diff options
author | Marek Gradzki <mgradzki@cisco.com> | 2016-09-30 12:28:28 +0200 |
---|---|---|
committer | Marek Gradzki <mgradzki@cisco.com> | 2016-09-30 14:55:31 +0200 |
commit | 43485e2862128bc5fa1bee776babcda06d5510d8 (patch) | |
tree | 84cb1e7aaf0717b06db1164fad63d83758708fa1 /v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/AbstractAceWriter.java | |
parent | 99f0fde138ac6543c04e8a816bd7fc7cd64247e5 (diff) |
HONEYCOMB-234: update YANG model to support egress ACLs
- marks existing ACL support as ingress
- updates postman collection
Change-Id: I7ae39cb6698d9aafbe932d57725f138194b52e70
Signed-off-by: Maros Marsalek <mmarsale@cisco.com>
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Diffstat (limited to 'v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/AbstractAceWriter.java')
-rw-r--r-- | v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/AbstractAceWriter.java | 181 |
1 files changed, 0 insertions, 181 deletions
diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/AbstractAceWriter.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/AbstractAceWriter.java deleted file mode 100644 index e04371ec5..000000000 --- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/AbstractAceWriter.java +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright (c) 2016 Cisco and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package io.fd.honeycomb.translate.v3po.interfaces.acl; - -import static com.google.common.base.Preconditions.checkArgument; -import static com.google.common.base.Preconditions.checkNotNull; - -import com.google.common.annotations.VisibleForTesting; -import io.fd.honeycomb.translate.util.RWUtils; -import io.fd.honeycomb.translate.vpp.util.JvppReplyConsumer; -import io.fd.honeycomb.translate.vpp.util.WriteTimeoutException; -import java.util.List; -import java.util.concurrent.CompletionStage; -import java.util.stream.Collector; -import javax.annotation.Nonnegative; -import javax.annotation.Nonnull; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.Ace; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.PacketHandling; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.packet.handling.Permit; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.matches.AceType; -import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; -import io.fd.vpp.jvpp.VppBaseCallException; -import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession; -import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSessionReply; -import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTable; -import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTableReply; -import io.fd.vpp.jvpp.core.dto.InputAclSetInterface; -import io.fd.vpp.jvpp.core.future.FutureJVppCore; - -/** - * Base writer for translation of ietf-acl model ACEs to VPP's classify tables and sessions. - * <p/> - * Creates one classify table with single session per ACE. - * - * @param <T> type of access control list entry - */ -abstract class AbstractAceWriter<T extends AceType> implements AceWriter, JvppReplyConsumer { - - // TODO: HONEYCOMB-181 minimise memory used by classify tables (we create a lot of them to make ietf-acl model - // mapping more convenient): - // according to https://wiki.fd.io/view/VPP/Introduction_To_N-tuple_Classifiers#Creating_a_classifier_table, - // classify table needs 16*(1 + match_n_vectors) bytes, but this does not quite work, so setting 8K for now - protected static final int TABLE_MEM_SIZE = 8 * 1024; - - @VisibleForTesting - static final int VLAN_TAG_LEN = 4; - - private static final Collector<PacketHandling, ?, PacketHandling> SINGLE_ITEM_COLLECTOR = - RWUtils.singleItemCollector(); - - private final FutureJVppCore futureJVppCore; - - public AbstractAceWriter(@Nonnull final FutureJVppCore futureJVppCore) { - this.futureJVppCore = checkNotNull(futureJVppCore, "futureJVppCore should not be null"); - } - - /** - * Creates classify table for given ACE. - * - * @param action packet handling action (permit/deny) - * @param ace ACE to be translated - * @param nextTableIndex classify table index - * @param vlanTags number of vlan tags - * @return classify table that represents given ACE - */ - protected abstract ClassifyAddDelTable createClassifyTable(@Nonnull final PacketHandling action, - @Nonnull final T ace, - final int nextTableIndex, - final int vlanTags); - - /** - * Creates classify session for given ACE. - * - * @param action packet handling action (permit/deny) - * @param ace ACE to be translated - * @param tableIndex classify table index for the given session - * @param vlanTags number of vlan tags - * @return classify session that represents given ACE - */ - protected abstract ClassifyAddDelSession createClassifySession(@Nonnull final PacketHandling action, - @Nonnull final T ace, - final int tableIndex, - final int vlanTags); - - /** - * Sets classify table index for input_acl_set_interface request. - * - * @param request request DTO - * @param tableIndex pointer to a chain of classify tables - */ - protected abstract void setClassifyTable(@Nonnull final InputAclSetInterface request, final int tableIndex); - - @Override - public final void write(@Nonnull final InstanceIdentifier<?> id, @Nonnull final List<Ace> aces, - @Nonnull final InputAclSetInterface request, @Nonnegative final int vlanTags) - throws VppBaseCallException, WriteTimeoutException { - final PacketHandling action = aces.stream().map(ace -> ace.getActions().getPacketHandling()).distinct() - .collect(SINGLE_ITEM_COLLECTOR); - - checkArgument(vlanTags >= 0 && vlanTags <= 2, "Number of vlan tags %s is not in [0,2] range"); - - int nextTableIndex = -1; - for (final Ace ace : aces) { - // Create table + session per entry - - final ClassifyAddDelTable ctRequest = - createClassifyTable(action, (T) ace.getMatches().getAceType(), nextTableIndex, vlanTags); - nextTableIndex = createClassifyTable(id, ctRequest); - createClassifySession(id, - createClassifySession(action, (T) ace.getMatches().getAceType(), nextTableIndex, vlanTags)); - } - setClassifyTable(request, nextTableIndex); - } - - private int createClassifyTable(@Nonnull final InstanceIdentifier<?> id, - @Nonnull final ClassifyAddDelTable request) - throws VppBaseCallException, WriteTimeoutException { - final CompletionStage<ClassifyAddDelTableReply> cs = futureJVppCore.classifyAddDelTable(request); - - final ClassifyAddDelTableReply reply = getReplyForWrite(cs.toCompletableFuture(), id); - return reply.newTableIndex; - } - - private void createClassifySession(@Nonnull final InstanceIdentifier<?> id, - @Nonnull final ClassifyAddDelSession request) - throws VppBaseCallException, WriteTimeoutException { - final CompletionStage<ClassifyAddDelSessionReply> cs = futureJVppCore.classifyAddDelSession(request); - - getReplyForWrite(cs.toCompletableFuture(), id); - } - - protected ClassifyAddDelTable createClassifyTable(@Nonnull final PacketHandling action, final int nextTableIndex) { - final ClassifyAddDelTable request = new ClassifyAddDelTable(); - request.isAdd = 1; - request.tableIndex = -1; // value not present - - request.nbuckets = 1; // we expect exactly one session per table - - if (action instanceof Permit) { - request.missNextIndex = 0; // for list of permit rules, deny (0) should be default action - } else { // deny is default value - request.missNextIndex = -1; // for list of deny rules, permit (-1) should be default action - } - - request.nextTableIndex = nextTableIndex; - request.memorySize = TABLE_MEM_SIZE; - - return request; - } - - protected ClassifyAddDelSession createClassifySession(@Nonnull final PacketHandling action, final int tableIndex) { - final ClassifyAddDelSession request = new ClassifyAddDelSession(); - request.isAdd = 1; - request.tableIndex = tableIndex; - request.opaqueIndex = ~0; // value not used - - if (action instanceof Permit) { - request.hitNextIndex = -1; - } // deny (0) is default value - - return request; - } - - protected int getVlanTagsLen(final int vlanTags) { - return vlanTags * VLAN_TAG_LEN; - } -} |