1 files changed, 36 insertions, 23 deletions

diff --git a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp6Writer.java b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp6Writer.java
index b1186440d..143fcb238 100644
--- a/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp6Writer.java
+++ b/v3po/v3po2vpp/src/main/java/io/fd/honeycomb/translate/v3po/interfaces/acl/ingress/AceIp6Writer.java
@@ -18,9 +18,10 @@ package io.fd.honeycomb.translate.v3po.interfaces.acl.ingress;
 
 import static com.google.common.base.Preconditions.checkArgument;
 
-import com.google.common.annotations.VisibleForTesting;
 import io.fd.vpp.jvpp.core.dto.ClassifyAddDelSession;
 import io.fd.vpp.jvpp.core.dto.ClassifyAddDelTable;
+import java.util.ArrayList;
+import java.util.List;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.access.control.list.rev160708.access.lists.acl.access.list.entries.ace.actions.PacketHandling;
@@ -32,9 +33,6 @@ import org.slf4j.LoggerFactory;
 
 final class AceIp6Writer implements AceWriter<AceIp>, AclTranslator, Ip6AclTranslator {
 
-    @VisibleForTesting
-    static final int MATCH_N_VECTORS = 4; // number of 16B vectors
-    private static final int TABLE_MASK_LENGTH = 64;
     private static final Logger LOG = LoggerFactory.getLogger(AceIp6Writer.class);
 
     @Override
@@ -45,13 +43,14 @@ final class AceIp6Writer implements AceWriter<AceIp>, AclTranslator, Ip6AclTrans
         checkArgument(aceIp.getAceIpVersion() instanceof AceIpv6, "Expected AceIpv6 version, but was %", aceIp);
         final AceIpv6 ipVersion = (AceIpv6) aceIp.getAceIpVersion();
 
-        final ClassifyAddDelTable request = createTable(nextTableIndex);
+        final int numberOfSessions = PortPair.fromRange(aceIp.getSourcePortRange(), aceIp.getDestinationPortRange()).size();
+        final ClassifyAddDelTable request = createTable(nextTableIndex, numberOfSessions);
         request.skipNVectors = 0; // match entire L2 and L3 header
-        request.matchNVectors = MATCH_N_VECTORS;
-        request.mask = new byte[TABLE_MASK_LENGTH];
+        request.mask = new byte[getTableMaskLength(vlanTags)];
+        request.matchNVectors = request.mask.length/16;
 
         final int baseOffset = getVlanTagsLen(vlanTags);
-        boolean aceIsEmpty = ip6Mask(baseOffset, mode, aceIp, ipVersion, request, LOG);
+        boolean aceIsEmpty = ip6Mask(baseOffset, mode, aceIp, ipVersion, request);
         if (aceIsEmpty) {
             throw new IllegalArgumentException(
                 String.format("Ace %s does not define packet field match values", aceIp.toString()));
@@ -61,26 +60,40 @@ final class AceIp6Writer implements AceWriter<AceIp>, AclTranslator, Ip6AclTrans
         return request;
     }
 
+    private static int getTableMaskLength(final int vlanTags) {
+        if (vlanTags == 2) {
+            return 80;
+        } else {
+            return 64;
+        }
+    }
+
     @Override
-    public ClassifyAddDelSession createSession(@Nonnull final PacketHandling action,
-                                               @Nonnull final AceIp aceIp,
-                                               @Nullable final InterfaceMode mode,
-                                               final int tableIndex,
-                                               final int vlanTags) {
+    public List<ClassifyAddDelSession> createSession(@Nonnull final PacketHandling action,
+                                                     @Nonnull final AceIp aceIp,
+                                                     @Nullable final InterfaceMode mode,
+                                                     final int tableIndex,
+                                                     final int vlanTags) {
         checkArgument(aceIp.getAceIpVersion() instanceof AceIpv6, "Expected AceIpv6 version, but was %", aceIp);
         final AceIpv6 ipVersion = (AceIpv6) aceIp.getAceIpVersion();
+        final List<PortPair> portPairs =
+            PortPair.fromRange(aceIp.getSourcePortRange(), aceIp.getDestinationPortRange());
 
-        final ClassifyAddDelSession request = createSession(action, tableIndex);
-        request.match = new byte[TABLE_MASK_LENGTH];
+        final List<ClassifyAddDelSession> requests = new ArrayList<>(portPairs.size());
+        for (final PortPair pair : portPairs) {
+            final ClassifyAddDelSession request = createSession(action, tableIndex);
+            request.match = new byte[getTableMaskLength(vlanTags)];
 
-        final int baseOffset = getVlanTagsLen(vlanTags);
-        boolean noMatch = ip6Match(baseOffset, mode, aceIp, ipVersion, request, LOG);
-        if (noMatch) {
-            throw new IllegalArgumentException(
-                String.format("Ace %s does not define packet field match values", aceIp.toString()));
-        }
+            final int baseOffset = getVlanTagsLen(vlanTags);
+            boolean noMatch = ip6Match(baseOffset, mode, aceIp, ipVersion, pair.getSrc(), pair.getDst(), request);
+            if (noMatch) {
+                throw new IllegalArgumentException(
+                    String.format("Ace %s does not define packet field match values", aceIp.toString()));
+            }
 
-        LOG.debug("ACE action={}, rule={} translated to session={}.", action, aceIp, request);
-        return request;
+            LOG.debug("ACE action={}, rule={} translated to session={}.", action, aceIp, request);
+            requests.add(request);
+        }
+        return requests;
     }
 }