summaryrefslogtreecommitdiffstats
path: root/docs/gettingstarted/developers/fib20/barnacles.rst
diff options
context:
space:
mode:
authorNathan Skrzypczak <nathan.skrzypczak@gmail.com>2021-08-19 11:38:06 +0200
committerDave Wallace <dwallacelf@gmail.com>2021-10-13 23:22:32 +0000
commit9ad39c026c8a3c945a7003c4aa4f5cb1d4c80160 (patch)
tree3cca19635417e28ae381d67ae31c75df2925032d /docs/gettingstarted/developers/fib20/barnacles.rst
parentf47122e07e1ecd0151902a3cabe46c60a99bee8e (diff)
docs: better docs, mv doxygen to sphinx
This patch refactors the VPP sphinx docs in order to make it easier to consume for external readers as well as VPP developers. It also makes sphinx the single source of documentation, which simplifies maintenance and operation. Most important updates are: - reformat the existing documentation as rst - split RELEASE.md and move it into separate rst files - remove section 'events' - remove section 'archive' - remove section 'related projects' - remove section 'feature by release' - remove section 'Various links' - make (Configuration reference, CLI docs, developer docs) top level items in the list - move 'Use Cases' as part of 'About VPP' - move 'Troubleshooting' as part of 'Getting Started' - move test framework docs into 'Developer Documentation' - add a 'Contributing' section for gerrit, docs and other contributer related infos - deprecate doxygen and test-docs targets - redirect the "make doxygen" target to "make docs" Type: refactor Change-Id: I552a5645d5b7964d547f99b1336e2ac24e7c209f Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Diffstat (limited to 'docs/gettingstarted/developers/fib20/barnacles.rst')
-rw-r--r--docs/gettingstarted/developers/fib20/barnacles.rst78
1 files changed, 0 insertions, 78 deletions
diff --git a/docs/gettingstarted/developers/fib20/barnacles.rst b/docs/gettingstarted/developers/fib20/barnacles.rst
deleted file mode 100644
index b5b89a34b36..00000000000
--- a/docs/gettingstarted/developers/fib20/barnacles.rst
+++ /dev/null
@@ -1,78 +0,0 @@
-.. _barnacles:
-
-Barnacles
----------
-
-Features that are stuck on the side of the FIB. Those that directly use
-the services that the FIB provides.
-
-In the section on FIB fundamentals it was mentioned that there is a
-separation between what to match and how to forward. In an IP FIB what
-to match is the packet's destination address against a table of IP
-prefixes, and how to forward is described by a list of paths (the
-**fib_path_list_t**).
-
-ACL Based Forwarding
-^^^^^^^^^^^^^^^^^^^^
-
-ACL Based Forwarding (ABF) is also know as policy based routing
-(PBR). In ABF what to match is described by an ACL.
-
-ABF uses two VPP services; ACL as a service, as provided by the ACL
-plugin and FIB path-lists. It just glues them together.
-
-An ABF policy is the combination of an ACL with the forwarding
-description of a FIB path-list. An ABF attachment is the association
-of [an ordered set of] ABF policies to an interface. The attachment is
-consulted on the ingress path of the IP DP (as an input
-feature). If the ACL matches then the associated forwarding is
-followed, if not, the packet continues along the DP. Simples.
-
-Layer 3 Cross Connect
-^^^^^^^^^^^^^^^^^^^^^
-
-An L3 cross-connect (L3XC) matches all packets
-that ingress the interface and then forwards using the supplied FIB
-path-list. Naturally it runs as an input feature in the IP
-path. Super simples.
-
-IP Punt
-^^^^^^^
-
-Matches all IP packets that VPP has punted. Why they are punted is not
-relevant. All IP punted packets are sent by VPP to the punt feature
-arc. This feature 'matches' all packets that it receives and forwards
-using the FIB path-list.
-
-
-Unicast Reverse Path Forwarding
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Unicast Reverse Path Forwarding (uRPF) is the process of ensuring that
-a packet has a conforming source address. It comes in two
-flavours:
-
-- loose: The source address must be reachable, i.e. FIB must have a
- route that will forward to the source address. The default route
- counts as long as it does not drop.
-- strict: The source address is reachable via the interface on which
- the packet arrived, i.e. the FIB's route for the source address must
- include the input interface as an output interface.
-
-The uRPF feature can run on either the input or output IP feature
-arc. In both cases it serves as an anti-spoofing check, though the
-semantics are slightly different. On the input arc it enforces that
-peers on that link are only using source addresses that they should -
-a network admin should employ at the access edge. On the output
-arc it enforces that a packet is sourced from a prefix that belongs to
-the network, i.e. that is has originated from within an SP's
-network, a network admin could use at its peering points.
-
-To perform a uRPF check, the DP performs an IP FIB lookup on the
-source address, this always results in a load-balance (LB) object. If
-the LB has only 1 bucket and that bucket stacks on a drop DPO, then
-both a loose and strict check will fail, otherwise a loose check
-will pass. Each LB object has an associated uRPF list object. This
-object holds the list of interfaces through which the prefix is
-reachable. To pass the strict check, the input/output interface must
-be in this list.