aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/gbp/gbp.api
AgeCommit message (Collapse)AuthorFilesLines
2019-07-05gbp: update gbp-ext-itf APIBenoît Ganne1-8/+7
Change gbp-ext-itf API to create anonymous ext-itf through the same API as non-anonymous instead of a new API Type: refactor Change-Id: I381ff2a5bcd55276793df78ca891334c28946cd0 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-02gbp: add anonymous l3-out subnetsBenoît Ganne1-0/+1
An anonymous l3-out subnet is a locally attached l3-out subnet, and differs from regular l3-out subnets in the way adjacencies are managed. It is required for the anonymous l3-out external interfaces to correctly classify locally attached l3-out hosts. Type: feature Change-Id: Ie7bc88b1f22abc4d0b46db5f3cfbf208bc53ba5f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-02gbp: add anonymous l3-out external interfacesBenoît Ganne1-0/+8
So far, GBP l3-out packets classification & policy relied on programmed EP. All traffic to/from l3-out must go through a known EP. This patch introduces a new feature where l3-out next-hops are only known by their subnets (l3-out prefixes). As there are no longer known EPs to program, an interface must be configured as external anonymous l3-out. Packets classification & policy on this interface will rely on the external subnets programmed in the BD VRF. Note that contrary to all other interfaces in a GBP BD, external anonymous l3-out interfaces have BD L2 learning turned on and rely on ARP/ND. Type: feature Change-Id: Ieedb29dff4e967d08c4301e82d06bff450a63e5f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-01gbp: VRF scoped contractsNeale Ranns1-0/+5
Type: feature Change-Id: I01772cfc3a0118a5c49bf346339788824e6931b2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-04GBP: Counters per-contractNeale Ranns1-1/+7
Change-Id: I28bb9e3d3ea3a99a9e24801ef5241a0099186108 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-04gbp: Add bd flagsMohsin Kazmi1-0/+3
Add flags for unknown unicast drop, multicast and broadcast drop and arp unicast. Change-Id: I1203137510b8bee0a20ecfe5f2efad8043d4bac6 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-03-12GBP: custom-dump functionsNeale Ranns1-14/+14
Change-Id: I719882acb59bd069fd88b10989f11085a0c41ae6 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-03-12GBP: contracts API fixed length of allowed ethertypesNeale Ranns1-2/+2
VAPI does not handle two VLAs in one struct. Change-Id: I259c998bef4398ead2bbb9e788350d50c2f05694 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-08updates now that flags are supported on the APINeale Ranns1-2/+0
Change-Id: I9c45f390a6454c114f12f9c46c3a93fcecffa73f Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-06GBP: use sclass in the DP for policyNeale Ranns1-7/+7
Change-Id: I154e18f22ec7708127b8ade98e80546ab1dcd05b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-06GBP: learn from ARP and L2 packetsNeale Ranns1-0/+1
Change-Id: I8af7bca566ec7c9bd2b72529d49e04c6e649b44a Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-05GBP: per-group EP retention policyNeale Ranns1-12/+6
Change-Id: I3ed4e2e92f74f15b07fcd3e7fbc3fa8718d5249d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-22GBP: Sclass to src-epg conversionsNeale Ranns1-0/+2
Change-Id: Ica88268fd6a6ee01da7e9219bb4e81f22ed2fd4b Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-21GBP: add allowed ethertypes to contractsNeale Ranns1-0/+2
Change-Id: I74782d3b9b71a071bb500c34866a017b8ee15767 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-11-29GBP: l3-out subnetsNeale Ranns1-5/+34
Change-Id: Id4a20066fc5be716c61a497dfcb4d00dc1dbb28d Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-11-20vom: Add support for redirect contracts in gbpMohsin Kazmi1-0/+1
Change-Id: I18543785166811ddbd628d19065d3dfad3f948e9 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-11-15GBP: redirect contractsNeale Ranns1-1/+37
Change-Id: I463b153de93cfec29a9c15e8e84e41f6003d4c5f Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-11-07GBP: Endpoints with VLAN tags and birdges that don't learnNeale Ranns1-0/+7
Change-Id: I20192f3a8f4f01f47e775746f6fde7c685f185ee Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-11-07GBP Endpoint LearningNeale Ranns1-6/+163
Learning GBP endpoints over vxlan-gbp tunnels Change-Id: I1db9fda5a16802d9ad8b4efd4e475614f3b21502 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-09-11GBP Endpoint UpdatesNeale Ranns1-10/+24
- common types on the API - endpoints keyed in various ways for DP lookup - conparison functions for VPP IP address types Change-Id: If7ec0bbc5cea71fd0983fe78987d147ec1bd7ec8 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-09-10vxlan-gbp: Add support for vxlan gbpMohsin Kazmi1-6/+6
This patch implements vxlan with extension of group based policy support. Change-Id: I70405bf7332c02867286da8958d9652837edd3c2 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-04-13GBP V2Neale Ranns1-1/+89
update the GBP plugin to implement the full NAT feature set of opflex agent Change-Id: Ic06a039c889445ed0b9087fa1f292634192b0f8d Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-09GBP pluginNeale Ranns1-0/+83
Group Base Policy (GBP) defines: - endpoints: typically a VM or container that is connected to the virtual switch/router (i.e. to VPP) - endpoint-group: (EPG) a collection of endpoints - policy: rules determining which traffic can pass between EPGs a.k.a a 'contract' Here, policy is implemented via an ACL. EPG classification for transit packets is determined by: - source EPG: from the packet's input interface - destination EPG: from the packet's destination IP address. Change-Id: I7b983844826b5fc3d49e21353ebda9df9b224e25 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>