diff options
author | Steve Shin <jonshin@cisco.com> | 2016-11-08 10:47:10 -0800 |
---|---|---|
committer | John Lo <loj@cisco.com> | 2016-11-16 02:29:44 +0000 |
commit | 25e26dc5136137c771715145dd5b2884060ff9eb (patch) | |
tree | 9279b106952a9a603060a185bda6b9f2e89ec8f4 /vpp/vpp-api | |
parent | 9c6ae5f43b1f3141d37d6d7b3963926302826f08 (diff) |
VPP-521: Classify API enhancement to redirect traffic to pre-defined VRF
Ingress packets are punted to the “Input ACL node” where traffic is
classified based on n-tuple keys. If no matched session is found from
the classify tables, then it will be passed to “the lookup node” for
normal packet forwarding. If a classify session is hit from one of
classify tables, then packet vnet buffer field sw_if_index[VLIB_TX]
will be updated to the new FIB index used for subsequent IP lookup
for this packet.
Change-Id: Ifdea63196ddb81c2d5c43b8c98e11ddbf5b11858
Signed-off-by: Steve Shin <jonshin@cisco.com>
Diffstat (limited to 'vpp/vpp-api')
-rw-r--r-- | vpp/vpp-api/api.c | 33 | ||||
-rw-r--r-- | vpp/vpp-api/custom_dump.c | 7 | ||||
-rw-r--r-- | vpp/vpp-api/vpe.api | 26 |
3 files changed, 56 insertions, 10 deletions
diff --git a/vpp/vpp-api/api.c b/vpp/vpp-api/api.c index 1ecd1481..b2975760 100644 --- a/vpp/vpp-api/api.c +++ b/vpp/vpp-api/api.c @@ -3922,7 +3922,9 @@ _(memory_size) \ _(skip_n_vectors) \ _(match_n_vectors) \ _(next_table_index) \ -_(miss_next_index) +_(miss_next_index) \ +_(current_data_flag) \ +_(current_data_offset) static void vl_api_classify_add_del_table_t_handler (vl_api_classify_add_del_table_t * mp) @@ -3941,17 +3943,25 @@ static void vl_api_classify_add_del_table_t_handler #undef _ /* The underlying API fails silently, on purpose, so check here */ - if (mp->is_add == 0) - if (pool_is_free_index (cm->tables, table_index)) - { - rv = VNET_API_ERROR_NO_SUCH_TABLE; - goto out; - } + if (mp->is_add == 0) /* delete */ + { + if (pool_is_free_index (cm->tables, table_index)) + { + rv = VNET_API_ERROR_NO_SUCH_TABLE; + goto out; + } + } + else /* add or update */ + { + if (table_index != ~0 && pool_is_free_index (cm->tables, table_index)) + table_index = ~0; + } rv = vnet_classify_add_del_table (cm, mp->mask, nbuckets, memory_size, skip_n_vectors, match_n_vectors, - next_table_index, miss_next_index, &table_index, mp->is_add); + next_table_index, miss_next_index, &table_index, + current_data_flag, current_data_offset, mp->is_add); out: /* *INDENT-OFF* */ @@ -3980,17 +3990,20 @@ static void vl_api_classify_add_del_session_t_handler vnet_classify_main_t *cm = &vnet_classify_main; vl_api_classify_add_del_session_reply_t *rmp; int rv; - u32 table_index, hit_next_index, opaque_index; + u32 table_index, hit_next_index, opaque_index, metadata; i32 advance; + u8 action; table_index = ntohl (mp->table_index); hit_next_index = ntohl (mp->hit_next_index); opaque_index = ntohl (mp->opaque_index); advance = ntohl (mp->advance); + action = mp->action; + metadata = ntohl (mp->metadata); rv = vnet_classify_add_del_session (cm, table_index, mp->match, hit_next_index, opaque_index, - advance, mp->is_add); + advance, action, metadata, mp->is_add); REPLY_MACRO (VL_API_CLASSIFY_ADD_DEL_SESSION_REPLY); } diff --git a/vpp/vpp-api/custom_dump.c b/vpp/vpp-api/custom_dump.c index b42130d6..1dc96650 100644 --- a/vpp/vpp-api/custom_dump.c +++ b/vpp/vpp-api/custom_dump.c @@ -1222,6 +1222,10 @@ static void *vl_api_classify_add_del_table_t_print s = format (s, "match %d ", ntohl (mp->match_n_vectors)); s = format (s, "next-table %d ", ntohl (mp->next_table_index)); s = format (s, "miss-next %d ", ntohl (mp->miss_next_index)); + s = format (s, "current-data-flag %d ", ntohl (mp->current_data_flag)); + if (mp->current_data_flag) + s = format (s, "current-data-offset %d ", + ntohl (mp->current_data_offset)); s = format (s, "mask hex "); for (i = 0; i < ntohl (mp->match_n_vectors) * sizeof (u32x4); i++) s = format (s, "%02x", mp->mask[i]); @@ -1243,6 +1247,9 @@ static void *vl_api_classify_add_del_session_t_print s = format (s, "hit_next_index %d ", ntohl (mp->hit_next_index)); s = format (s, "opaque_index %d ", ntohl (mp->opaque_index)); s = format (s, "advance %d ", ntohl (mp->advance)); + s = format (s, "action %d ", mp->action); + if (mp->action) + s = format (s, "metadata %d ", ntohl (mp->metadata)); if (mp->is_add == 0) s = format (s, "del "); diff --git a/vpp/vpp-api/vpe.api b/vpp/vpp-api/vpe.api index e69979c6..8a7fac67 100644 --- a/vpp/vpp-api/vpe.api +++ b/vpp/vpp-api/vpe.api @@ -1766,6 +1766,17 @@ define bd_ip_mac_add_del_reply @param match_n_vectors - number of match vectors @param next_table_index - index of next table @param miss_next_index - index of miss table + @param current_data_flag - option to use current node's packet payload + as the starting point from where packets are classified, + This option is only valid for L2/L3 input ACL for now. + 0: by default, classify data from the buffer's start location + 1: classify packets from VPP node’s current data pointer + @param current_data_offset - a signed value to shift the start location of + the packet to be classified + For example, if input IP ACL node is used, L2 header’s first byte + can be accessible by configuring current_data_offset to -14 + if there is no vlan tag. + This is valid only if current_data_flag is set to 1. @param mask[] - match mask */ define classify_add_del_table @@ -1780,6 +1791,8 @@ define classify_add_del_table u32 match_n_vectors; u32 next_table_index; u32 miss_next_index; + u32 current_data_flag; + i32 current_data_offset; u8 mask[0]; }; @@ -1807,6 +1820,17 @@ define classify_add_del_table_reply @param hit_next_index - for add, hit_next_index of new session, required @param opaque_index - for add, opaque_index of new session @param advance -for add, advance value for session + @param action - + 0: no action (by default) + metadata is not used. + 1: Classified IP packets will be looked up from the + specified ipv4 fib table (configured by metadata as VRF id). + Only valid for L3 input ACL node + 2: Classified IP packets will be looked up from the + specified ipv6 fib table (configured by metadata as VRF id). + Only valid for L3 input ACL node + @param metadata - valid only if action != 0 + VRF id if action is 1 or 2. @param match[] - for add, match value for session, required */ define classify_add_del_session @@ -1818,6 +1842,8 @@ define classify_add_del_session u32 hit_next_index; u32 opaque_index; i32 advance; + u8 action; + u32 metadata; u8 match[0]; }; |