GBP: fixes for l3-out routing

Change-Id: I4d73b712da911588d511a8401b73cdc3c66346fe
Signed-off-by: Neale Ranns <nranns@cisco.com>

4 files changed, 48 insertions, 9 deletions

diff --git a/src/plugins/gbp/gbp_classify_node.c b/src/plugins/gbp/gbp_classify_node.c
index 9d9e29303e6..1179076a4c7 100644
--- a/src/plugins/gbp/gbp_classify_node.c
+++ b/src/plugins/gbp/gbp_classify_node.c
@@ -516,6 +516,10 @@ gbp_lpm_classify_inline (vlib_main_t * vm,
 	  lb0 = load_balance_get (lbi0);
 	  dpo0 = load_balance_get_bucket_i (lb0, 0);
 
+	  /* all packets from an external network should not be learned by the
+	   * reciever. so set the Do-not-learn bit here */
+	  vnet_buffer2 (b0)->gbp.flags = VXLAN_GBP_GPFLAGS_D;
+
 	  if (gbp_policy_dpo_type == dpo0->dpoi_type)
 	    {
 	      gpd0 = gbp_policy_dpo_get (dpo0->dpoi_index);
diff --git a/src/plugins/gbp/gbp_policy_dpo.c b/src/plugins/gbp/gbp_policy_dpo.c
index c52dcc4dc48..5fb04ff4df5 100644
--- a/src/plugins/gbp/gbp_policy_dpo.c
+++ b/src/plugins/gbp/gbp_policy_dpo.c
@@ -211,10 +211,11 @@ VLIB_INIT_FUNCTION (gbp_policy_dpo_module_init);
 
 typedef struct gbp_policy_dpo_trace_t_
 {
-  u32 src_epg;
-  u32 dst_epg;
+  u32 sclass;
+  u32 dclass;
   u32 acl_index;
   u32 a_bit;
+  u32 action;
 } gbp_policy_dpo_trace_t;
 
 typedef enum
@@ -268,7 +269,9 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
 	  gbp_contract_t *gc0;
 	  vlib_buffer_t *b0;
 	  index_t gci0;
+	  u8 action0;
 
+	  action0 = 0;
 	  bi0 = from[0];
 	  to_next[0] = bi0;
 	  from += 1;
@@ -302,6 +305,7 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
 		   */
 		  next0 = gpd0->gpd_dpo.dpoi_next_node;
 		  vnet_buffer2 (b0)->gbp.flags |= VXLAN_GBP_GPFLAGS_A;
+		  action0 = 0;
 		}
 	      else
 		{
@@ -310,7 +314,6 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
 		  if (INDEX_INVALID != gci0)
 		    {
 		      fa_5tuple_opaque_t pkt_5tuple0;
-		      u8 action0 = 0;
 		      u32 acl_pos_p0, acl_match_p0;
 		      u32 rule_match_p0, trace_bitmap0;
 		      /*
@@ -335,9 +338,9 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
 
 		      if (action0 > 0)
 			{
-
 			  vnet_buffer2 (b0)->gbp.flags |= VXLAN_GBP_GPFLAGS_A;
 			  gu = gbp_rule_get (gc0->gc_rules[rule_match_p0]);
+			  action0 = gu->gu_action;
 
 			  switch (gu->gu_action)
 			    {
@@ -369,10 +372,11 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
 	      gbp_policy_dpo_trace_t *tr;
 
 	      tr = vlib_add_trace (vm, node, b0, sizeof (*tr));
-	      tr->src_epg = key0.gck_src;
-	      tr->dst_epg = key0.gck_dst;
+	      tr->sclass = key0.gck_src;
+	      tr->dclass = key0.gck_dst;
 	      tr->acl_index = (gc0 ? gc0->gc_acl_index : ~0);
 	      tr->a_bit = vnet_buffer2 (b0)->gbp.flags & VXLAN_GBP_GPFLAGS_A;
+	      tr->action = action0;
 	    }
 
 	  vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
@@ -390,8 +394,8 @@ format_gbp_policy_dpo_trace (u8 * s, va_list * args)
   CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
   gbp_policy_dpo_trace_t *t = va_arg (*args, gbp_policy_dpo_trace_t *);
 
-  s = format (s, " src-epg:%d dst-epg:%d acl-index:%d a-bit:%d",
-	      t->src_epg, t->dst_epg, t->acl_index, t->a_bit);
+  s = format (s, " sclass:%d dclass:%d acl-index:%d a-bit:%d action:%d",
+	      t->sclass, t->dclass, t->acl_index, t->a_bit, t->action);
 
   return s;
 }
diff --git a/src/vnet/vxlan-gbp/vxlan_gbp.api b/src/vnet/vxlan-gbp/vxlan_gbp.api
index 3e213ddc563..13ec50395bc 100644
--- a/src/vnet/vxlan-gbp/vxlan_gbp.api
+++ b/src/vnet/vxlan-gbp/vxlan_gbp.api
@@ -17,6 +17,12 @@
 option version = "1.1.0";
 import "vnet/ip/ip_types.api";
 
+enum vxlan_gbp_api_tunnel_mode
+{
+  VXLAN_GBP_API_TUNNEL_MODE_L2,
+  VXLAN_GBP_API_TUNNEL_MODE_L3,
+};
+
 /** \brief Definition of a VXLAN GBP tunnel
     @param instance - optional unique custom device instance, else ~0.
     @param src - Source IP address
@@ -35,6 +41,7 @@ typedef vxlan_gbp_tunnel
   u32 encap_table_id;
   u32 vni;
   u32 sw_if_index;
+  vl_api_vxlan_gbp_api_tunnel_mode_t mode;
 };
 
 /** \brief Create or delete a VXLAN-GBP tunnel
diff --git a/src/vnet/vxlan-gbp/vxlan_gbp_api.c b/src/vnet/vxlan-gbp/vxlan_gbp_api.c
index f5e97e5a364..6a87d4dda52 100644
--- a/src/vnet/vxlan-gbp/vxlan_gbp_api.c
+++ b/src/vnet/vxlan-gbp/vxlan_gbp_api.c
@@ -66,10 +66,29 @@ static void
   REPLY_MACRO (VL_API_SW_INTERFACE_SET_VXLAN_GBP_BYPASS_REPLY);
 }
 
+static int
+vxlan_gbp_tunnel_mode_decode (vl_api_vxlan_gbp_api_tunnel_mode_t in,
+			      vxlan_gbp_tunnel_mode_t * out)
+{
+  in = clib_net_to_host_u32 (in);
+
+  switch (in)
+    {
+    case VXLAN_GBP_API_TUNNEL_MODE_L2:
+      *out = VXLAN_GBP_TUNNEL_MODE_L2;
+      return (0);
+    case VXLAN_GBP_API_TUNNEL_MODE_L3:
+      *out = VXLAN_GBP_TUNNEL_MODE_L3;
+      return (0);
+    }
+  return (1);
+}
+
 static void vl_api_vxlan_gbp_tunnel_add_del_t_handler
   (vl_api_vxlan_gbp_tunnel_add_del_t * mp)
 {
   vl_api_vxlan_gbp_tunnel_add_del_reply_t *rmp;
+  vxlan_gbp_tunnel_mode_t mode;
   ip46_address_t src, dst;
   ip46_type_t itype;
   int rv = 0;
@@ -86,6 +105,11 @@ static void vl_api_vxlan_gbp_tunnel_add_del_t_handler
       goto out;
     }
 
+  rv = vxlan_gbp_tunnel_mode_decode (mp->tunnel.mode, &mode);
+
+  if (rv)
+    goto out;
+
   vnet_vxlan_gbp_tunnel_add_del_args_t a = {
     .is_add = mp->is_add,
     .is_ip6 = (itype == IP46_TYPE_IP6),
@@ -95,7 +119,7 @@ static void vl_api_vxlan_gbp_tunnel_add_del_t_handler
     .vni = ntohl (mp->tunnel.vni),
     .dst = dst,
     .src = src,
-    .mode = VXLAN_GBP_TUNNEL_MODE_L2,
+    .mode = mode,
   };
 
   /* Check src & dst are different */