diff options
| author |   Neale Ranns <nranns@cisco.com> | 2018-12-20 12:03:59 -0800 |
|---|---|---|
| committer | Neale Ranns <nranns@cisco.com> | 2018-12-21 18:12:25 +0000 |
| commit | 1c17e2ecac42e001ce905418463edcb26fe58b01 (patch) | |
| tree | a1c5c69e868d28eb3f3b338db4cde65eff7b2534 /extras | |
| parent | fc7344f9beffe506085730e8e03f7c8771deb3a6 (diff) | |
GBP: add allowed ethertypes to contracts
Change-Id: I74782d3b9b71a071bb500c34866a017b8ee15767
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'extras')
| -rw-r--r-- | extras/vom/vom/gbp_contract.cpp | 79 | ||||
| -rw-r--r-- | extras/vom/vom/gbp_contract.hpp | 19 | ||||
| -rw-r--r-- | extras/vom/vom/gbp_contract_cmds.cpp | 95 | ||||
| -rw-r--r-- | extras/vom/vom/gbp_contract_cmds.hpp | 4 | ||||
| -rw-r--r-- | extras/vom/vom/gbp_rule.cpp | 23 | ||||
| -rw-r--r-- | extras/vom/vom/gbp_rule.hpp | 11 |
6 files changed, 138 insertions, 93 deletions
diff --git a/extras/vom/vom/gbp_contract.cpp b/extras/vom/vom/gbp_contract.cpp index 87b5ed8ff0a..6cd2fad43f2 100644 --- a/extras/vom/vom/gbp_contract.cpp +++ b/extras/vom/vom/gbp_contract.cpp @@ -26,11 +26,15 @@ gbp_contract::event_handler gbp_contract::m_evh; gbp_contract::gbp_contract(epg_id_t src_epg_id, epg_id_t dst_epg_id, - const ACL::l3_list& acl) + const ACL::l3_list& acl, + const gbp_rules_t& rules, + const ethertype_set_t& allowed_ethertypes) : m_hw(false) , m_src_epg_id(src_epg_id) , m_dst_epg_id(dst_epg_id) , m_acl(acl.singular()) + , m_gbp_rules(rules) + , m_allowed_ethertypes(allowed_ethertypes) { } @@ -39,6 +43,8 @@ gbp_contract::gbp_contract(const gbp_contract& gbpc) , m_src_epg_id(gbpc.m_src_epg_id) , m_dst_epg_id(gbpc.m_dst_epg_id) , m_acl(gbpc.m_acl) + , m_gbp_rules(gbpc.m_gbp_rules) + , m_allowed_ethertypes(gbpc.m_allowed_ethertypes) { } @@ -77,7 +83,8 @@ gbp_contract::replay() { if (m_hw) { HW::enqueue(new gbp_contract_cmds::create_cmd( - m_hw, m_src_epg_id, m_dst_epg_id, m_acl->handle(), m_gbp_rules)); + m_hw, m_src_epg_id, m_dst_epg_id, m_acl->handle(), m_gbp_rules, + m_allowed_ethertypes)); } } @@ -100,12 +107,6 @@ gbp_contract::to_string() const } void -gbp_contract::set_gbp_rules(const gbp_contract::gbp_rules_t& gbp_rules) -{ - m_gbp_rules = gbp_rules; -} - -void gbp_contract::update(const gbp_contract& r) { /* @@ -113,7 +114,8 @@ gbp_contract::update(const gbp_contract& r) */ if (rc_t::OK != m_hw.rc()) { HW::enqueue(new gbp_contract_cmds::create_cmd( - m_hw, m_src_epg_id, m_dst_epg_id, m_acl->handle(), m_gbp_rules)); + m_hw, m_src_epg_id, m_dst_epg_id, m_acl->handle(), m_gbp_rules, + m_allowed_ethertypes)); } } @@ -169,31 +171,44 @@ gbp_contract::event_handler::handle_populate(const client_db::key_t& key) ACL::l3_list::find(payload.contract.acl_index); if (acl) { - gbp_contract gbpc(payload.contract.src_epg, payload.contract.dst_epg, - *acl); - OM::commit(key, gbpc); - if (payload.contract.n_rules) { - gbp_contract::gbp_rules_t rules; - for (u8 i = 0; i < payload.contract.n_rules; i++) { - const gbp_rule::action_t action = - gbp_rule::action_t::from_int(payload.contract.rules[i].action); - const gbp_rule::hash_mode_t hm = gbp_rule::hash_mode_t::from_int( - payload.contract.rules[i].nh_set.hash_mode); - gbp_rule::next_hops_t nhs; - for (u8 j = 0; j < payload.contract.rules[i].nh_set.n_nhs; j++) { - gbp_rule::next_hop_t nh( - from_api(payload.contract.rules[i].nh_set.nhs[j].ip), - from_api(payload.contract.rules[i].nh_set.nhs[j].mac), - payload.contract.rules[i].nh_set.nhs[j].bd_id, - payload.contract.rules[i].nh_set.nhs[j].rd_id); - nhs.insert(nh); - } - gbp_rule::next_hop_set_t next_hop_set(hm, nhs); - gbp_rule gr(i, next_hop_set, action); - rules.insert(gr); + gbp_contract::gbp_rules_t rules; + + for (uint8_t i = 0; i < payload.contract.n_rules; i++) { + const gbp_rule::action_t action = + gbp_rule::action_t::from_int(payload.contract.rules[i].action); + const gbp_rule::hash_mode_t hm = gbp_rule::hash_mode_t::from_int( + payload.contract.rules[i].nh_set.hash_mode); + gbp_rule::next_hops_t nhs; + for (u8 j = 0; j < payload.contract.rules[i].nh_set.n_nhs; j++) { + gbp_rule::next_hop_t nh( + from_api(payload.contract.rules[i].nh_set.nhs[j].ip), + from_api(payload.contract.rules[i].nh_set.nhs[j].mac), + payload.contract.rules[i].nh_set.nhs[j].bd_id, + payload.contract.rules[i].nh_set.nhs[j].rd_id); + nhs.insert(nh); } - gbpc.set_gbp_rules(rules); + gbp_rule::next_hop_set_t next_hop_set(hm, nhs); + gbp_rule gr(i, next_hop_set, action); + rules.insert(gr); + } + + ethertype_set_t allowed_ethertypes; + u8 *data, n_et; + u16* et; + + data = (((u8*)&payload.contract.n_ether_types) + + (sizeof(payload.contract.rules[0]) * payload.contract.n_rules)); + n_et = *data; + et = (u16*)(++data); + + for (uint8_t i = 0; i < n_et; i++) { + allowed_ethertypes.insert(ethertype_t::from_numeric_val(et[i])); } + + gbp_contract gbpc(payload.contract.src_epg, payload.contract.dst_epg, + *acl, rules, allowed_ethertypes); + OM::commit(key, gbpc); + VOM_LOG(log_level_t::DEBUG) << "read: " << gbpc.to_string(); } } diff --git a/extras/vom/vom/gbp_contract.hpp b/extras/vom/vom/gbp_contract.hpp index 53f8f3659ec..e517a3d6428 100644 --- a/extras/vom/vom/gbp_contract.hpp +++ b/extras/vom/vom/gbp_contract.hpp @@ -42,11 +42,18 @@ public: typedef std::pair<epg_id_t, epg_id_t> key_t; /** + * A set of allowed ethertypes + */ + typedef std::set<ethertype_t> ethertype_set_t; + + /** * Construct a GBP contract */ gbp_contract(epg_id_t src_epg_id, epg_id_t dst_epg_id, - const ACL::l3_list& acl); + const ACL::l3_list& acl, + const gbp_rules_t& gpb_rules, + const ethertype_set_t& allowed_ethertypes); /** * Copy Construct @@ -93,11 +100,6 @@ public: */ std::string to_string() const; - /** - * Set gbp_rules in case of Redirect Contract - */ - void set_gbp_rules(const gbp_rules_t& gbp_rules); - private: /** * Class definition for listeners to OM events @@ -185,6 +187,11 @@ private: gbp_rules_t m_gbp_rules; /** + * the set of Ether-types allowed by this contract + */ + ethertype_set_t m_allowed_ethertypes; + + /** * A map of all bridge_domains */ static singular_db<key_t, gbp_contract> m_db; diff --git a/extras/vom/vom/gbp_contract_cmds.cpp b/extras/vom/vom/gbp_contract_cmds.cpp index 8b15e8cb519..7c42fc6bc4e 100644 --- a/extras/vom/vom/gbp_contract_cmds.cpp +++ b/extras/vom/vom/gbp_contract_cmds.cpp @@ -23,12 +23,14 @@ create_cmd::create_cmd(HW::item<bool>& item, epg_id_t src_epg_id, epg_id_t dst_epg_id, const handle_t& acl, - const gbp_contract::gbp_rules_t& gbp_rules) + const gbp_contract::gbp_rules_t& gbp_rules, + const gbp_contract::ethertype_set_t& allowed_ethertypes) : rpc_cmd(item) , m_src_epg_id(src_epg_id) , m_dst_epg_id(dst_epg_id) , m_acl(acl) , m_gbp_rules(gbp_rules) + , m_allowed_ethertypes(allowed_ethertypes) { } @@ -37,58 +39,69 @@ create_cmd::operator==(const create_cmd& other) const { return ((m_acl == other.m_acl) && (m_src_epg_id == other.m_src_epg_id) && (m_dst_epg_id == other.m_dst_epg_id) && - (m_gbp_rules == other.m_gbp_rules)); + (m_gbp_rules == other.m_gbp_rules) && + (m_allowed_ethertypes == other.m_allowed_ethertypes)); } rc_t create_cmd::issue(connection& con) { - u8 size = m_gbp_rules.empty() ? 1 : m_gbp_rules.size(); - msg_t req(con.ctx(), size, std::ref(*this)); + size_t n_rules = m_gbp_rules.size(); + size_t n_et_rules = 0; + + msg_t req(con.ctx(), n_rules, n_et_rules, std::ref(*this)); auto& payload = req.get_request().get_payload(); payload.is_add = 1; payload.contract.acl_index = m_acl.value(); payload.contract.src_epg = m_src_epg_id; payload.contract.dst_epg = m_dst_epg_id; - if (size > 1) { - u32 ii = 0; - auto it = m_gbp_rules.cbegin(); - payload.contract.n_rules = m_gbp_rules.size(); - while (it != m_gbp_rules.cend()) { - if (it->action() == gbp_rule::action_t::REDIRECT) - payload.contract.rules[ii].action = GBP_API_RULE_REDIRECT; - else if (it->action() == gbp_rule::action_t::PERMIT) - payload.contract.rules[ii].action = GBP_API_RULE_PERMIT; - else - payload.contract.rules[ii].action = GBP_API_RULE_DENY; - - if (it->nhs().getHashMode() == gbp_rule::hash_mode_t::SYMMETRIC) - payload.contract.rules[ii].nh_set.hash_mode = - GBP_API_HASH_MODE_SYMMETRIC; - else if (it->nhs().getHashMode() == gbp_rule::hash_mode_t::SRC_IP) - payload.contract.rules[ii].nh_set.hash_mode = GBP_API_HASH_MODE_SRC_IP; - else - payload.contract.rules[ii].nh_set.hash_mode = GBP_API_HASH_MODE_DST_IP; - - const gbp_rule::next_hops_t& next_hops = it->nhs().getNextHops(); - u8 jj = 0, nh_size = (next_hops.size() > 8) ? 8 : next_hops.size(); - auto nh_it = next_hops.cbegin(); - - payload.contract.rules[ii].nh_set.n_nhs = nh_size; - while (jj < nh_size) { - to_api(nh_it->getIp(), payload.contract.rules[ii].nh_set.nhs[jj].ip); - to_api(nh_it->getMac(), payload.contract.rules[ii].nh_set.nhs[jj].mac); - payload.contract.rules[ii].nh_set.nhs[jj].bd_id = nh_it->getBdId(); - payload.contract.rules[ii].nh_set.nhs[jj].rd_id = nh_it->getRdId(); - ++nh_it; - ++jj; - } - - ++it; - ++ii; + + uint32_t ii = 0; + payload.contract.n_rules = n_rules; + + for (auto rule : m_gbp_rules) { + if (rule.action() == gbp_rule::action_t::REDIRECT) + payload.contract.rules[ii].action = GBP_API_RULE_REDIRECT; + else if (rule.action() == gbp_rule::action_t::PERMIT) + payload.contract.rules[ii].action = GBP_API_RULE_PERMIT; + else + payload.contract.rules[ii].action = GBP_API_RULE_DENY; + + if (rule.nhs().hash_mode() == gbp_rule::hash_mode_t::SYMMETRIC) + payload.contract.rules[ii].nh_set.hash_mode = GBP_API_HASH_MODE_SYMMETRIC; + else if (rule.nhs().hash_mode() == gbp_rule::hash_mode_t::SRC_IP) + payload.contract.rules[ii].nh_set.hash_mode = GBP_API_HASH_MODE_SRC_IP; + else + payload.contract.rules[ii].nh_set.hash_mode = GBP_API_HASH_MODE_DST_IP; + + const gbp_rule::next_hops_t& next_hops = rule.nhs().next_hops(); + uint8_t jj = 0, nh_size = (next_hops.size() > 8) ? 8 : next_hops.size(); + + payload.contract.rules[ii].nh_set.n_nhs = nh_size; + for (auto nh : next_hops) { + to_api(nh.getIp(), payload.contract.rules[ii].nh_set.nhs[jj].ip); + to_api(nh.getMac(), payload.contract.rules[ii].nh_set.nhs[jj].mac); + payload.contract.rules[ii].nh_set.nhs[jj].bd_id = nh.getBdId(); + payload.contract.rules[ii].nh_set.nhs[jj].rd_id = nh.getRdId(); + jj++; } + ++ii; } + + u8* data; + u16* et; + + data = (((u8*)&payload.contract.n_ether_types) + + (sizeof(payload.contract.rules[0]) * payload.contract.n_rules)); + *data = m_allowed_ethertypes.size(); + et = (u16*)(++data); + ii = 0; + for (auto tt : m_allowed_ethertypes) { + et[ii] = tt.value(); + ii++; + } + VAPI_CALL(req.execute()); return (wait()); @@ -124,7 +137,7 @@ delete_cmd::operator==(const delete_cmd& other) const rc_t delete_cmd::issue(connection& con) { - msg_t req(con.ctx(), 1, std::ref(*this)); + msg_t req(con.ctx(), 0, 0, std::ref(*this)); auto& payload = req.get_request().get_payload(); payload.is_add = 0; diff --git a/extras/vom/vom/gbp_contract_cmds.hpp b/extras/vom/vom/gbp_contract_cmds.hpp index 4f921f6da94..476a594ae3e 100644 --- a/extras/vom/vom/gbp_contract_cmds.hpp +++ b/extras/vom/vom/gbp_contract_cmds.hpp @@ -37,7 +37,8 @@ public: epg_id_t src_epg_id, epg_id_t dst_epg_id, const handle_t& acl, - const gbp_contract::gbp_rules_t& gbp_rules); + const gbp_contract::gbp_rules_t& gbp_rules, + const gbp_contract::ethertype_set_t& allowed_ethertypes); /** * Issue the command to VPP/HW @@ -59,6 +60,7 @@ private: const epg_id_t m_dst_epg_id; const handle_t m_acl; const gbp_contract::gbp_rules_t& m_gbp_rules; + const gbp_contract::ethertype_set_t& m_allowed_ethertypes; }; /** diff --git a/extras/vom/vom/gbp_rule.cpp b/extras/vom/vom/gbp_rule.cpp index 7aa799029ff..48c59b14c2b 100644 --- a/extras/vom/vom/gbp_rule.cpp +++ b/extras/vom/vom/gbp_rule.cpp @@ -105,6 +105,12 @@ gbp_rule::next_hop_set_t::next_hop_set_t(const gbp_rule::hash_mode_t& hm, { } +gbp_rule::next_hop_set_t::next_hop_set_t(const hash_mode_t& hm) + : m_hm(hm) + , m_nhs() +{ +} + std::string gbp_rule::next_hop_set_t::to_string() const { @@ -128,13 +134,13 @@ gbp_rule::next_hop_set_t::operator==(const next_hop_set_t& nhs) const } const gbp_rule::hash_mode_t& -gbp_rule::next_hop_set_t::getHashMode() const +gbp_rule::next_hop_set_t::hash_mode() const { return m_hm; } const gbp_rule::next_hops_t& -gbp_rule::next_hop_set_t::getNextHops() const +gbp_rule::next_hop_set_t::next_hops() const { return m_nhs; } @@ -168,6 +174,13 @@ gbp_rule::gbp_rule(uint32_t priority, { } +gbp_rule::gbp_rule(uint32_t priority, const gbp_rule::action_t& a) + : m_priority(priority) + , m_nhs() + , m_action(a) +{ +} + bool gbp_rule::operator<(const gbp_rule& other) const { @@ -193,12 +206,6 @@ gbp_rule::to_string() const return (s.str()); } -uint32_t -gbp_rule::priority() const -{ - return m_priority; -} - const gbp_rule::action_t& gbp_rule::action() const { diff --git a/extras/vom/vom/gbp_rule.hpp b/extras/vom/vom/gbp_rule.hpp index bda040939fb..04301da79e9 100644 --- a/extras/vom/vom/gbp_rule.hpp +++ b/extras/vom/vom/gbp_rule.hpp @@ -147,6 +147,7 @@ public: * Constructor for next_hop_set_t */ next_hop_set_t(const hash_mode_t& hm, next_hops_t& nhs); + next_hop_set_t(const hash_mode_t& hm = hash_mode_t::SYMMETRIC); /** * Destructor for next_hop_set_t @@ -166,12 +167,12 @@ public: /** * get the hash mode */ - const hash_mode_t& getHashMode(void) const; + const hash_mode_t& hash_mode(void) const; /** * get the set of next hops */ - const next_hops_t& getNextHops(void) const; + const next_hops_t& next_hops(void) const; private: /** @@ -218,6 +219,7 @@ public: * Construct a new object matching the desried state */ gbp_rule(uint32_t priority, const next_hop_set_t& nhs, const action_t& a); + gbp_rule(uint32_t priority, const action_t& a); /** * Copy Constructor @@ -235,8 +237,8 @@ public: std::string to_string() const; /** - * less-than operator - */ + * less-than operator + */ bool operator<(const gbp_rule& rule) const; /** @@ -247,7 +249,6 @@ public: /** * Getters */ - uint32_t priority() const; const next_hop_set_t& nhs() const; const action_t& action() const; |