diff options
author | Neale Ranns <nranns@cisco.com> | 2016-08-25 15:29:12 +0100 |
---|---|---|
committer | Damjan Marion <dmarion.lists@gmail.com> | 2016-09-21 17:37:39 +0000 |
commit | 0bfe5d8c792abcdbcf27bfcc7b7b353fba04aee2 (patch) | |
tree | d600b0e2e693e766e722936744930d3bebac493c /vnet/vnet/ip/ip_source_and_port_range_check.h | |
parent | 60537f3d83e83d0ce10a620ca99aad4eddf85f5e (diff) |
A Protocol Independent Hierarchical FIB (VPP-352)
Main Enhancements:
- Protocol Independent FIB API
- Hierarchical FIB entries. Dynamic recursive route resolution.
- Extranet Support.
- Integration of IP and MPLS forwarding.
- Separation of FIB and Adjacency databases.
- Data-Plane Object forwarding model.
Change-Id: I52dc815c0d0aa8b493e3cf6b978568f3cc82296c
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'vnet/vnet/ip/ip_source_and_port_range_check.h')
-rw-r--r-- | vnet/vnet/ip/ip_source_and_port_range_check.h | 66 |
1 files changed, 63 insertions, 3 deletions
diff --git a/vnet/vnet/ip/ip_source_and_port_range_check.h b/vnet/vnet/ip/ip_source_and_port_range_check.h index 5b49aabd..fefe5ff1 100644 --- a/vnet/vnet/ip/ip_source_and_port_range_check.h +++ b/vnet/vnet/ip/ip_source_and_port_range_check.h @@ -19,9 +19,6 @@ typedef struct { - u32 ranges_per_adjacency; - u32 special_adjacency_format_function_index; - /* convenience */ vlib_main_t *vlib_main; vnet_main_t *vnet_main; @@ -60,6 +57,69 @@ typedef struct u16x8vec_t hi; } protocol_port_range_t; +/** + * @brief The number of supported ranges per-data path object. + * If more ranges are required, bump this number. + */ +#define N_PORT_RANGES_PER_DPO 64 +#define N_RANGES_PER_BLOCK (sizeof(u16x8vec_t)/2) +#define N_BLOCKS_PER_DPO (N_PORT_RANGES_PER_DPO/N_RANGES_PER_BLOCK) + +/** + * @brief + * The object that is in the data-path to perform the check. + * + * Some trade-offs here; memory vs performance. + * + * performance: + * the principle factor is d-cache line misses/hits. + * so we want the data layout to minimise the d-cache misses. This + * means not following dependent reads. i.e. not doing + * + * struct B { + * u16 n_ranges; + * range_t *ragnes; // vector of ranges. + * } + * + * so to read ranges[0] we would first d-cache miss on the address + * of the object of type B, for which we would need to wait before we + * can get the address of B->ranges. + * So this layout is better: + * + * struct B { + * u16 n_ranges; + * range_t ragnes[N]; + * } + * + * memory: + * the latter layout above is more memory hungry. And N needs to be: + * 1 - sized for the maximum required + * 2 - fixed, so that objects of type B can be pool allocated and so + * 'get'-able using an index. + * An option over fixed might be to allocate contiguous chunk from + * the pool (like we used to do for multi-path adjs). + */ +typedef struct protocol_port_range_dpo_t_ +{ + /** + * The number of blocks from the 'block' array below + * that have rnages configured. We keep this count so that in the data-path + * we can limit the loop to be only over the blocks we need + */ + u16 n_used_blocks; + + /** + * The total number of free ranges from all blocks. + * Used to prevent overrun of the ranges available. + */ + u16 n_free_ranges; + + /** + * the fixed size array of ranges + */ + protocol_port_range_t blocks[N_BLOCKS_PER_DPO]; +} protocol_port_range_dpo_t; + int ip4_source_and_port_range_check_add_del (ip4_address_t * address, u32 length, u32 vrf_id, |