summaryrefslogtreecommitdiffstats
path: root/src/plugins/abf/abf_policy.h
diff options
context:
space:
mode:
authorAndrew Yourtchenko <ayourtch@gmail.com>2017-11-17 14:38:18 +0100
committerDamjan Marion <dmarion.lists@gmail.com>2018-04-17 18:25:05 +0000
commit669d07dc016757b856e1014a415996cf9f0ebc58 (patch)
treebd86de6e168fd66563f3f81aa971403c0409bbe9 /src/plugins/abf/abf_policy.h
parent2926eca95138577be8d88eb8d6a442d93f182309 (diff)
ACL based forwarding
A poor man's flow switching or policy based rounting. An ACL is used to match packets and is associated with a [set of] forwarding paths that determine how to forward matched packets - collectively this association is a 'policy'. Policies are then 'attached', in a priority order, to an interface when thaey are encountered as an input feature. If a packet matches no policies it is forwarded normally in the IP FIB. This commit is used to test the "ACL-as-a-service" functionality, which currently compiles, and the existing traffic ACL tests pass in both hash and linear modes. Change-Id: I0b274ec9f2e645352fa898b43eb54c457e195964 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ole Troan <ot@cisco.com>
Diffstat (limited to 'src/plugins/abf/abf_policy.h')
-rw-r--r--src/plugins/abf/abf_policy.h118
1 files changed, 118 insertions, 0 deletions
diff --git a/src/plugins/abf/abf_policy.h b/src/plugins/abf/abf_policy.h
new file mode 100644
index 00000000000..71fa1a61afd
--- /dev/null
+++ b/src/plugins/abf/abf_policy.h
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __ABF_H__
+#define __ABF_H__
+
+#include <vnet/fib/fib_node.h>
+
+#define ABF_PLUGIN_VERSION_MAJOR 1
+#define ABF_PLUGIN_VERSION_MINOR 0
+
+/**
+ * An ACL based Forwading 'policy'.
+ * This comprises the ACL index to match against and the forwarding
+ * path to take if the match is successfull.
+ *
+ * ABF policies are then 'attached' to interfaces. An input feature
+ * will run through the list of policies a match will divert the packet,
+ * if all miss then we continues down the interface's feature arc
+ */
+typedef struct abf_policy_t_
+{
+ /**
+ * Linkage into the FIB graph
+ */
+ fib_node_t ap_node;
+
+ /**
+ * ACL index to match
+ */
+ u32 ap_acl;
+
+ /**
+ * The path-list describing how to forward in case of a match
+ */
+ fib_node_index_t ap_pl;
+
+ /**
+ * Sibling index on the path-list
+ */
+ u32 ap_sibling;
+
+ /**
+ * The policy ID - as configured by the client
+ */
+ u32 ap_id;
+} abf_policy_t;
+
+/**
+ * Get an ABF object from its VPP index
+ */
+extern abf_policy_t *abf_policy_get (index_t index);
+
+/**
+ * Find a ABF object from the client's policy ID
+ *
+ * @param policy_id Client's defined policy ID
+ * @return VPP's object index
+ */
+extern index_t abf_policy_find (u32 policy_id);
+
+/**
+ * The FIB node type for ABF policies
+ */
+extern fib_node_type_t abf_policy_fib_node_type;
+
+/**
+ * Create or update an ABF Policy
+ *
+ * @param policy_id User defined Policy ID
+ * @param acl_index The ACL the policy with match on
+ * @param rpaths The set of paths to add to the forwarding set
+ */
+extern void abf_policy_update (u32 policy_id,
+ u32 acl_index,
+ const fib_route_path_t * rpaths);
+
+/**
+ * Delete paths from an ABF Policy. If no more paths exist, the policy
+ * is deleted.
+ *
+ * @param policy_id User defined Policy ID
+ * @param rpaths The set of paths to forward remove
+ */
+extern int abf_policy_delete (u32 policy_id, const fib_route_path_t * rpaths);
+
+/**
+ * Callback function invoked during a walk of all policies
+ */
+typedef int (*abf_policy_walk_cb_t) (index_t index, void *ctx);
+
+/**
+ * Walk/visit each of the ABF policies
+ */
+extern void abf_policy_walk (abf_policy_walk_cb_t cb, void *ctx);
+
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
+
+#endif