diff options
author | Pablo Camarillo <pcamaril@cisco.com> | 2017-03-16 10:43:05 +0100 |
---|---|---|
committer | Damjan Marion <dmarion.lists@gmail.com> | 2017-03-29 08:56:05 +0000 |
commit | 4521afa9a643983c789b6b3a77b14c0a95d5e0b2 (patch) | |
tree | 0902086700854c4b6f5597b2cd0bb6f47be77a62 /src/vnet | |
parent | 45ce3fbee5c1a7ad2a01f766c9b05059aa467b8f (diff) |
Bugfixing and documentation for SRv6
- Fixed three coverity issues
- Linked SRv6 docs
- Moved sample plugin to examples folder
- Fixed bug with hash. Now everything is using mhash. Potentially in the future we want to do bihash.
Change-Id: Ie03a13c8fecb1e315e67d0596cbd23220779aaf2
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
Diffstat (limited to 'src/vnet')
-rwxr-xr-x | src/vnet/sr/sr.h | 30 | ||||
-rw-r--r-- | src/vnet/sr/sr_doc.md | 132 | ||||
-rwxr-xr-x | src/vnet/sr/sr_localsid.c | 18 | ||||
-rw-r--r-- | src/vnet/sr/sr_localsid.md | 58 | ||||
-rw-r--r-- | src/vnet/sr/sr_policy.md | 56 | ||||
-rwxr-xr-x | src/vnet/sr/sr_policy_rewrite.c | 28 | ||||
-rwxr-xr-x | src/vnet/sr/sr_steering.c | 59 | ||||
-rw-r--r-- | src/vnet/sr/sr_steering.md | 11 |
8 files changed, 192 insertions, 200 deletions
diff --git a/src/vnet/sr/sr.h b/src/vnet/sr/sr.h index 5efeb4dd06a..b832c0fc365 100755 --- a/src/vnet/sr/sr.h +++ b/src/vnet/sr/sr.h @@ -173,6 +173,7 @@ typedef struct } l2; }; u8 traffic_type; /**< Traffic type (IPv4, IPv6, L2) */ + u8 padding[3]; } sr_steering_key_t; typedef struct @@ -186,46 +187,29 @@ typedef struct */ typedef struct { - /* ip6-lookup next index for imposition FIB entries */ - u32 ip6_lookup_sr_next_index; - - /* ip6-replicate next index for multicast tunnel */ - u32 ip6_lookup_sr_spray_index; - - /* IP4-lookup -> SR rewrite next index */ - u32 ip4_lookup_sr_policy_rewrite_encaps_index; - u32 ip4_lookup_sr_policy_rewrite_insert_index; - - /* IP6-lookup -> SR rewrite next index */ - u32 ip6_lookup_sr_policy_rewrite_encaps_index; - u32 ip6_lookup_sr_policy_rewrite_insert_index; - /* L2-input -> SR rewrite next index */ u32 l2_sr_policy_rewrite_index; - /* IP6-lookup -> SR LocalSID (SR End processing) index */ - u32 ip6_lookup_sr_localsid_index; - /* SR SID lists */ ip6_sr_sl_t *sid_lists; /* SR policies */ ip6_sr_policy_t *sr_policies; - /* Find an SR policy by its BindingSID */ - ip6_address_t *sr_policy_index_by_key; + /* Hash table mapping BindingSID to SR policy */ + mhash_t sr_policies_index_hash; /* Pool of SR localsid instances */ ip6_sr_localsid_t *localsids; - /* Find a SR localsid instance based on its functionID */ - ip6_address_t *localsids_index_by_key; + /* Hash table mapping LOC:FUNC to SR LocalSID instance */ + mhash_t sr_localsids_index_hash; /* Pool of SR steer policies instances */ ip6_sr_steering_policy_t *steer_policies; - /* Find a steer policy based on its classifier */ - sr_steering_key_t *steer_policies_index_by_key; + /* Hash table mapping steering rules to SR steer instance */ + mhash_t sr_steer_policies_hash; /* L2 steering ifaces - sr_policies */ u32 *sw_iface_sr_policies; diff --git a/src/vnet/sr/sr_doc.md b/src/vnet/sr/sr_doc.md index a72206309af..fd92bdf2268 100644 --- a/src/vnet/sr/sr_doc.md +++ b/src/vnet/sr/sr_doc.md @@ -1,6 +1,6 @@ -# SRv6: Segment Routing for IPv6 {#sr_doc} +# SRv6: Segment Routing for IPv6 {#srv6_doc} -This is a memo intended to contain documentation of the VPP SRv6 implementation +This is a memo intended to contain documentation of the VPP SRv6 implementation. Everything that is not directly obvious should come here. For any feedback on content that should be explained please mailto:pcamaril@cisco.com @@ -27,135 +27,29 @@ Segment routing can operate with either an MPLS or an IPv6 data plane. All the c * Local SID: is a SID associated with a processing function on the local node, which may go from advancing to the next SID in the SRH, to complex user-defined behaviors. When a FIB lookup, either in the main FIB or in a specific VRF, returns a match on a local SID, the associated function is performed. * BindingSID: a BindingSID is a SID (only one) associated one-one with an SR Policy. If a packet arrives with an IPv6 DA corresponding to a BindingSID, then the SR policy will be applied to such packet. -## Creating an SR LocalSID +## SRv6 Features in VPP -A local SID is associated to a Segment Routing behavior -or function- on the current node. +The <a href="https://datatracker.ietf.org/doc/draft-filsfils-spring-srv6-network-programming/">SRv6 Network Programming (*draft-filsfils-spring-srv6-network-programming*)</a> defines the SRv6 architecture. -The most basic behavior is called END. It simply activates the next SID in the current packet, by decrementing the Segments Left value and updating the IPv6 DA. +VPP supports the following SRv6 LocalSID functions: End, End.X, End.DX6, End.DT6, End.DX4, End.DT4, End.DX2, End.B6, End.B6.Encaps. -A local END SID is instantiated using the following CLI: +For further information and how to configure each specific function: @subpage srv6_localsid_doc - sr localsid (del) address XX::YY behavior end -This creates a new entry in the main FIB for IPv6 address XX::YY. All packets whose IPv6 DA matches this FIB entry are redirected to the sr-localsid node, where they are processed as described above. +The <a href="https://datatracker.ietf.org/doc/draft-filsfils-spring-segment-routing-policy/">Segment Routing Policy (*draft-filsfils-spring-segment-routing-policy*)</a> defines SR Policies. -Other examples of local SIDs are the following: +VPP supports SRv6 Policies with T.Insert and T.Encaps behaviors. - sr localsid (del) address XX::YY behavior end (psp) - sr localsid (del) address XX::YY behavior end.x GE0/1/0 2001::a (psp) - sr localsid (del) address XX::YY behavior end.dx6 GE0/1/0 2001::a - sr localsid (del) address XX::YY behavior end.dx4 GE0/1/0 10.0.0.1 - sr localsid (del) address XX::YY behavior end.dx2 GigabitE0/11/0 - sr localsid (del) address XX::YY behavior end.dt6 5 - sr localsid (del) address XX::YY behavior end.dt6 5 +For further information on how to create SR Policies: @subpage srv6_policy_doc -Note that all of these behaviors match the specifications in **TODO REF NET PGM**. Please refer to this document for a detailed description of each behavior. +For further information on how to steer traffic into SR Policies: @subpage srv6_steering_doc -Help on the available local SID behaviors and their usage can be obtained with: - - help sr localsid +## SRv6 LocalSID development framework -Alternatively they can be obtained using. - - show sr localsids behavior - -The difference in between those two commands is that the first one will only display the SR LocalSID behaviors that are built-in VPP, while the latter will display those behaviors plus the ones added with the SR LocalSID Development Framework. - - -VPP keeps a 'My LocalSID Table' where it stores all the SR local SIDs instantiated as well as their parameters. Every time a new local SID is instantiated, a new entry is added to this table. In addition, counters for correctly and incorrectly processed traffic are maintained for each local SID. The counters store both the number of packets and bytes. - -The contents of the 'My LocalSID Table' is shown with: - - vpp# show sr localsid - SRv6 - My LocalSID Table: - ========================= - Address: c3::1 - Behavior: DX6 (Endpoint with decapsulation and IPv6 cross-connect) - Iface: GigabitEthernet0/5/0 - Next hop: b:c3::b - Good traffic: [51277 packets : 5332808 bytes] - Bad traffic: [0 packets : 0 bytes] - -------------------- - -The traffic counters can be reset with: - - vpp# clear sr localsid counters - -## Creating a SR Policy - -An SR Policy is defined by a Binding SID and a weighted set of Segment Lists. - -A new SR policy is created with a first SID list using: - - sr policy add bsid 2001::1 next A1:: next B1:: next C1:: (weight 5) (fib-table 3) - -* The weight parameter is only used if more than one SID list is associated with the policy. -* The fib-table parameter specifies in which table (VRF) the Binding SID is to be installed. - -An SR policy is deleted with: - - sr policy del bsid 2001::1 - sr policy del index 1 - -The existing SR policies are listed with: - - show sr policies - -### Adding/Removing SID Lists from an SR policy - -An additional SID list is associated with an existing SR policy with: - - sr policy mod bsid 2001::1 add sl next A2:: next B2:: next C2:: (weight 3) - sr policy mod index 3 add sl next A2:: next B2:: next C2:: (weight 3) - -Conversely, a SID list can be removed from an SR policy with: - - sr policy mod bsid 2001::1 del sl index 1 - sr policy mod index 3 del sl index 1 - -Note that this cannot be used to remove the last SID list of a policy. - -The weight of a SID list can also be modified with: - - sr policy mod bsid 2001::1 mod sl index 1 weight 4 - sr policy mod index 3 mod sl index 1 weight 4 - -### SR Policies: Spray policies - -Spray policies are a specific type of SR policies where the packet is replicated on all the SID lists, rather than load-balanced among them. - -SID list weights are ignored with this type of policies. - -A Spray policy is instantiated by appending the keyword **spray** to a regular SR policy command, as in: - - sr policy add bsid 2001::1 next A1:: next B1:: next C1:: spray - -Spray policies are used for removing multicast state from a network core domain, and instead send a linear unicast copy to every access node. The last SID in each list accesses the multicast tree within the access node. - -### Encapsulation SR policies - -In case the user decides to create an SR policy an IPv6 Source Address must be specified for the encapsulated traffic. In order to do so the user might use the following command: - - set sr encaps source addr XXXX::YYYY - -## Steering packets into a SR Policy - -To steer packets in Transit into an SR policy (T.Insert, T.Encaps and T.Encaps.L2 behaviors), the user needs to create an 'sr steering policy'. - - sr steer l3 2001::/64 via sr policy index 1 - sr steer l3 2001::/64 via sr policy bsid cafe::1 - sr steer l3 2001::/64 via sr policy bsid cafe::1 fib-table 3 - sr steer l3 10.0.0.0/16 via sr policy bsid cafe::1 - sr steer l2 TenGE0/1/0 via sr policy bsid cafe::1 - -Disclaimer: The T.Encaps.L2 will steer L2 frames into an SR Policy. Notice that creating an SR steering policy for L2 frames will actually automatically *puts the interface into promiscous mode*. - -## SR LocalSID development framework - -One of the * 'key' * concepts about SRv6 is regarding network programmability. This is why an SRv6 LocalSID is associated with an specific function. +One of the *'key'* concepts about SRv6 is network programmability. This is why an SRv6 LocalSID is associated with an specific function. However, the trully way to enable network programmability is allowing any developer **easily** create his own SRv6 LocalSID function. That is the reason why we have added some API calls such that any developer can code his own SRv6 LocalSID behaviors as plugins an add them to the running SRv6 code. The principle is that the developer only codes the behavior -the graph node-. However all the FIB handling, SR LocalSID instantiation and so on are done by the VPP SRv6 code. -For more information please refer to the documentation *SRv6 Sample SR LocalSID plugin*. +For more information please refer to: @subpage srv6_plugin_doc diff --git a/src/vnet/sr/sr_localsid.c b/src/vnet/sr/sr_localsid.c index 610bb7ffbea..2e3d56de80b 100755 --- a/src/vnet/sr/sr_localsid.c +++ b/src/vnet/sr/sr_localsid.c @@ -72,18 +72,16 @@ sr_cli_localsid (char is_del, ip6_address_t * localsid_addr, int rv; ip6_sr_localsid_t *ls = 0; - ip6_address_t *key_copy; dpo_id_t dpo = DPO_INVALID; /* Search for the item */ - p = hash_get_mem (sm->localsids_index_by_key, localsid_addr); + p = mhash_get (&sm->sr_localsids_index_hash, localsid_addr); if (p) { if (is_del) { - hash_pair_t *hp; /* Retrieve localsid */ ls = pool_elt_at_index (sm->localsids, p[0]); /* Delete FIB entry */ @@ -116,10 +114,7 @@ sr_cli_localsid (char is_del, ip6_address_t * localsid_addr, /* Delete localsid registry */ pool_put (sm->localsids, ls); - hp = hash_get_pair (sm->localsids_index_by_key, localsid_addr); - key_copy = (void *) (hp->key); - hash_unset_mem (sm->localsids_index_by_key, localsid_addr); - vec_free (key_copy); + mhash_unset (&sm->sr_localsids_index_hash, localsid_addr, NULL); return 1; } else /* create with function already existing; complain */ @@ -232,9 +227,8 @@ sr_cli_localsid (char is_del, ip6_address_t * localsid_addr, } /* Set hash key for searching localsid by address */ - key_copy = vec_new (ip6_address_t, 1); - clib_memcpy (key_copy, localsid_addr, sizeof (ip6_address_t)); - hash_set_mem (sm->localsids_index_by_key, key_copy, ls - sm->localsids); + mhash_set (&sm->sr_localsids_index_hash, localsid_addr, ls - sm->localsids, + NULL); fib_table_entry_special_dpo_add (fib_index, &pfx, FIB_SOURCE_SR, FIB_ENTRY_FLAG_EXCLUSIVE, &dpo); @@ -1476,8 +1470,8 @@ sr_localsids_init (vlib_main_t * vm) { /* Init memory for function keys */ ip6_sr_main_t *sm = &sr_main; - sm->localsids_index_by_key = - hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword)); + mhash_init (&sm->sr_localsids_index_hash, sizeof (uword), + sizeof (ip6_address_t)); /* Init SR behaviors DPO type */ sr_localsid_dpo_type = dpo_register_new_type (&sr_loc_vft, sr_loc_nodes); /* Init SR behaviors DPO type */ diff --git a/src/vnet/sr/sr_localsid.md b/src/vnet/sr/sr_localsid.md new file mode 100644 index 00000000000..340af4a31b0 --- /dev/null +++ b/src/vnet/sr/sr_localsid.md @@ -0,0 +1,58 @@ +# SR LocalSIDs {#srv6_localsid_doc} + +A local SID is associated to a Segment Routing behavior -or function- on the current node. + +The most basic behavior is called END. It simply activates the next SID in the current packet, by decrementing the Segments Left value and updating the IPv6 DA. + +A local END SID is instantiated using the following CLI: + + sr localsid (del) address XX::YY behavior end + +This creates a new entry in the main FIB for IPv6 address XX::YY. All packets whose IPv6 DA matches this FIB entry are redirected to the sr-localsid node, where they are processed as described above. + +Other examples of local SIDs are the following: + + sr localsid (del) address XX::YY behavior end + sr localsid (del) address XX::YY behavior end.x GE0/1/0 2001::a + sr localsid (del) address XX::YY behavior end.dx6 GE0/1/0 2001::a + sr localsid (del) address XX::YY behavior end.dx4 GE0/1/0 10.0.0.1 + sr localsid (del) address XX::YY behavior end.dx2 GigabitE0/11/0 + sr localsid (del) address XX::YY behavior end.dt6 5 + sr localsid (del) address XX::YY behavior end.dt6 5 + +Note that all of these behaviors match the definitions of the SRv6 architecture (*draft-filsfils-spring-srv6-network-programming*). Please refer to this document for a detailed description of each behavior. + +Note also that you can configure the PSP flavor of the End and End.X behaviors by typing: + + sr localsid (del) address XX::YY behavior end psp + sr localsid (del) address XX::YY behavior end.x GE0/1/0 2001::a psp + +Help on the available local SID behaviors and their usage can be obtained with: + + help sr localsid + +Alternatively they can be obtained using. + + show sr localsids behavior + +The difference in between those two commands is that the first one will only display the SR LocalSID behaviors that are built-in VPP, while the latter will display those behaviors plus the ones added with the SR LocalSID Development Framework. + + +VPP keeps a 'My LocalSID Table' where it stores all the SR local SIDs instantiated as well as their parameters. Every time a new local SID is instantiated, a new entry is added to this table. In addition, counters for correctly and incorrectly processed traffic are maintained for each local SID. The counters store both the number of packets and bytes. + +The contents of the 'My LocalSID Table' is shown with: + + vpp# show sr localsid + SRv6 - My LocalSID Table: + ========================= + Address: c3::1 + Behavior: DX6 (Endpoint with decapsulation and IPv6 cross-connect) + Iface: GigabitEthernet0/5/0 + Next hop: b:c3::b + Good traffic: [51277 packets : 5332808 bytes] + Bad traffic: [0 packets : 0 bytes] + -------------------- + +The traffic counters can be reset with: + + vpp# clear sr localsid counters diff --git a/src/vnet/sr/sr_policy.md b/src/vnet/sr/sr_policy.md new file mode 100644 index 00000000000..521b84616c0 --- /dev/null +++ b/src/vnet/sr/sr_policy.md @@ -0,0 +1,56 @@ +# Creating a SR Policy {#srv6_policy_doc} + +An SR Policy is defined by a Binding SID and a weighted set of Segment Lists. + +A new SR policy is created with a first SID list using: + + sr policy add bsid 2001::1 next A1:: next B1:: next C1:: (weight 5) (fib-table 3) + +* The weight parameter is only used if more than one SID list is associated with the policy. +* The fib-table parameter specifies in which table (VRF) the Binding SID is to be installed. + +An SR policy is deleted with: + + sr policy del bsid 2001::1 + sr policy del index 1 + +The existing SR policies are listed with: + + show sr policies + +## Adding/Removing SID Lists from an SR policy + +An additional SID list is associated with an existing SR policy with: + + sr policy mod bsid 2001::1 add sl next A2:: next B2:: next C2:: (weight 3) + sr policy mod index 3 add sl next A2:: next B2:: next C2:: (weight 3) + +Conversely, a SID list can be removed from an SR policy with: + + sr policy mod bsid 2001::1 del sl index 1 + sr policy mod index 3 del sl index 1 + +Note that this cannot be used to remove the last SID list of a policy. + +The weight of a SID list can also be modified with: + + sr policy mod bsid 2001::1 mod sl index 1 weight 4 + sr policy mod index 3 mod sl index 1 weight 4 + +## SR Policies: Spray policies + +Spray policies are a specific type of SR policies where the packet is replicated on all the SID lists, rather than load-balanced among them. + +SID list weights are ignored with this type of policies. + +A Spray policy is instantiated by appending the keyword **spray** to a regular SR policy command, as in: + + sr policy add bsid 2001::1 next A1:: next B1:: next C1:: spray + +Spray policies are used for removing multicast state from a network core domain, and instead send a linear unicast copy to every access node. The last SID in each list accesses the multicast tree within the access node. + +## Encapsulation SR policies + +In case the user decides to create an SR policy an IPv6 Source Address must be specified for the encapsulated traffic. In order to do so the user might use the following command: + + set sr encaps source addr XXXX::YYYY diff --git a/src/vnet/sr/sr_policy_rewrite.c b/src/vnet/sr/sr_policy_rewrite.c index dfdd7950597..de6c1616704 100755 --- a/src/vnet/sr/sr_policy_rewrite.c +++ b/src/vnet/sr/sr_policy_rewrite.c @@ -349,6 +349,7 @@ update_lb (ip6_sr_policy_t * sr_policy) ip6_sr_sl_t *segment_list; ip6_sr_main_t *sm = &sr_main; load_balance_path_t path; + path.path_index = FIB_NODE_INDEX_INVALID; load_balance_path_t *ip4_path_vector = 0; load_balance_path_t *ip6_path_vector = 0; load_balance_path_t *b_path_vector = 0; @@ -447,6 +448,7 @@ update_replicate (ip6_sr_policy_t * sr_policy) ip6_sr_sl_t *segment_list; ip6_sr_main_t *sm = &sr_main; load_balance_path_t path; + path.path_index = FIB_NODE_INDEX_INVALID; load_balance_path_t *b_path_vector = 0; load_balance_path_t *ip6_path_vector = 0; load_balance_path_t *ip4_path_vector = 0; @@ -548,11 +550,10 @@ sr_policy_add (ip6_address_t * bsid, ip6_address_t * segments, { ip6_sr_main_t *sm = &sr_main; ip6_sr_policy_t *sr_policy = 0; - ip6_address_t *key_copy; uword *p; /* Search for existing keys (BSID) */ - p = hash_get_mem (sm->sr_policy_index_by_key, bsid); + p = mhash_get (&sm->sr_policies_index_hash, bsid); if (p) { /* Add SR policy that already exists; complain */ @@ -592,10 +593,8 @@ sr_policy_add (ip6_address_t * bsid, ip6_address_t * segments, sr_policy->is_encap = is_encap; /* Copy the key */ - key_copy = vec_new (ip6_address_t, 1); - clib_memcpy (key_copy, bsid, sizeof (ip6_address_t)); - hash_set_mem (sm->sr_policy_index_by_key, key_copy, - sr_policy - sm->sr_policies); + mhash_set (&sm->sr_policies_index_hash, bsid, sr_policy - sm->sr_policies, + NULL); /* Create a segment list and add the index to the SR policy */ create_sl (sr_policy, segments, weight, is_encap); @@ -635,14 +634,12 @@ sr_policy_del (ip6_address_t * bsid, u32 index) ip6_sr_main_t *sm = &sr_main; ip6_sr_policy_t *sr_policy = 0; ip6_sr_sl_t *segment_list; - ip6_address_t *key_copy; u32 *sl_index; uword *p; - hash_pair_t *hp; if (bsid) { - p = hash_get_mem (sm->sr_policy_index_by_key, bsid); + p = mhash_get (&sm->sr_policies_index_hash, bsid); if (p) sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); else @@ -692,14 +689,11 @@ sr_policy_del (ip6_address_t * bsid, u32 index) } /* Remove SR policy entry */ - hp = hash_get_pair (sm->sr_policy_index_by_key, &sr_policy->bsid); - key_copy = (void *) (hp->key); - hash_unset_mem (sm->sr_policy_index_by_key, &sr_policy->bsid); - vec_free (key_copy); + mhash_unset (&sm->sr_policies_index_hash, &sr_policy->bsid, NULL); pool_put (sm->sr_policies, sr_policy); /* If FIB empty unlock it */ - if (!pool_elts (sm->sr_policies)) + if (!pool_elts (sm->sr_policies) && !pool_elts (sm->steer_policies)) { fib_table_unlock (sm->fib_table_ip6, FIB_PROTOCOL_IP6); fib_table_unlock (sm->fib_table_ip4, FIB_PROTOCOL_IP6); @@ -741,7 +735,7 @@ sr_policy_mod (ip6_address_t * bsid, u32 index, u32 fib_table, if (bsid) { - p = hash_get_mem (sm->sr_policy_index_by_key, bsid); + p = mhash_get (&sm->sr_policies_index_hash, bsid); if (p) sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); else @@ -3208,8 +3202,8 @@ sr_policy_rewrite_init (vlib_main_t * vm) ip6_sr_main_t *sm = &sr_main; /* Init memory for sr policy keys (bsid <-> ip6_address_t) */ - sm->sr_policy_index_by_key = hash_create_mem (0, sizeof (ip6_address_t), - sizeof (uword)); + mhash_init (&sm->sr_policies_index_hash, sizeof (uword), + sizeof (ip6_address_t)); /* Init SR VPO DPOs type */ sr_pr_encaps_dpo_type = diff --git a/src/vnet/sr/sr_steering.c b/src/vnet/sr/sr_steering.c index 86d6f27cbe1..be1bb7ade29 100755 --- a/src/vnet/sr/sr_steering.c +++ b/src/vnet/sr/sr_steering.c @@ -62,14 +62,14 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, u32 sw_if_index, u8 traffic_type) { ip6_sr_main_t *sm = &sr_main; - sr_steering_key_t key, *key_copy; + sr_steering_key_t key; ip6_sr_steering_policy_t *steer_pl; fib_prefix_t pfx = { 0 }; ip6_sr_policy_t *sr_policy = 0; uword *p = 0; - hash_pair_t *hp; + memset (&key, 0, sizeof (sr_steering_key_t)); /* Compute the steer policy key */ if (prefix) @@ -78,6 +78,8 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, key.l3.prefix.as_u64[1] = prefix->as_u64[1]; key.l3.mask_width = mask_width; key.l3.fib_table = (table_id != (u32) ~ 0 ? table_id : 0); + if (traffic_type != SR_STEER_IPV4 && traffic_type != SR_STEER_IPV6) + return -1; } else { @@ -92,12 +94,14 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, vnet_get_sw_interface (sm->vnet_main, sw_if_index); if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE) return -3; + if (traffic_type != SR_STEER_L2) + return -1; } key.traffic_type = traffic_type; /* Search for the item */ - p = hash_get_mem (sm->steer_policies_index_by_key, &key); + p = mhash_get (&sm->sr_steer_policies_hash, &key); if (p) { @@ -152,10 +156,17 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, /* Delete SR steering policy entry */ pool_put (sm->steer_policies, steer_pl); - hp = hash_get_pair (sm->steer_policies_index_by_key, &key); - key_copy = (void *) (hp->key); - hash_unset_mem (sm->steer_policies_index_by_key, &key); - vec_free (key_copy); + mhash_unset (&sm->sr_steer_policies_hash, &key, NULL); + + /* If no more SR policies or steering policies */ + if (!pool_elts (sm->sr_policies) && !pool_elts (sm->steer_policies)) + { + fib_table_unlock (sm->fib_table_ip6, FIB_PROTOCOL_IP6); + fib_table_unlock (sm->fib_table_ip4, FIB_PROTOCOL_IP6); + sm->fib_table_ip6 = (u32) ~ 0; + sm->fib_table_ip4 = (u32) ~ 0; + } + return 1; } else /* It means user requested to update an existing SR steering policy */ @@ -163,7 +174,7 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, /* Retrieve SR steering policy */ if (bsid) { - p = hash_get_mem (sm->sr_policy_index_by_key, bsid); + p = mhash_get (&sm->sr_policies_index_hash, bsid); if (p) sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); else @@ -192,7 +203,6 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, /* Create a new one */ goto update_fib; - } else if (steer_pl->classify.traffic_type == SR_STEER_IPV4) { @@ -224,7 +234,7 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, /* Retrieve SR policy */ if (bsid) { - p = hash_get_mem (sm->sr_policy_index_by_key, bsid); + p = mhash_get (&sm->sr_policies_index_hash, bsid); if (p) sr_policy = pool_elt_at_index (sm->sr_policies, p[0]); else @@ -255,19 +265,14 @@ sr_steering_policy (int is_del, ip6_address_t * bsid, u32 sr_policy_index, { /* Incorrect API usage. Should never get here */ pool_put (sm->steer_policies, steer_pl); - hp = hash_get_pair (sm->steer_policies_index_by_key, &key); - key_copy = (void *) (hp->key); - hash_unset_mem (sm->steer_policies_index_by_key, &key); - vec_free (key_copy); + mhash_unset (&sm->sr_steer_policies_hash, &key, NULL); return -1; } steer_pl->sr_policy = sr_policy - sm->sr_policies; /* Create and store key */ - key_copy = vec_new (sr_steering_key_t, 1); - clib_memcpy (key_copy, &key, sizeof (sr_steering_key_t)); - hash_set_mem (sm->steer_policies_index_by_key, - key_copy, steer_pl - sm->steer_policies); + mhash_set (&sm->sr_steer_policies_hash, &key, steer_pl - sm->steer_policies, + NULL); if (traffic_type == SR_STEER_L2) { @@ -345,18 +350,12 @@ update_fib: cleanup_error_encap: pool_put (sm->steer_policies, steer_pl); - hp = hash_get_pair (sm->steer_policies_index_by_key, &key); - key_copy = (void *) (hp->key); - hash_unset_mem (sm->steer_policies_index_by_key, &key); - vec_free (key_copy); + mhash_unset (&sm->sr_steer_policies_hash, &key, NULL); return -5; cleanup_error_redirection: pool_put (sm->steer_policies, steer_pl); - hp = hash_get_pair (sm->steer_policies_index_by_key, &key); - key_copy = (void *) (hp->key); - hash_unset_mem (sm->steer_policies_index_by_key, &key); - vec_free (key_copy); + mhash_unset (&sm->sr_steer_policies_hash, &key, NULL); return -3; } @@ -379,6 +378,8 @@ sr_steer_policy_command_fn (vlib_main_t * vm, unformat_input_t * input, u8 sr_policy_set = 0; + memset (&prefix, 0, sizeof (ip46_address_t)); + int rv; while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) { @@ -450,7 +451,7 @@ sr_steer_policy_command_fn (vlib_main_t * vm, unformat_input_t * input, "Unable to do SW redirect. Incorrect interface."); case -4: return clib_error_return (0, - "The requested SR policy could not be deleted. Review the BSID/index."); + "The requested SR steering policy could not be deleted."); case -5: return clib_error_return (0, "The SR policy is not an encapsulation one."); @@ -541,8 +542,8 @@ sr_steering_init (vlib_main_t * vm) ip6_sr_main_t *sm = &sr_main; /* Init memory for function keys */ - sm->steer_policies_index_by_key = - hash_create_mem (0, sizeof (sr_steering_key_t), sizeof (uword)); + mhash_init (&sm->sr_steer_policies_hash, sizeof (uword), + sizeof (sr_steering_key_t)); sm->sw_iface_sr_policies = 0; diff --git a/src/vnet/sr/sr_steering.md b/src/vnet/sr/sr_steering.md new file mode 100644 index 00000000000..cf446f8171e --- /dev/null +++ b/src/vnet/sr/sr_steering.md @@ -0,0 +1,11 @@ +# Steering packets into a SR Policy {#srv6_steering_doc} + +To steer packets in Transit into an SR policy (T.Insert, T.Encaps and T.Encaps.L2 behaviors), the user needs to create an 'sr steering policy'. + + sr steer l3 2001::/64 via sr policy index 1 + sr steer l3 2001::/64 via sr policy bsid cafe::1 + sr steer l3 2001::/64 via sr policy bsid cafe::1 fib-table 3 + sr steer l3 10.0.0.0/16 via sr policy bsid cafe::1 + sr steer l2 TenGE0/1/0 via sr policy bsid cafe::1 + +Disclaimer: The T.Encaps.L2 will steer L2 frames into an SR Policy. Notice that creating an SR steering policy for L2 frames will actually automatically *put the interface into promiscous mode*. |