summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/plugins/gbp/gbp_classify_node.c4
-rw-r--r--src/plugins/gbp/gbp_policy_dpo.c20
-rw-r--r--src/vnet/vxlan-gbp/vxlan_gbp.api7
-rw-r--r--src/vnet/vxlan-gbp/vxlan_gbp_api.c26
4 files changed, 48 insertions, 9 deletions
diff --git a/src/plugins/gbp/gbp_classify_node.c b/src/plugins/gbp/gbp_classify_node.c
index 9d9e29303e6..1179076a4c7 100644
--- a/src/plugins/gbp/gbp_classify_node.c
+++ b/src/plugins/gbp/gbp_classify_node.c
@@ -516,6 +516,10 @@ gbp_lpm_classify_inline (vlib_main_t * vm,
lb0 = load_balance_get (lbi0);
dpo0 = load_balance_get_bucket_i (lb0, 0);
+ /* all packets from an external network should not be learned by the
+ * reciever. so set the Do-not-learn bit here */
+ vnet_buffer2 (b0)->gbp.flags = VXLAN_GBP_GPFLAGS_D;
+
if (gbp_policy_dpo_type == dpo0->dpoi_type)
{
gpd0 = gbp_policy_dpo_get (dpo0->dpoi_index);
diff --git a/src/plugins/gbp/gbp_policy_dpo.c b/src/plugins/gbp/gbp_policy_dpo.c
index c52dcc4dc48..5fb04ff4df5 100644
--- a/src/plugins/gbp/gbp_policy_dpo.c
+++ b/src/plugins/gbp/gbp_policy_dpo.c
@@ -211,10 +211,11 @@ VLIB_INIT_FUNCTION (gbp_policy_dpo_module_init);
typedef struct gbp_policy_dpo_trace_t_
{
- u32 src_epg;
- u32 dst_epg;
+ u32 sclass;
+ u32 dclass;
u32 acl_index;
u32 a_bit;
+ u32 action;
} gbp_policy_dpo_trace_t;
typedef enum
@@ -268,7 +269,9 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
gbp_contract_t *gc0;
vlib_buffer_t *b0;
index_t gci0;
+ u8 action0;
+ action0 = 0;
bi0 = from[0];
to_next[0] = bi0;
from += 1;
@@ -302,6 +305,7 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
*/
next0 = gpd0->gpd_dpo.dpoi_next_node;
vnet_buffer2 (b0)->gbp.flags |= VXLAN_GBP_GPFLAGS_A;
+ action0 = 0;
}
else
{
@@ -310,7 +314,6 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
if (INDEX_INVALID != gci0)
{
fa_5tuple_opaque_t pkt_5tuple0;
- u8 action0 = 0;
u32 acl_pos_p0, acl_match_p0;
u32 rule_match_p0, trace_bitmap0;
/*
@@ -335,9 +338,9 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
if (action0 > 0)
{
-
vnet_buffer2 (b0)->gbp.flags |= VXLAN_GBP_GPFLAGS_A;
gu = gbp_rule_get (gc0->gc_rules[rule_match_p0]);
+ action0 = gu->gu_action;
switch (gu->gu_action)
{
@@ -369,10 +372,11 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
gbp_policy_dpo_trace_t *tr;
tr = vlib_add_trace (vm, node, b0, sizeof (*tr));
- tr->src_epg = key0.gck_src;
- tr->dst_epg = key0.gck_dst;
+ tr->sclass = key0.gck_src;
+ tr->dclass = key0.gck_dst;
tr->acl_index = (gc0 ? gc0->gc_acl_index : ~0);
tr->a_bit = vnet_buffer2 (b0)->gbp.flags & VXLAN_GBP_GPFLAGS_A;
+ tr->action = action0;
}
vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
@@ -390,8 +394,8 @@ format_gbp_policy_dpo_trace (u8 * s, va_list * args)
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
gbp_policy_dpo_trace_t *t = va_arg (*args, gbp_policy_dpo_trace_t *);
- s = format (s, " src-epg:%d dst-epg:%d acl-index:%d a-bit:%d",
- t->src_epg, t->dst_epg, t->acl_index, t->a_bit);
+ s = format (s, " sclass:%d dclass:%d acl-index:%d a-bit:%d action:%d",
+ t->sclass, t->dclass, t->acl_index, t->a_bit, t->action);
return s;
}
diff --git a/src/vnet/vxlan-gbp/vxlan_gbp.api b/src/vnet/vxlan-gbp/vxlan_gbp.api
index 3e213ddc563..13ec50395bc 100644
--- a/src/vnet/vxlan-gbp/vxlan_gbp.api
+++ b/src/vnet/vxlan-gbp/vxlan_gbp.api
@@ -17,6 +17,12 @@
option version = "1.1.0";
import "vnet/ip/ip_types.api";
+enum vxlan_gbp_api_tunnel_mode
+{
+ VXLAN_GBP_API_TUNNEL_MODE_L2,
+ VXLAN_GBP_API_TUNNEL_MODE_L3,
+};
+
/** \brief Definition of a VXLAN GBP tunnel
@param instance - optional unique custom device instance, else ~0.
@param src - Source IP address
@@ -35,6 +41,7 @@ typedef vxlan_gbp_tunnel
u32 encap_table_id;
u32 vni;
u32 sw_if_index;
+ vl_api_vxlan_gbp_api_tunnel_mode_t mode;
};
/** \brief Create or delete a VXLAN-GBP tunnel
diff --git a/src/vnet/vxlan-gbp/vxlan_gbp_api.c b/src/vnet/vxlan-gbp/vxlan_gbp_api.c
index f5e97e5a364..6a87d4dda52 100644
--- a/src/vnet/vxlan-gbp/vxlan_gbp_api.c
+++ b/src/vnet/vxlan-gbp/vxlan_gbp_api.c
@@ -66,10 +66,29 @@ static void
REPLY_MACRO (VL_API_SW_INTERFACE_SET_VXLAN_GBP_BYPASS_REPLY);
}
+static int
+vxlan_gbp_tunnel_mode_decode (vl_api_vxlan_gbp_api_tunnel_mode_t in,
+ vxlan_gbp_tunnel_mode_t * out)
+{
+ in = clib_net_to_host_u32 (in);
+
+ switch (in)
+ {
+ case VXLAN_GBP_API_TUNNEL_MODE_L2:
+ *out = VXLAN_GBP_TUNNEL_MODE_L2;
+ return (0);
+ case VXLAN_GBP_API_TUNNEL_MODE_L3:
+ *out = VXLAN_GBP_TUNNEL_MODE_L3;
+ return (0);
+ }
+ return (1);
+}
+
static void vl_api_vxlan_gbp_tunnel_add_del_t_handler
(vl_api_vxlan_gbp_tunnel_add_del_t * mp)
{
vl_api_vxlan_gbp_tunnel_add_del_reply_t *rmp;
+ vxlan_gbp_tunnel_mode_t mode;
ip46_address_t src, dst;
ip46_type_t itype;
int rv = 0;
@@ -86,6 +105,11 @@ static void vl_api_vxlan_gbp_tunnel_add_del_t_handler
goto out;
}
+ rv = vxlan_gbp_tunnel_mode_decode (mp->tunnel.mode, &mode);
+
+ if (rv)
+ goto out;
+
vnet_vxlan_gbp_tunnel_add_del_args_t a = {
.is_add = mp->is_add,
.is_ip6 = (itype == IP46_TYPE_IP6),
@@ -95,7 +119,7 @@ static void vl_api_vxlan_gbp_tunnel_add_del_t_handler
.vni = ntohl (mp->tunnel.vni),
.dst = dst,
.src = src,
- .mode = VXLAN_GBP_TUNNEL_MODE_L2,
+ .mode = mode,
};
/* Check src & dst are different */