summaryrefslogtreecommitdiffstats
path: root/v3po/api/src/main/yang/vpp-acl.yang
AgeCommit message (Collapse)AuthorFilesLines
2016-11-29Rename vpp-acl model to vpp-classfier-aclMarek Gradzki1-160/+0
Current acl implementation uses vpp's classfier. The vpp-acl model will be used to expose new acl api. Change-Id: Ia1e0f7acf00e1284e92a56f6f1c7f43538d394ad Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-10-18Make ip-version mandatory for all ACEsMarek Gradzki1-5/+10
- ip-version was mandatory only when mixing l2/l3 rules in one ACE (vpp api limitation). It needs to be provided also in case of ACEs that define l3 only rules (we allow mixing ip4/ip6 ACEs in one list). - updates postman collestion with example of L4 only acl Change-Id: Ifb863208c21a504cd61843f7540341bc35a6174a Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-10-13HONEYCOMB-233: add support for mixing L2/L3 rulesMarek Gradzki1-8/+11
In case of L2 interfaces, acls are translated into a chain of classify tables and assigned as L2 table. In case of L3 interfaces, acls are translated into ip4 and ip6 chains (eth only rules go to both chains, rest - depending on ip-version). Limitations: - it is not possible to define L3 rule without specifying ip-version (common header fields for IP4/IP6 have different offsets), - eth rules on L3 interfaces are applied only to IP traffic (vpp classfier limitation). Change-Id: I7ca2648cabad8c6e936cf71a51e06596a42891e8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-10-13HONEYCOMB-233: ietf-acl model augmentation to provide l2,l3 and l4 rulesMarek Gradzki1-0/+36
in one ACE Change-Id: I2ebba9540fae1a49858d6887551385688d4529aa Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2016-10-10Move interface acls to separate yang moduleMarek Gradzki1-0/+116
Change-Id: Ia11eacababd62f719e23af5b64b19c5227d56a45 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>