acl.yang b/v3po/api/src/main/yang/vpp-classfier-acl.yang index 99567799f..42550d95d 100644 --- a/v3po/api/src/main/yang/vpp-classfier-acl.yang +++ b/v3po/api/src/main/yang/vpp-classfier-acl.yang @@ -142,19 +142,22 @@ module vpp-classfier-acl { case ace-ip-and-eth { description "Access List entry that can define both ip and eth rules."; - choice ace-ip-version { - description - "IP version used in this Access List Entry."; - mandatory true; - case ace-ipv4 { - uses packet-fields:acl-ipv4-header-fields; - } - case ace-ipv6 { - uses packet-fields:acl-ipv6-header-fields; + container ace-ip-and-eth-nodes { + + choice ace-ip-version { + description + "IP version used in this Access List Entry."; + mandatory true; + case ace-ipv4 { + uses packet-fields:acl-ipv4-header-fields; + } + case ace-ipv6 { + uses packet-fields:acl-ipv6-header-fields; + } } + uses packet-fields:acl-ip-header-fields; + uses packet-fields:acl-eth-header-fields; } - uses packet-fields:acl-ip-header-fields; - uses packet-fields:acl-eth-header-fields; } } }
\ No newline at end of file diff --git a/v3po/postman_rest_collection.json b/v3po/postman_rest_collection.json index ffbba01b2..febf348ed 100644 --- a/v3po/postman_rest_collection.json +++ b/v3po/postman_rest_collection.json @@ -1874,7 +1874,7 @@ "description": "", "collectionId": "5bad4634-e5cf-900e-9733-0976aa9bea64", "responses": [], - "rawModeData": "{\r\n \"acl\": [\r\n {\r\n \"acl-type\": \"vpp-classfier-acl:mixed-acl\",\r\n \"acl-name\": \"acl5\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"rule1(ip4+mac)\",\r\n \"matches\": {\r\n \"vpp-classfier-acl:destination-mac-address\": \"AA:BB:CC:DD:00:00\",\r\n \"vpp-classfier-acl:destination-mac-address-mask\": \"FF:FF:FF:FF:00:00\",\r\n \"vpp-classfier-acl:source-mac-address\": \"00:00:00:00:AA:BB\",\r\n \"vpp-classfier-acl:source-mac-address-mask\": \"00:00:00:00:FF:FF\",\r\n \"vpp-classfier-acl:destination-ipv4-network\": \"1.2.3.1/24\",\r\n \"vpp-classfier-acl:protocol\": \"4\",\r\n \"vpp-classfier-acl:dscp\": \"11\",\r\n \"vpp-classfier-acl:source-ipv4-network\": \"1.2.4.2/24\"\r\n },\r\n \"actions\": {\r\n \"deny\": {}\r\n }\r\n },\r\n {\r\n \"rule-name\": \"rule2(ip4+mac)\",\r\n \"matches\": {\r\n \"vpp-classfier-acl:source-mac-address\": \"01:02:03:04:05:06\",\r\n \"vpp-classfier-acl:destination-ipv4-network\": \"1.1.1.1/16\",\r\n \"vpp-classfier-acl:protocol\": \"4\",\r\n \"vpp-classfier-acl:dscp\": \"63\",\r\n \"vpp-classfier-acl:source-ipv4-network\": \"2.2.2.2/32\"\r\n },\r\n \"actions\": {\r\n \"deny\": {}\r\n }\r\n },\r\n {\r\n \"rule-name\": \"rule3(ip6+mac)\",\r\n \"matches\": {\r\n \"vpp-classfier-acl:destination-mac-address\": \"11:22:33:44:55:66\",\r\n \"vpp-classfier-acl:destination-ipv6-network\": \"1111:2222:3333:4444:5555:6666:7777:8888/64\"\r\n },\r\n \"actions\": {\r\n \"deny\": {}\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}", + "rawModeData": "{\r\n \"acl\": [\r\n {\r\n \"acl-type\": \"vpp-classfier-acl:mixed-acl\",\r\n \"acl-name\": \"acl5\",\r\n \"access-list-entries\": {\r\n \"ace\": [\r\n {\r\n \"rule-name\": \"rule1(ip4+mac)\",\r\n \"matches\": {\r\n \t\"vpp-classfier-acl:ace-ip-and-eth-nodes\" : {\r\n \"destination-mac-address\": \"AA:BB:CC:DD:00:00\",\r\n \"destination-mac-address-mask\": \"FF:FF:FF:FF:00:00\",\r\n \"source-mac-address-mask\": \"00:00:00:00:FF:FF\",\r\n \"destination-ipv4-network\": \"1.2.3.1/24\",\r\n \"protocol\": \"4\",\r\n \"dscp\": \"11\",\r\n \"source-ipv4-network\": \"1.2.4.2/24\"\r\n \t}\r\n },\r\n \"actions\": {\r\n \"deny\": {}\r\n }\r\n },\r\n {\r\n \"rule-name\": \"rule2(ip4+mac)\",\r\n \"matches\": {\r\n \t\"vpp-classfier-acl:ace-ip-and-eth-nodes\" : {\r\n \t\t\"vpp-classfier-acl:source-mac-address\": \"01:02:03:04:05:06\",\r\n \t\t\"vpp-classfier-acl:destination-ipv4-network\": \"1.1.1.1/16\",\r\n \t\t\"vpp-classfier-acl:protocol\": \"4\",\r\n \t\t\"vpp-classfier-acl:dscp\": \"63\",\r\n \t\t\"vpp-classfier-acl:source-ipv4-network\": \"2.2.2.2/32\"\r\n \t}\r\n },\r\n \"actions\": {\r\n \"deny\": {}\r\n }\r\n },\r\n {\r\n \"rule-name\": \"rule3(ip6+mac)\",\r\n \"matches\": {\r\n \t\"vpp-classfier-acl:ace-ip-and-eth-nodes\" : {\r\n \t\t\"vpp-classfier-acl:destination-mac-address\": \"11:22:33:44:55:66\",\r\n \t\t\"vpp-classfier-acl:destination-ipv6-network\": \"1111:2222:3333:4444:5555:6666:7777:8888/64\"\r\n \t}\r\n },\r\n \"actions\": {\r\n \"deny\": {}\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n ]\r\n}", "folder": "c05d7211-11b0-5688-2079-afa51196045c" }, { diff --git a/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/factory/AclWriterFactory.java b/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/factory/AclWriterFactory.java index 2b72cd058..235e7da2a 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/factory/AclWriterFactory.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/factory/AclWriterFactory.java @@ -20,8 +20,8 @@ import static io.fd.hc2vpp.v3po.factory.InterfacesClassifierIetfAclWriterFactory import static io.fd.hc2vpp.v3po.factory.SubInterfacesClassifierIetfAclWriterFactory.SUBIF_IETF_ACL_ID; import com.google.common.collect.Sets; -import io.fd.honeycomb.translate.impl.write.GenericListWriter; import io.fd.hc2vpp.v3po.interfaces.acl.IetfAclWriter; +import io.fd.honeycomb.translate.impl.write.GenericListWriter; import io.fd.honeycomb.translate.write.WriterFactory; import io.fd.honeycomb.translate.write.registry.ModifiableWriterRegistryBuilder; import javax.annotation.Nonnull; @@ -33,6 +33,7 @@ import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.cont import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.Matches; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.DestinationPortRange; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.packet.fields.rev160708.acl.transport.header.fields.SourcePortRange; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.AceIpAndEthNodes; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; public final class AclWriterFactory implements WriterFactory { @@ -48,10 +49,11 @@ public final class AclWriterFactory implements WriterFactory { final InstanceIdentifier<Ace> aceId = aclIdRelative.child(AccessListEntries.class).child(Ace.class); final InstanceIdentifier<Actions> actionsId = aceId.child(Actions.class); final InstanceIdentifier<Matches> matchesId = aceId.child(Matches.class); + final InstanceIdentifier<AceIpAndEthNodes> aceIpAndEthId = matchesId.child(AceIpAndEthNodes.class); final InstanceIdentifier<SourcePortRange> srcPortId = matchesId.child((Class)SourcePortRange.class); final InstanceIdentifier<DestinationPortRange> dstPortId = matchesId.child((Class)DestinationPortRange.class); - registry.subtreeAddBefore(Sets.newHashSet(aceId, actionsId, matchesId, srcPortId, dstPortId), + registry.subtreeAddBefore(Sets.newHashSet(aceId, actionsId, matchesId, aceIpAndEthId, srcPortId, dstPortId), new GenericListWriter<>(ACL_ID, new IetfAclWriter()), Sets.newHashSet(IETF_ACL_ID, SUBIF_IETF_ACL_ID)); } diff --git a/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AbstractIetfAclWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AbstractIetfAclWriter.java index fff93eda4..331db10dc 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AbstractIetfAclWriter.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AbstractIetfAclWriter.java @@ -123,8 +123,8 @@ public abstract class AbstractIetfAclWriter implements IetfAclWriter, JvppReplyC if (aclType == AclType.ETH) { return true; // L2 only rules are possible for IP4 traffic } - if (aclType == AclType.ETH_AND_IP && ((AceIpAndEth) aceType) - .getAceIpVersion() instanceof org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.version.AceIpv4) { + if (aclType == AclType.ETH_AND_IP && ((AceIpAndEth) aceType).getAceIpAndEthNodes() + .getAceIpVersion() instanceof org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.and.eth.nodes.ace.ip.version.AceIpv4) { return true; } return false; @@ -139,8 +139,8 @@ public abstract class AbstractIetfAclWriter implements IetfAclWriter, JvppReplyC if (aclType == AclType.ETH) { return true; // L2 only rules are possible for IP6 traffic } - if (aclType == AclType.ETH_AND_IP && ((AceIpAndEth) aceType) - .getAceIpVersion() instanceof org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.version.AceIpv6) { + if (aclType == AclType.ETH_AND_IP && ((AceIpAndEth) aceType).getAceIpAndEthNodes() + .getAceIpVersion() instanceof org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.and.eth.nodes.ace.ip.version.AceIpv6) { return true; } return false; diff --git a/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriter.java index 24457fee2..fcc657189 100644 --- a/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriter.java +++ b/v3po/v3po2vpp/src/main/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriter.java @@ -27,9 +27,10 @@ import javax.annotation.Nullable; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.PacketHandling; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.InterfaceMode; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpAndEth; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.AceIpVersion; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.version.AceIpv4; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.version.AceIpv6; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.AceIpAndEthNodes; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.and.eth.nodes.AceIpVersion; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.and.eth.nodes.ace.ip.version.AceIpv4; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.and.eth.nodes.ace.ip.version.AceIpv6; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -39,8 +40,8 @@ public final class AceIpAndEthWriter private static final Logger LOG = LoggerFactory.getLogger(AceIpAndEthWriter.class); private static int maskLength(@Nonnull final AceIpAndEth ace, final int vlanTags) { - if (ace.getAceIpVersion() != null) { - if (ace.getAceIpVersion() instanceof AceIpv4) { + if (ace.getAceIpAndEthNodes().getAceIpVersion() != null) { + if (ace.getAceIpAndEthNodes().getAceIpVersion() instanceof AceIpv4) { return 48; } else { return vlanTags == 2 @@ -54,7 +55,8 @@ public final class AceIpAndEthWriter @Override public ClassifyAddDelTable createTable(@Nonnull final AceIpAndEth ace, @Nullable final InterfaceMode mode, final int nextTableIndex, final int vlanTags) { - final int numberOfSessions = PortPair.fromRange(ace.getSourcePortRange(), ace.getDestinationPortRange()).size(); + final AceIpAndEthNodes nodes = ace.getAceIpAndEthNodes(); + final int numberOfSessions = PortPair.fromRange(nodes.getSourcePortRange(), nodes.getDestinationPortRange()).size(); final ClassifyAddDelTable request = createTable(nextTableIndex, numberOfSessions); final int maskLength = maskLength(ace, vlanTags); request.mask = new byte[maskLength]; @@ -62,20 +64,20 @@ public final class AceIpAndEthWriter request.matchNVectors = maskLength / 16; boolean aceIsEmpty = - destinationMacAddressMask(ace.getDestinationMacAddressMask(), ace.getDestinationMacAddress(), request); - aceIsEmpty &= sourceMacAddressMask(ace.getSourceMacAddressMask(), ace.getSourceMacAddress(), request); + destinationMacAddressMask(nodes.getDestinationMacAddressMask(), nodes.getDestinationMacAddress(), request); + aceIsEmpty &= sourceMacAddressMask(nodes.getSourceMacAddressMask(), nodes.getSourceMacAddress(), request); // if we use classifier API, we need to know ip version (fields common for ip4 and ip6 have different offsets): - final AceIpVersion aceIpVersion = ace.getAceIpVersion(); + final AceIpVersion aceIpVersion = nodes.getAceIpVersion(); checkArgument(aceIpVersion != null, "AceIpAndEth have to define IpVersion"); final int baseOffset = getVlanTagsLen(vlanTags); if (aceIpVersion instanceof AceIpv4) { final AceIpv4 ipVersion = (AceIpv4) aceIpVersion; - aceIsEmpty &= ip4Mask(baseOffset, mode, ace, ipVersion, request); + aceIsEmpty &= ip4Mask(baseOffset, mode, nodes, ipVersion, request); } else if (aceIpVersion instanceof AceIpv6) { final AceIpv6 ipVersion = (AceIpv6) aceIpVersion; - aceIsEmpty &= ip6Mask(baseOffset, mode, ace, ipVersion, request); + aceIsEmpty &= ip6Mask(baseOffset, mode, nodes, ipVersion, request); } else { throw new IllegalArgumentException(String.format("Unsupported IP version %s", aceIpVersion)); } @@ -94,25 +96,26 @@ public final class AceIpAndEthWriter @Nonnull final AceIpAndEth ace, @Nullable final InterfaceMode mode, final int tableIndex, final int vlanTags) { - final List<PortPair> portPairs = PortPair.fromRange(ace.getSourcePortRange(), ace.getDestinationPortRange()); + final AceIpAndEthNodes nodes = ace.getAceIpAndEthNodes(); + final List<PortPair> portPairs = PortPair.fromRange(nodes.getSourcePortRange(), nodes.getDestinationPortRange()); final List<ClassifyAddDelSession> requests = new ArrayList<>(portPairs.size()); for (final PortPair pair : portPairs) { final ClassifyAddDelSession request = createSession(action, tableIndex); request.match = new byte[maskLength(ace, vlanTags)]; - boolean noMatch = destinationMacAddressMatch(ace.getDestinationMacAddress(), request); - noMatch &= sourceMacAddressMatch(ace.getSourceMacAddress(), request); + boolean noMatch = destinationMacAddressMatch(nodes.getDestinationMacAddress(), request); + noMatch &= sourceMacAddressMatch(nodes.getSourceMacAddress(), request); - final AceIpVersion aceIpVersion = ace.getAceIpVersion(); + final AceIpVersion aceIpVersion = nodes.getAceIpVersion(); checkArgument(aceIpVersion != null, "AceIpAndEth have to define IpVersion"); final int baseOffset = getVlanTagsLen(vlanTags); if (aceIpVersion instanceof AceIpv4) { final AceIpv4 ipVersion = (AceIpv4) aceIpVersion; - noMatch &= ip4Match(baseOffset, mode, ace, ipVersion, pair.getSrc(), pair.getDst(), request); + noMatch &= ip4Match(baseOffset, mode, nodes, ipVersion, pair.getSrc(), pair.getDst(), request); } else if (aceIpVersion instanceof AceIpv6) { final AceIpv6 ipVersion = (AceIpv6) aceIpVersion; - noMatch &= ip6Match(baseOffset, mode, ace, ipVersion, pair.getSrc(), pair.getDst(), request); + noMatch &= ip6Match(baseOffset, mode, nodes, ipVersion, pair.getSrc(), pair.getDst(), request); } else { throw new IllegalArgumentException(String.format("Unsupported IP version %s", aceIpVersion)); } diff --git a/v3po/v3po2vpp/src/test/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriterTest.java b/v3po/v3po2vpp/src/test/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriterTest.java index 2bbe3a573..4d155b2f3 100644 --- a/v3po/v3po2vpp/src/test/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriterTest.java +++ b/v3po/v3po2vpp/src/test/java/io/fd/hc2vpp/v3po/interfaces/acl/common/AceIpAndEthWriterTest.java @@ -34,7 +34,8 @@ import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types. import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.InterfaceMode; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpAndEth; import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.AceIpAndEthBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.version.AceIpv4Builder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.AceIpAndEthNodesBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.vpp.classfier.acl.rev161214.access.lists.acl.access.list.entries.ace.matches.ace.type.ace.ip.and.eth.ace.ip.and.eth.nodes.ace.ip.version.AceIpv4Builder; public class AceIpAndEthWriterTest { @@ -47,14 +48,14 @@ public class AceIpAndEthWriterTest { initMocks(this); writer = new AceIpAndEthWriter(); action = new DenyBuilder().setDeny(true).build(); - ace = new AceIpAndEthBuilder() + ace = new AceIpAndEthBuilder().setAceIpAndEthNodes(new AceIpAndEthNodesBuilder() .setDestinationMacAddress(new MacAddress("11:22:33:44:55:66")) .setSourceMacAddress(new MacAddress("aa:bb:cc:dd:ee:ff")) .setAceIpVersion(new AceIpv4Builder() .setSourceIpv4Network(new Ipv4Prefix("1.2.3.4/32")).build()) .setSourcePortRange(new SourcePortRangeBuilder().setLowerPort(new PortNumber(0x1111)).build()) .setDestinationPortRange(new DestinationPortRangeBuilder().setLowerPort(new PortNumber(0x2222)).build()) - .build(); + .build()).build(); } @Test |