Age | Commit message (Collapse) | Author | Files | Lines |
|
An anonymous l3-out subnet is a locally attached l3-out subnet, and
differs from regular l3-out subnets in the way adjacencies are managed.
It is required for the anonymous l3-out external interfaces to correctly
classify locally attached l3-out hosts.
Type: feature
Change-Id: Ie7bc88b1f22abc4d0b46db5f3cfbf208bc53ba5f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
So far, GBP l3-out packets classification & policy relied on programmed
EP. All traffic to/from l3-out must go through a known EP.
This patch introduces a new feature where l3-out next-hops are only
known by their subnets (l3-out prefixes). As there are no longer known
EPs to program, an interface must be configured as external anonymous
l3-out. Packets classification & policy on this interface will rely on
the external subnets programmed in the BD VRF.
Note that contrary to all other interfaces in a GBP BD, external
anonymous l3-out interfaces have BD L2 learning turned on and rely on
ARP/ND.
Type: feature
Change-Id: Ieedb29dff4e967d08c4301e82d06bff450a63e5f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: feature
Change-Id: I01772cfc3a0118a5c49bf346339788824e6931b2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I28bb9e3d3ea3a99a9e24801ef5241a0099186108
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add flags for unknown unicast drop, multicast and broadcast
drop and arp unicast.
Change-Id: I1203137510b8bee0a20ecfe5f2efad8043d4bac6
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: I719882acb59bd069fd88b10989f11085a0c41ae6
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
VAPI does not handle two VLAs in one struct.
Change-Id: I259c998bef4398ead2bbb9e788350d50c2f05694
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I9c45f390a6454c114f12f9c46c3a93fcecffa73f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I154e18f22ec7708127b8ade98e80546ab1dcd05b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I8af7bca566ec7c9bd2b72529d49e04c6e649b44a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I3ed4e2e92f74f15b07fcd3e7fbc3fa8718d5249d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ica88268fd6a6ee01da7e9219bb4e81f22ed2fd4b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I74782d3b9b71a071bb500c34866a017b8ee15767
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Id4a20066fc5be716c61a497dfcb4d00dc1dbb28d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I18543785166811ddbd628d19065d3dfad3f948e9
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: I463b153de93cfec29a9c15e8e84e41f6003d4c5f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I20192f3a8f4f01f47e775746f6fde7c685f185ee
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Learning GBP endpoints over vxlan-gbp tunnels
Change-Id: I1db9fda5a16802d9ad8b4efd4e475614f3b21502
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
- common types on the API
- endpoints keyed in various ways for DP lookup
- conparison functions for VPP IP address types
Change-Id: If7ec0bbc5cea71fd0983fe78987d147ec1bd7ec8
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
This patch implements vxlan with extension of group based
policy support.
Change-Id: I70405bf7332c02867286da8958d9652837edd3c2
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
update the GBP plugin to implement the full NAT feature set of opflex agent
Change-Id: Ic06a039c889445ed0b9087fa1f292634192b0f8d
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Group Base Policy (GBP) defines:
- endpoints: typically a VM or container that is connected to the
virtual switch/router (i.e. to VPP)
- endpoint-group: (EPG) a collection of endpoints
- policy: rules determining which traffic can pass between EPGs a.k.a
a 'contract'
Here, policy is implemented via an ACL.
EPG classification for transit packets is determined by:
- source EPG: from the packet's input interface
- destination EPG: from the packet's destination IP address.
Change-Id: I7b983844826b5fc3d49e21353ebda9df9b224e25
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|