diff options
Diffstat (limited to 'v3po/v3po2vpp')
-rw-r--r-- | v3po/v3po2vpp/Readme.adoc | 3 | ||||
-rw-r--r-- | v3po/v3po2vpp/asciidoc/Readme.adoc | 103 | ||||
-rw-r--r-- | v3po/v3po2vpp/pom.xml | 1 | ||||
-rw-r--r-- | v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/Readme.adoc | 70 | ||||
-rw-r--r-- | v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/Readme.adoc | 29 |
5 files changed, 104 insertions, 102 deletions
diff --git a/v3po/v3po2vpp/Readme.adoc b/v3po/v3po2vpp/Readme.adoc deleted file mode 100644 index 29e28528b..000000000 --- a/v3po/v3po2vpp/Readme.adoc +++ /dev/null @@ -1,3 +0,0 @@ -= Honeycomb translation layer SPI implementation for VPP - -Provides customizers for VPP YANG models translation.
\ No newline at end of file diff --git a/v3po/v3po2vpp/asciidoc/Readme.adoc b/v3po/v3po2vpp/asciidoc/Readme.adoc new file mode 100644 index 000000000..d9fb563ab --- /dev/null +++ b/v3po/v3po2vpp/asciidoc/Readme.adoc @@ -0,0 +1,103 @@ += Honeycomb translation layer SPI implementation for VPP CORE + +Provides customizers for VPP YANG models translation. + +== Handlers + +=== Writers +Current order of v3po-api writers is: + +. BridgeDomain +. VhostUser +. VxlanGpe +. Tap +. Vxlan +. Interface +. SubInterface +. L2 +. Subinterface-L2 +. Ethernet +. Routing +. ClassifyTable +. ClassifySession +. Acl +. Ipv6 +. Ipv4 +. Address +. Neighbor +. L2FibEntry +. Rewrite +. Address +. Acl + +To find out current order in runtime, turn on logging for writer registry: + + log:set TRACE io.fd.honeycomb.v3po.translate.util.write.registry + +=== Readers +There is not a strict order for readers, but current configuration produces approx. this order: + +Contexts +. VppState +. Version +. BridgeDomains +. BridgeDomain +. L2FibTable +. L2FibEntry +. InterfacesState +. Interface +. VppInterfaceStateAugmentation +. Ethernet +. Tap +. VhostUser +. Vxlan +. VxlanGpe +. L2 +. Acl +. Interface2 +. Ipv4 +. Address +. Neighbor +. Ipv6 +. SubinterfaceStateAugmentation +. SubInterfaces +. SubInterface +. L2 +. Rewrite +. Ipv4 +. Address +. Acl +. VppClassifierState +. ClassifyTable +. ClassifySession +. NetconfState + +== VPP to IETF-ACL model translation + +Package provides VPP translation code for draft-ietf-netmod-acl-model-08. +Access control lists are mapped to chains of classify tables, each with single classify session. + +=== Available operations + +==== Configuration data +Configuration data for the model is stored in Honeycomb. Corresponding classify tables and sessions +are not created until control access list is assigned to an interface. + +Classify tables and sessions are removed from VPP when ACL assignment is deleted. + +ACLs can be shared among interfaces, but each time, new instance of classify table chain would be created in VPP. + +ACLs that are assigned to an interface have to be unassigned before update/removal. + +==== Operational state +Operational read in terms of ietf-acl model is not supported (would require storing additional metadata in vpp). +As a consequence, configuration data initialization based on operational state is not possible. + +To check how ietf-acl model was translated to classify tables/session, low-level vpp-classfier model can be used. + +=== Restrictions + +VPP classfier works in form of offsets and masks of 16B units. +The offset always starts at the beginning of L2 Ethernet header +of input packet. Because IP header can have variable length, +source/destination port matching (L4 features of ietf-acl model) is not possible.
\ No newline at end of file diff --git a/v3po/v3po2vpp/pom.xml b/v3po/v3po2vpp/pom.xml index 07210160c..9af1df1ba 100644 --- a/v3po/v3po2vpp/pom.xml +++ b/v3po/v3po2vpp/pom.xml @@ -25,6 +25,7 @@ <modelVersion>4.0.0</modelVersion> <groupId>io.fd.honeycomb.v3po</groupId> <artifactId>v3po2vpp</artifactId> + <name>${project.artifactId}</name> <version>1.16.12-SNAPSHOT</version> <packaging>bundle</packaging> diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/Readme.adoc b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/Readme.adoc deleted file mode 100644 index a95c397ce..000000000 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/Readme.adoc +++ /dev/null @@ -1,70 +0,0 @@ -= V3po2vpp -V3po2vpp contains v3po-api's handlers (writer/reader) registration into HC infrastructure - -== Writers -Current order of v3po-api writers is: - -. BridgeDomain -. VhostUser -. VxlanGpe -. Tap -. Vxlan -. Interface -. SubInterface -. L2 -. SubInterface-L2 -. Ethernet -. Routing -. ClassifyTable -. ClassifySession -. Acl -. Ipv6 -. Ipv4 -. Address -. Neighbor -. L2FibEntry -. Rewrite -. Address -. Acl - -To find out current order in runtime, turn on logging for writer registry: - - log:set TRACE io.fd.honeycomb.v3po.translate.util.write.registry - -== Readers -There is not a strict order for readers, but current configuration produces approx. this order: - -Contexts -. VppState -. Version -. BridgeDomains -. BridgeDomain -. L2FibTable -. L2FibEntry -. InterfacesState -. Interface -. VppInterfaceStateAugmentation -. Ethernet -. Tap -. VhostUser -. Vxlan -. VxlanGpe -. L2 -. Acl -. Interface2 -. Ipv4 -. Address -. Neighbor -. Ipv6 -. SubinterfaceStateAugmentation -. SubInterfaces -. SubInterface -. L2 -. Rewrite -. Ipv4 -. Address -. Acl -. VppClassifierState -. ClassifyTable -. ClassifySession -. NetconfState
\ No newline at end of file diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/Readme.adoc b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/Readme.adoc deleted file mode 100644 index 15b1b8c27..000000000 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/Readme.adoc +++ /dev/null @@ -1,29 +0,0 @@ -= VPP to IETF-ACL model translation - -Package provides VPP translation code for draft-ietf-netmod-acl-model-08. -Access control lists are mapped to chains of classify tables, each with single classify session. - -== Available operations - -=== Configuration data -Configuration data for the model is stored in Honeycomb. Corresponding classify tables and sessions -are not created until control access list is assigned to an interface. - -Classify tables and sessions are removed from VPP when ACL assignment is deleted. - -ACLs can be shared among interfaces, but each time, new instance of classify table chain would be created in VPP. - -ACLs that are assigned to an interface have to be unassigned before update/removal. - -=== Operational state -Operational read in terms of ietf-acl model is not supported (would require storing additional metadata in vpp). -As a consequence, configuration data initialization based on operational state is not possible. - -To check how ietf-acl model was translated to classify tables/session, low-level vpp-classfier model can be used. - -== Restrictions - -VPP classfier works in form of offsets and masks of 16B units. -The offset always starts at the beginning of L2 Ethernet header -of input packet. Because IP header can have variable length, -source/destination port matching (L4 features of ietf-acl model) is not possible.
\ No newline at end of file |