From a9855ef839ab99d7e66b9dd8d706b14cc8cd77dd Mon Sep 17 00:00:00 2001 From: Ole Troan Date: Wed, 2 May 2018 12:45:10 +0200 Subject: Flow: Rename IPFIX exporter. Change-Id: I9363cf54b73f7cfd8622af6f1cb250438ea0d3b6 Signed-off-by: Ole Troan --- src/plugins/flowprobe/flowprobe.h | 4 +- src/plugins/ioam/analyse/ioam_summary_export.h | 2 +- src/plugins/ioam/export-common/ioam_export.h | 2 +- src/plugins/ioam/ipfixcollector/node.c | 2 +- src/plugins/ioam/udp-ping/udp_ping_export.c | 2 +- src/plugins/nat/nat_ipfix_logging.c | 2 +- src/vnet.am | 18 +- src/vnet/flow/flow.api | 149 ------- src/vnet/flow/flow_api.c | 396 ------------------ src/vnet/flow/flow_report.c | 529 ----------------------- src/vnet/flow/flow_report.h | 159 ------- src/vnet/flow/flow_report_classify.c | 556 ------------------------- src/vnet/flow/flow_report_classify.h | 134 ------ src/vnet/flow/ipfix_info_elements.h | 443 -------------------- src/vnet/flow/ipfix_packet.h | 206 --------- src/vnet/ipfix-export/flow_api.c | 396 ++++++++++++++++++ src/vnet/ipfix-export/flow_report.c | 529 +++++++++++++++++++++++ src/vnet/ipfix-export/flow_report.h | 159 +++++++ src/vnet/ipfix-export/flow_report_classify.c | 556 +++++++++++++++++++++++++ src/vnet/ipfix-export/flow_report_classify.h | 134 ++++++ src/vnet/ipfix-export/ipfix_export.api | 149 +++++++ src/vnet/ipfix-export/ipfix_info_elements.h | 443 ++++++++++++++++++++ src/vnet/ipfix-export/ipfix_packet.h | 206 +++++++++ src/vnet/vnet_all_api_h.h | 2 +- 24 files changed, 2589 insertions(+), 2589 deletions(-) delete mode 100644 src/vnet/flow/flow.api delete mode 100644 src/vnet/flow/flow_api.c delete mode 100644 src/vnet/flow/flow_report.c delete mode 100644 src/vnet/flow/flow_report.h delete mode 100644 src/vnet/flow/flow_report_classify.c delete mode 100644 src/vnet/flow/flow_report_classify.h delete mode 100644 src/vnet/flow/ipfix_info_elements.h delete mode 100644 src/vnet/flow/ipfix_packet.h create mode 100644 src/vnet/ipfix-export/flow_api.c create mode 100644 src/vnet/ipfix-export/flow_report.c create mode 100644 src/vnet/ipfix-export/flow_report.h create mode 100644 src/vnet/ipfix-export/flow_report_classify.c create mode 100644 src/vnet/ipfix-export/flow_report_classify.h create mode 100644 src/vnet/ipfix-export/ipfix_export.api create mode 100644 src/vnet/ipfix-export/ipfix_info_elements.h create mode 100644 src/vnet/ipfix-export/ipfix_packet.h diff --git a/src/plugins/flowprobe/flowprobe.h b/src/plugins/flowprobe/flowprobe.h index 02ee053c911..92c3f9063a3 100644 --- a/src/plugins/flowprobe/flowprobe.h +++ b/src/plugins/flowprobe/flowprobe.h @@ -23,8 +23,8 @@ #include #include -#include -#include +#include +#include #include /* Default timers in seconds */ diff --git a/src/plugins/ioam/analyse/ioam_summary_export.h b/src/plugins/ioam/analyse/ioam_summary_export.h index b435506187d..1397f9e8bd4 100755 --- a/src/plugins/ioam/analyse/ioam_summary_export.h +++ b/src/plugins/ioam/analyse/ioam_summary_export.h @@ -16,7 +16,7 @@ #define __included_ip6_ioam_flow_report_h__ #include -#include +#include #define foreach_ioam_ipfix_info_element \ _(ioamPacketSent, 5239, u32) \ diff --git a/src/plugins/ioam/export-common/ioam_export.h b/src/plugins/ioam/export-common/ioam_export.h index 74347683e10..36d71d26716 100644 --- a/src/plugins/ioam/export-common/ioam_export.h +++ b/src/plugins/ioam/export-common/ioam_export.h @@ -22,7 +22,7 @@ #include #include #include -#include +#include #include #include diff --git a/src/plugins/ioam/ipfixcollector/node.c b/src/plugins/ioam/ipfixcollector/node.c index fce997aedb7..ae8ed1e4092 100644 --- a/src/plugins/ioam/ipfixcollector/node.c +++ b/src/plugins/ioam/ipfixcollector/node.c @@ -18,7 +18,7 @@ #include #include #include -#include +#include #define foreach_ipfix_collector_error \ _(PROCESSED, "Number of IP-Fix packets processed") \ diff --git a/src/plugins/ioam/udp-ping/udp_ping_export.c b/src/plugins/ioam/udp-ping/udp_ping_export.c index 91cbb4bd157..2b3a4de11a4 100644 --- a/src/plugins/ioam/udp-ping/udp_ping_export.c +++ b/src/plugins/ioam/udp-ping/udp_ping_export.c @@ -13,7 +13,7 @@ * limitations under the License. */ -#include +#include #include #include #include diff --git a/src/plugins/nat/nat_ipfix_logging.c b/src/plugins/nat/nat_ipfix_logging.c index 70d8d6b1c62..b4b940e7f92 100644 --- a/src/plugins/nat/nat_ipfix_logging.c +++ b/src/plugins/nat/nat_ipfix_logging.c @@ -15,7 +15,7 @@ * limitations under the License. */ -#include +#include #include #include diff --git a/src/vnet.am b/src/vnet.am index 058948dce0e..adf93398648 100644 --- a/src/vnet.am +++ b/src/vnet.am @@ -828,26 +828,26 @@ API_FILES += vnet/srmpls/sr_mpls.api # IPFIX / netflow v10 ######################################## libvnet_la_SOURCES += \ - vnet/flow/flow_report.c \ - vnet/flow/flow_api.c + vnet/ipfix-export/flow_report.c \ + vnet/ipfix-export/flow_api.c nobase_include_HEADERS += \ - vnet/flow/flow_report.h \ - vnet/flow/ipfix_info_elements.h \ - vnet/flow/ipfix_packet.h \ - vnet/flow/flow.api.h + vnet/ipfix-export/flow_report.h \ + vnet/ipfix-export/ipfix_info_elements.h \ + vnet/ipfix-export/ipfix_packet.h \ + vnet/ipfix-export/ipfix_export.api.h -API_FILES += vnet/flow/flow.api +API_FILES += vnet/ipfix-export/ipfix_export.api ######################################## # IPFIX classify code ######################################## libvnet_la_SOURCES += \ - vnet/flow/flow_report_classify.c + vnet/ipfix-export/flow_report_classify.c nobase_include_HEADERS += \ - vnet/flow/flow_report_classify.h + vnet/ipfix-export/flow_report_classify.h ######################################## # lawful intercept diff --git a/src/vnet/flow/flow.api b/src/vnet/flow/flow.api deleted file mode 100644 index 9bd3790a430..00000000000 --- a/src/vnet/flow/flow.api +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright (c) 2015-2016 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -option version = "1.0.0"; - -/** \brief Configure IPFIX exporter process request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param collector_address - address of IPFIX collector - @param collector_port - port of IPFIX collector - @param src_address - address of IPFIX exporter - @param vrf_id - VRF / fib table ID - @param path_mtu - Path MTU between exporter and collector - @param template_interval - number of seconds after which to resend template - @param udp_checksum - UDP checksum calculation enable flag -*/ -autoreply define set_ipfix_exporter -{ - u32 client_index; - u32 context; - u8 collector_address[16]; - u16 collector_port; - u8 src_address[16]; - u32 vrf_id; - u32 path_mtu; - u32 template_interval; - u8 udp_checksum; -}; - -/** \brief IPFIX exporter dump request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request -*/ -define ipfix_exporter_dump -{ - u32 client_index; - u32 context; -}; - -/** \brief Reply to IPFIX exporter dump request - @param context - sender context which was passed in the request - @param collector_address - address of IPFIX collector - @param collector_port - port of IPFIX collector - @param src_address - address of IPFIX exporter - @param fib_index - fib table index - @param path_mtu - Path MTU between exporter and collector - @param template_interval - number of seconds after which to resend template - @param udp_checksum - UDP checksum calculation enable flag -*/ -define ipfix_exporter_details -{ - u32 context; - u8 collector_address[16]; - u16 collector_port; - u8 src_address[16]; - u32 vrf_id; - u32 path_mtu; - u32 template_interval; - u8 udp_checksum; -}; - -/** \brief IPFIX classify stream configure request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param domain_id - domain ID reported in IPFIX messages for classify stream - @param src_port - source port of UDP session for classify stream -*/ -autoreply define set_ipfix_classify_stream { - u32 client_index; - u32 context; - u32 domain_id; - u16 src_port; -}; - -/** \brief IPFIX classify stream dump request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request -*/ -define ipfix_classify_stream_dump { - u32 client_index; - u32 context; -}; - -/** \brief Reply to IPFIX classify stream dump request - @param context - sender context, to match reply w/ request - @param domain_id - domain ID reported in IPFIX messages for classify stream - @param src_port - source port of UDP session for classify stream -*/ -define ipfix_classify_stream_details { - u32 context; - u32 domain_id; - u16 src_port; -}; - -/** \brief IPFIX add or delete classifier table request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param table_id - classifier table ID - @param ip_version - version of IP used in the classifier table - @param transport_protocol - transport protocol used in the classifier table or 255 for unspecified -*/ -autoreply define ipfix_classify_table_add_del { - u32 client_index; - u32 context; - u32 table_id; - u8 ip_version; - u8 transport_protocol; - u8 is_add; -}; - -/** \brief IPFIX classify tables dump request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request -*/ -define ipfix_classify_table_dump { - u32 client_index; - u32 context; -}; - -/** \brief Reply to IPFIX classify tables dump request - @param context - sender context, to match reply w/ request - @param table_id - classifier table ID - @param ip_version - version of IP used in the classifier table - @param transport_protocol - transport protocol used in the classifier table or 255 for unspecified -*/ -define ipfix_classify_table_details { - u32 context; - u32 table_id; - u8 ip_version; - u8 transport_protocol; -}; - -/* - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/flow_api.c b/src/vnet/flow/flow_api.c deleted file mode 100644 index d1eb2c008c5..00000000000 --- a/src/vnet/flow/flow_api.c +++ /dev/null @@ -1,396 +0,0 @@ -/* - *------------------------------------------------------------------ - * flow_api.c - flow api - * - * Copyright (c) 2016 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - *------------------------------------------------------------------ - */ - -#include -#include - -#include -#include - -#include -#include -#include - -#include - -#define vl_typedefs /* define message structures */ -#include -#undef vl_typedefs - -#define vl_endianfun /* define message structures */ -#include -#undef vl_endianfun - -/* instantiate all the print functions we know about */ -#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__) -#define vl_printfun -#include -#undef vl_printfun - -#include - -#define foreach_vpe_api_msg \ -_(SET_IPFIX_EXPORTER, set_ipfix_exporter) \ -_(IPFIX_EXPORTER_DUMP, ipfix_exporter_dump) \ -_(SET_IPFIX_CLASSIFY_STREAM, set_ipfix_classify_stream) \ -_(IPFIX_CLASSIFY_STREAM_DUMP, ipfix_classify_stream_dump) \ -_(IPFIX_CLASSIFY_TABLE_ADD_DEL, ipfix_classify_table_add_del) \ -_(IPFIX_CLASSIFY_TABLE_DUMP, ipfix_classify_table_dump) - -static void -vl_api_set_ipfix_exporter_t_handler (vl_api_set_ipfix_exporter_t * mp) -{ - vlib_main_t *vm = vlib_get_main (); - flow_report_main_t *frm = &flow_report_main; - vl_api_set_ipfix_exporter_reply_t *rmp; - ip4_address_t collector, src; - u16 collector_port = UDP_DST_PORT_ipfix; - u32 path_mtu; - u32 template_interval; - u8 udp_checksum; - u32 fib_id; - u32 fib_index = ~0; - int rv = 0; - - memcpy (collector.data, mp->collector_address, sizeof (collector.data)); - collector_port = ntohs (mp->collector_port); - if (collector_port == (u16) ~ 0) - collector_port = UDP_DST_PORT_ipfix; - memcpy (src.data, mp->src_address, sizeof (src.data)); - fib_id = ntohl (mp->vrf_id); - - ip4_main_t *im = &ip4_main; - if (fib_id == ~0) - { - fib_index = ~0; - } - else - { - uword *p = hash_get (im->fib_index_by_table_id, fib_id); - if (!p) - { - rv = VNET_API_ERROR_NO_SUCH_FIB; - goto out; - } - fib_index = p[0]; - } - - path_mtu = ntohl (mp->path_mtu); - if (path_mtu == ~0) - path_mtu = 512; // RFC 7011 section 10.3.3. - template_interval = ntohl (mp->template_interval); - if (template_interval == ~0) - template_interval = 20; - udp_checksum = mp->udp_checksum; - - if (collector.as_u32 == 0) - { - rv = VNET_API_ERROR_INVALID_VALUE; - goto out; - } - - if (src.as_u32 == 0) - { - rv = VNET_API_ERROR_INVALID_VALUE; - goto out; - } - - if (path_mtu > 1450 /* vpp does not support fragmentation */ ) - { - rv = VNET_API_ERROR_INVALID_VALUE; - goto out; - } - - if (path_mtu < 68) - { - rv = VNET_API_ERROR_INVALID_VALUE; - goto out; - } - - /* Reset report streams if we are reconfiguring IP addresses */ - if (frm->ipfix_collector.as_u32 != collector.as_u32 || - frm->src_address.as_u32 != src.as_u32 || - frm->collector_port != collector_port) - vnet_flow_reports_reset (frm); - - frm->ipfix_collector.as_u32 = collector.as_u32; - frm->collector_port = collector_port; - frm->src_address.as_u32 = src.as_u32; - frm->fib_index = fib_index; - frm->path_mtu = path_mtu; - frm->template_interval = template_interval; - frm->udp_checksum = udp_checksum; - - /* Turn on the flow reporting process */ - vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0); - -out: - REPLY_MACRO (VL_API_SET_IPFIX_EXPORTER_REPLY); -} - -static void -vl_api_ipfix_exporter_dump_t_handler (vl_api_ipfix_exporter_dump_t * mp) -{ - flow_report_main_t *frm = &flow_report_main; - vl_api_registration_t *reg; - vl_api_ipfix_exporter_details_t *rmp; - ip4_main_t *im = &ip4_main; - u32 vrf_id; - - reg = vl_api_client_index_to_registration (mp->client_index); - if (!reg) - return;; - - rmp = vl_msg_api_alloc (sizeof (*rmp)); - memset (rmp, 0, sizeof (*rmp)); - rmp->_vl_msg_id = ntohs (VL_API_IPFIX_EXPORTER_DETAILS); - rmp->context = mp->context; - memcpy (rmp->collector_address, frm->ipfix_collector.data, - sizeof (frm->ipfix_collector.data)); - rmp->collector_port = htons (frm->collector_port); - memcpy (rmp->src_address, frm->src_address.data, - sizeof (frm->src_address.data)); - if (frm->fib_index == ~0) - vrf_id = ~0; - else - vrf_id = im->fibs[frm->fib_index].ft_table_id; - rmp->vrf_id = htonl (vrf_id); - rmp->path_mtu = htonl (frm->path_mtu); - rmp->template_interval = htonl (frm->template_interval); - rmp->udp_checksum = (frm->udp_checksum != 0); - - vl_api_send_msg (reg, (u8 *) rmp); -} - -static void - vl_api_set_ipfix_classify_stream_t_handler - (vl_api_set_ipfix_classify_stream_t * mp) -{ - vl_api_set_ipfix_classify_stream_reply_t *rmp; - flow_report_classify_main_t *fcm = &flow_report_classify_main; - flow_report_main_t *frm = &flow_report_main; - u32 domain_id = 0; - u32 src_port = UDP_DST_PORT_ipfix; - int rv = 0; - - domain_id = ntohl (mp->domain_id); - src_port = ntohs (mp->src_port); - - if (fcm->src_port != 0 && - (fcm->domain_id != domain_id || fcm->src_port != (u16) src_port)) - { - int rv = vnet_stream_change (frm, fcm->domain_id, fcm->src_port, - domain_id, (u16) src_port); - ASSERT (rv == 0); - } - - fcm->domain_id = domain_id; - fcm->src_port = (u16) src_port; - - REPLY_MACRO (VL_API_SET_IPFIX_CLASSIFY_STREAM_REPLY); -} - -static void - vl_api_ipfix_classify_stream_dump_t_handler - (vl_api_ipfix_classify_stream_dump_t * mp) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - vl_api_registration_t *reg; - vl_api_ipfix_classify_stream_details_t *rmp; - - reg = vl_api_client_index_to_registration (mp->client_index); - if (!reg) - return; - - rmp = vl_msg_api_alloc (sizeof (*rmp)); - memset (rmp, 0, sizeof (*rmp)); - rmp->_vl_msg_id = ntohs (VL_API_IPFIX_CLASSIFY_STREAM_DETAILS); - rmp->context = mp->context; - rmp->domain_id = htonl (fcm->domain_id); - rmp->src_port = htons (fcm->src_port); - - vl_api_send_msg (reg, (u8 *) rmp); -} - -static void - vl_api_ipfix_classify_table_add_del_t_handler - (vl_api_ipfix_classify_table_add_del_t * mp) -{ - vl_api_ipfix_classify_table_add_del_reply_t *rmp; - flow_report_classify_main_t *fcm = &flow_report_classify_main; - flow_report_main_t *frm = &flow_report_main; - vnet_flow_report_add_del_args_t args; - ipfix_classify_table_t *table; - int is_add; - u32 classify_table_index; - u8 ip_version; - u8 transport_protocol; - int rv = 0; - - classify_table_index = ntohl (mp->table_id); - ip_version = mp->ip_version; - transport_protocol = mp->transport_protocol; - is_add = mp->is_add; - - if (fcm->src_port == 0) - { - /* call set_ipfix_classify_stream first */ - rv = VNET_API_ERROR_UNSPECIFIED; - goto out; - } - - memset (&args, 0, sizeof (args)); - - table = 0; - int i; - for (i = 0; i < vec_len (fcm->tables); i++) - if (ipfix_classify_table_index_valid (i)) - if (fcm->tables[i].classify_table_index == classify_table_index) - { - table = &fcm->tables[i]; - break; - } - - if (is_add) - { - if (table) - { - rv = VNET_API_ERROR_VALUE_EXIST; - goto out; - } - table = ipfix_classify_add_table (); - table->classify_table_index = classify_table_index; - } - else - { - if (!table) - { - rv = VNET_API_ERROR_NO_SUCH_ENTRY; - goto out; - } - } - - table->ip_version = ip_version; - table->transport_protocol = transport_protocol; - - args.opaque.as_uword = table - fcm->tables; - args.rewrite_callback = ipfix_classify_template_rewrite; - args.flow_data_callback = ipfix_classify_send_flows; - args.is_add = is_add; - args.domain_id = fcm->domain_id; - args.src_port = fcm->src_port; - - rv = vnet_flow_report_add_del (frm, &args, NULL); - - /* If deleting, or add failed */ - if (is_add == 0 || (rv && is_add)) - ipfix_classify_delete_table (table - fcm->tables); - -out: - REPLY_MACRO (VL_API_SET_IPFIX_CLASSIFY_STREAM_REPLY); -} - -static void -send_ipfix_classify_table_details (u32 table_index, - vl_api_registration_t * reg, u32 context) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - vl_api_ipfix_classify_table_details_t *mp; - - ipfix_classify_table_t *table = &fcm->tables[table_index]; - - mp = vl_msg_api_alloc (sizeof (*mp)); - memset (mp, 0, sizeof (*mp)); - mp->_vl_msg_id = ntohs (VL_API_IPFIX_CLASSIFY_TABLE_DETAILS); - mp->context = context; - mp->table_id = htonl (table->classify_table_index); - mp->ip_version = table->ip_version; - mp->transport_protocol = table->transport_protocol; - - vl_api_send_msg (reg, (u8 *) mp); -} - -static void - vl_api_ipfix_classify_table_dump_t_handler - (vl_api_ipfix_classify_table_dump_t * mp) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - vl_api_registration_t *reg; - u32 i; - - reg = vl_api_client_index_to_registration (mp->client_index); - if (!reg) - return; - - for (i = 0; i < vec_len (fcm->tables); i++) - if (ipfix_classify_table_index_valid (i)) - send_ipfix_classify_table_details (i, reg, mp->context); -} - -/* - * flow_api_hookup - * Add vpe's API message handlers to the table. - * vlib has alread mapped shared memory and - * added the client registration handlers. - * See .../vlib-api/vlibmemory/memclnt_vlib.c:memclnt_process() - */ -#define vl_msg_name_crc_list -#include -#undef vl_msg_name_crc_list - -static void -setup_message_id_table (api_main_t * am) -{ -#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id); - foreach_vl_msg_name_crc_flow; -#undef _ -} - -static clib_error_t * -flow_api_hookup (vlib_main_t * vm) -{ - api_main_t *am = &api_main; - -#define _(N,n) \ - vl_msg_api_set_handlers(VL_API_##N, #n, \ - vl_api_##n##_t_handler, \ - vl_noop_handler, \ - vl_api_##n##_t_endian, \ - vl_api_##n##_t_print, \ - sizeof(vl_api_##n##_t), 1); - foreach_vpe_api_msg; -#undef _ - - /* - * Set up the (msg_name, crc, message-id) table - */ - setup_message_id_table (am); - - return 0; -} - -VLIB_API_INIT_FUNCTION (flow_api_hookup); - -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/flow_report.c b/src/vnet/flow/flow_report.c deleted file mode 100644 index 4b890728a8a..00000000000 --- a/src/vnet/flow/flow_report.c +++ /dev/null @@ -1,529 +0,0 @@ -/* - * Copyright (c) 2015 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * flow_report.c - */ -#include -#include - -flow_report_main_t flow_report_main; - -static_always_inline u8 -stream_index_valid (u32 index) -{ - flow_report_main_t *frm = &flow_report_main; - return index < vec_len (frm->streams) && - frm->streams[index].domain_id != ~0; -} - -static_always_inline flow_report_stream_t * -add_stream (void) -{ - flow_report_main_t *frm = &flow_report_main; - u32 i; - for (i = 0; i < vec_len (frm->streams); i++) - if (!stream_index_valid (i)) - return &frm->streams[i]; - u32 index = vec_len (frm->streams); - vec_validate (frm->streams, index); - return &frm->streams[index]; -} - -static_always_inline void -delete_stream (u32 index) -{ - flow_report_main_t *frm = &flow_report_main; - ASSERT (index < vec_len (frm->streams)); - ASSERT (frm->streams[index].domain_id != ~0); - frm->streams[index].domain_id = ~0; -} - -static i32 -find_stream (u32 domain_id, u16 src_port) -{ - flow_report_main_t *frm = &flow_report_main; - flow_report_stream_t *stream; - u32 i; - for (i = 0; i < vec_len (frm->streams); i++) - if (stream_index_valid (i)) - { - stream = &frm->streams[i]; - if (domain_id == stream->domain_id) - { - if (src_port != stream->src_port) - return -2; - return i; - } - else if (src_port == stream->src_port) - { - return -2; - } - } - return -1; -} - -int -send_template_packet (flow_report_main_t * frm, - flow_report_t * fr, u32 * buffer_indexp) -{ - u32 bi0; - vlib_buffer_t *b0; - ip4_ipfix_template_packet_t *tp; - ipfix_message_header_t *h; - ip4_header_t *ip; - udp_header_t *udp; - vlib_main_t *vm = frm->vlib_main; - flow_report_stream_t *stream; - vlib_buffer_free_list_t *fl; - - ASSERT (buffer_indexp); - - if (fr->update_rewrite || fr->rewrite == 0) - { - if (frm->ipfix_collector.as_u32 == 0 || frm->src_address.as_u32 == 0) - { - vlib_node_set_state (frm->vlib_main, flow_report_process_node.index, - VLIB_NODE_STATE_DISABLED); - return -1; - } - vec_free (fr->rewrite); - fr->update_rewrite = 1; - } - - if (fr->update_rewrite) - { - fr->rewrite = fr->rewrite_callback (frm, fr, - &frm->ipfix_collector, - &frm->src_address, - frm->collector_port); - fr->update_rewrite = 0; - } - - if (vlib_buffer_alloc (vm, &bi0, 1) != 1) - return -1; - - b0 = vlib_get_buffer (vm, bi0); - - /* Initialize the buffer */ - fl = vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX); - vlib_buffer_init_for_free_list (b0, fl); - VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0); - - ASSERT (vec_len (fr->rewrite) < VLIB_BUFFER_DEFAULT_FREE_LIST_BYTES); - - clib_memcpy (b0->data, fr->rewrite, vec_len (fr->rewrite)); - b0->current_data = 0; - b0->current_length = vec_len (fr->rewrite); - b0->flags |= (VLIB_BUFFER_TOTAL_LENGTH_VALID | VNET_BUFFER_F_FLOW_REPORT); - vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0; - vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index; - - tp = vlib_buffer_get_current (b0); - ip = (ip4_header_t *) & tp->ip4; - udp = (udp_header_t *) (ip + 1); - h = (ipfix_message_header_t *) (udp + 1); - - /* FIXUP: message header export_time */ - h->export_time = (u32) - (((f64) frm->unix_time_0) + - (vlib_time_now (frm->vlib_main) - frm->vlib_time_0)); - h->export_time = clib_host_to_net_u32 (h->export_time); - - stream = &frm->streams[fr->stream_index]; - - /* FIXUP: message header sequence_number. Templates do not increase it */ - h->sequence_number = clib_host_to_net_u32 (stream->sequence_number); - - /* FIXUP: udp length */ - udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip)); - - if (frm->udp_checksum) - { - /* RFC 7011 section 10.3.2. */ - udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip); - if (udp->checksum == 0) - udp->checksum = 0xffff; - } - - *buffer_indexp = bi0; - - fr->last_template_sent = vlib_time_now (vm); - - return 0; -} - -static uword -flow_report_process (vlib_main_t * vm, - vlib_node_runtime_t * rt, vlib_frame_t * f) -{ - flow_report_main_t *frm = &flow_report_main; - flow_report_t *fr; - u32 ip4_lookup_node_index; - vlib_node_t *ip4_lookup_node; - vlib_frame_t *nf = 0; - u32 template_bi; - u32 *to_next; - int send_template; - f64 now; - int rv; - uword event_type; - uword *event_data = 0; - - /* Wait for Godot... */ - vlib_process_wait_for_event_or_clock (vm, 1e9); - event_type = vlib_process_get_events (vm, &event_data); - if (event_type != 1) - clib_warning ("bogus kickoff event received, %d", event_type); - vec_reset_length (event_data); - - /* Enqueue pkts to ip4-lookup */ - ip4_lookup_node = vlib_get_node_by_name (vm, (u8 *) "ip4-lookup"); - ip4_lookup_node_index = ip4_lookup_node->index; - - while (1) - { - vlib_process_wait_for_event_or_clock (vm, 5.0); - event_type = vlib_process_get_events (vm, &event_data); - vec_reset_length (event_data); - - vec_foreach (fr, frm->reports) - { - now = vlib_time_now (vm); - - /* Need to send a template packet? */ - send_template = - now > (fr->last_template_sent + frm->template_interval); - send_template += fr->last_template_sent == 0; - template_bi = ~0; - rv = 0; - - if (send_template) - rv = send_template_packet (frm, fr, &template_bi); - - if (rv < 0) - continue; - - nf = vlib_get_frame_to_node (vm, ip4_lookup_node_index); - nf->n_vectors = 0; - to_next = vlib_frame_vector_args (nf); - - if (template_bi != ~0) - { - to_next[0] = template_bi; - to_next++; - nf->n_vectors++; - } - - nf = fr->flow_data_callback (frm, fr, - nf, to_next, ip4_lookup_node_index); - if (nf) - vlib_put_frame_to_node (vm, ip4_lookup_node_index, nf); - } - } - - return 0; /* not so much */ -} - -/* *INDENT-OFF* */ -VLIB_REGISTER_NODE (flow_report_process_node) = { - .function = flow_report_process, - .type = VLIB_NODE_TYPE_PROCESS, - .name = "flow-report-process", -}; -/* *INDENT-ON* */ - -int -vnet_flow_report_add_del (flow_report_main_t * frm, - vnet_flow_report_add_del_args_t * a, - u16 * template_id) -{ - int i; - int found_index = ~0; - flow_report_t *fr; - flow_report_stream_t *stream; - u32 si; - - si = find_stream (a->domain_id, a->src_port); - if (si == -2) - return VNET_API_ERROR_INVALID_VALUE; - if (si == -1 && a->is_add == 0) - return VNET_API_ERROR_NO_SUCH_ENTRY; - - for (i = 0; i < vec_len (frm->reports); i++) - { - fr = vec_elt_at_index (frm->reports, i); - if (fr->opaque.as_uword == a->opaque.as_uword - && fr->rewrite_callback == a->rewrite_callback - && fr->flow_data_callback == a->flow_data_callback) - { - found_index = i; - if (template_id) - *template_id = fr->template_id; - break; - } - } - - if (a->is_add == 0) - { - if (found_index != ~0) - { - vec_delete (frm->reports, 1, found_index); - stream = &frm->streams[si]; - stream->n_reports--; - if (stream->n_reports == 0) - delete_stream (si); - return 0; - } - return VNET_API_ERROR_NO_SUCH_ENTRY; - } - - if (found_index != ~0) - return VNET_API_ERROR_VALUE_EXIST; - - if (si == -1) - { - stream = add_stream (); - stream->domain_id = a->domain_id; - stream->src_port = a->src_port; - stream->sequence_number = 0; - stream->n_reports = 0; - si = stream - frm->streams; - } - else - stream = &frm->streams[si]; - - stream->n_reports++; - - vec_add2 (frm->reports, fr, 1); - - fr->stream_index = si; - fr->template_id = 256 + stream->next_template_no; - stream->next_template_no = (stream->next_template_no + 1) % (65536 - 256); - fr->update_rewrite = 1; - fr->opaque = a->opaque; - fr->rewrite_callback = a->rewrite_callback; - fr->flow_data_callback = a->flow_data_callback; - - if (template_id) - *template_id = fr->template_id; - - return 0; -} - -clib_error_t * -flow_report_add_del_error_to_clib_error (int error) -{ - switch (error) - { - case 0: - return 0; - case VNET_API_ERROR_NO_SUCH_ENTRY: - return clib_error_return (0, "Flow report not found"); - case VNET_API_ERROR_VALUE_EXIST: - return clib_error_return (0, "Flow report already exists"); - case VNET_API_ERROR_INVALID_VALUE: - return clib_error_return (0, "Expecting either still unused values " - "for both domain_id and src_port " - "or already used values for both fields"); - default: - return clib_error_return (0, "vnet_flow_report_add_del returned %d", - error); - } -} - -void -vnet_flow_reports_reset (flow_report_main_t * frm) -{ - flow_report_t *fr; - u32 i; - - for (i = 0; i < vec_len (frm->streams); i++) - if (stream_index_valid (i)) - frm->streams[i].sequence_number = 0; - - vec_foreach (fr, frm->reports) - { - fr->update_rewrite = 1; - fr->last_template_sent = 0; - } -} - -void -vnet_stream_reset (flow_report_main_t * frm, u32 stream_index) -{ - flow_report_t *fr; - - frm->streams[stream_index].sequence_number = 0; - - vec_foreach (fr, frm->reports) - if (frm->reports->stream_index == stream_index) - { - fr->update_rewrite = 1; - fr->last_template_sent = 0; - } -} - -int -vnet_stream_change (flow_report_main_t * frm, - u32 old_domain_id, u16 old_src_port, - u32 new_domain_id, u16 new_src_port) -{ - i32 stream_index = find_stream (old_domain_id, old_src_port); - if (stream_index < 0) - return 1; - flow_report_stream_t *stream = &frm->streams[stream_index]; - stream->domain_id = new_domain_id; - stream->src_port = new_src_port; - if (old_domain_id != new_domain_id || old_src_port != new_src_port) - vnet_stream_reset (frm, stream_index); - return 0; -} - -static clib_error_t * -set_ipfix_exporter_command_fn (vlib_main_t * vm, - unformat_input_t * input, - vlib_cli_command_t * cmd) -{ - flow_report_main_t *frm = &flow_report_main; - ip4_address_t collector, src; - u16 collector_port = UDP_DST_PORT_ipfix; - u32 fib_id; - u32 fib_index = ~0; - - collector.as_u32 = 0; - src.as_u32 = 0; - u32 path_mtu = 512; // RFC 7011 section 10.3.3. - u32 template_interval = 20; - u8 udp_checksum = 0; - - while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) - { - if (unformat (input, "collector %U", unformat_ip4_address, &collector)) - ; - else if (unformat (input, "port %u", &collector_port)) - ; - else if (unformat (input, "src %U", unformat_ip4_address, &src)) - ; - else if (unformat (input, "fib-id %u", &fib_id)) - { - ip4_main_t *im = &ip4_main; - uword *p = hash_get (im->fib_index_by_table_id, fib_id); - if (!p) - return clib_error_return (0, "fib ID %d doesn't exist\n", fib_id); - fib_index = p[0]; - } - else if (unformat (input, "path-mtu %u", &path_mtu)) - ; - else if (unformat (input, "template-interval %u", &template_interval)) - ; - else if (unformat (input, "udp-checksum")) - udp_checksum = 1; - else - break; - } - - if (collector.as_u32 != 0 && src.as_u32 == 0) - return clib_error_return (0, "src address required"); - - if (path_mtu > 1450 /* vpp does not support fragmentation */ ) - return clib_error_return (0, "too big path-mtu value, maximum is 1450"); - - if (path_mtu < 68) - return clib_error_return (0, "too small path-mtu value, minimum is 68"); - - /* Reset report streams if we are reconfiguring IP addresses */ - if (frm->ipfix_collector.as_u32 != collector.as_u32 || - frm->src_address.as_u32 != src.as_u32 || - frm->collector_port != collector_port) - vnet_flow_reports_reset (frm); - - frm->ipfix_collector.as_u32 = collector.as_u32; - frm->collector_port = collector_port; - frm->src_address.as_u32 = src.as_u32; - frm->fib_index = fib_index; - frm->path_mtu = path_mtu; - frm->template_interval = template_interval; - frm->udp_checksum = udp_checksum; - - if (collector.as_u32) - vlib_cli_output (vm, "Collector %U, src address %U, " - "fib index %d, path MTU %u, " - "template resend interval %us, " - "udp checksum %s", - format_ip4_address, &frm->ipfix_collector, - format_ip4_address, &frm->src_address, - fib_index, path_mtu, template_interval, - udp_checksum ? "enabled" : "disabled"); - else - vlib_cli_output (vm, "IPFIX Collector is disabled"); - - /* Turn on the flow reporting process */ - vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0); - return 0; -} - -/* *INDENT-OFF* */ -VLIB_CLI_COMMAND (set_ipfix_exporter_command, static) = { - .path = "set ipfix exporter", - .short_help = "set ipfix exporter " - "collector [port ] " - "src [fib-id ] " - "[path-mtu ] " - "[template-interval ]", - "[udp-checksum]", - .function = set_ipfix_exporter_command_fn, -}; -/* *INDENT-ON* */ - - -static clib_error_t * -ipfix_flush_command_fn (vlib_main_t * vm, - unformat_input_t * input, vlib_cli_command_t * cmd) -{ - /* poke the flow reporting process */ - vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0); - return 0; -} - -/* *INDENT-OFF* */ -VLIB_CLI_COMMAND (ipfix_flush_command, static) = { - .path = "ipfix flush", - .short_help = "flush the current ipfix data [for make test]", - .function = ipfix_flush_command_fn, -}; -/* *INDENT-ON* */ - -static clib_error_t * -flow_report_init (vlib_main_t * vm) -{ - flow_report_main_t *frm = &flow_report_main; - - frm->vlib_main = vm; - frm->vnet_main = vnet_get_main (); - frm->unix_time_0 = time (0); - frm->vlib_time_0 = vlib_time_now (frm->vlib_main); - frm->fib_index = ~0; - - return 0; -} - -VLIB_INIT_FUNCTION (flow_report_init) -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/flow_report.h b/src/vnet/flow/flow_report.h deleted file mode 100644 index b26345b86ed..00000000000 --- a/src/vnet/flow/flow_report.h +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 2015 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __included_vnet_flow_report_h__ -#define __included_vnet_flow_report_h__ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -/* Used to build the rewrite */ -typedef struct -{ - ip4_header_t ip4; - udp_header_t udp; - ipfix_template_packet_t ipfix; -} ip4_ipfix_template_packet_t; - -struct flow_report_main; -struct flow_report; - -typedef u8 *(vnet_flow_rewrite_callback_t) (struct flow_report_main *, - struct flow_report *, - ip4_address_t *, - ip4_address_t *, u16); - -typedef vlib_frame_t *(vnet_flow_data_callback_t) (struct flow_report_main *, - struct flow_report *, - vlib_frame_t *, u32 *, - u32); - -typedef union -{ - void *as_ptr; - uword as_uword; -} opaque_t; - -typedef struct -{ - u32 domain_id; - u32 sequence_number; - u16 src_port; - u16 n_reports; - u16 next_template_no; -} flow_report_stream_t; - -typedef struct flow_report -{ - /* ipfix rewrite, set by callback */ - u8 *rewrite; - u16 template_id; - u32 stream_index; - f64 last_template_sent; - int update_rewrite; - - /* Bitmap of fields to send */ - uword *fields_to_send; - - /* Opaque data */ - opaque_t opaque; - - /* build-the-rewrite callback */ - vnet_flow_rewrite_callback_t *rewrite_callback; - - /* Send-flow-data callback */ - vnet_flow_data_callback_t *flow_data_callback; -} flow_report_t; - -typedef struct flow_report_main -{ - flow_report_t *reports; - flow_report_stream_t *streams; - - /* ipfix collector ip address, port, our ip address, fib index */ - ip4_address_t ipfix_collector; - u16 collector_port; - ip4_address_t src_address; - u32 fib_index; - - /* Path MTU */ - u32 path_mtu; - - /* time interval in seconds after which to resend templates */ - u32 template_interval; - - /* UDP checksum calculation enable flag */ - u8 udp_checksum; - - /* time scale transform. Joy. */ - u32 unix_time_0; - f64 vlib_time_0; - - /* convenience variables */ - vlib_main_t *vlib_main; - vnet_main_t *vnet_main; -} flow_report_main_t; - -extern flow_report_main_t flow_report_main; - -extern vlib_node_registration_t flow_report_process_node; - -int vnet_flow_report_enable_disable (u32 sw_if_index, u32 table_index, - int enable_disable); -typedef struct -{ - vnet_flow_data_callback_t *flow_data_callback; - vnet_flow_rewrite_callback_t *rewrite_callback; - opaque_t opaque; - int is_add; - u32 domain_id; - u16 src_port; -} vnet_flow_report_add_del_args_t; - -int vnet_flow_report_add_del (flow_report_main_t * frm, - vnet_flow_report_add_del_args_t * a, - u16 * template_id); - -clib_error_t *flow_report_add_del_error_to_clib_error (int error); - -void vnet_flow_reports_reset (flow_report_main_t * frm); - -void vnet_stream_reset (flow_report_main_t * frm, u32 stream_index); - -int vnet_stream_change (flow_report_main_t * frm, - u32 old_domain_id, u16 old_src_port, - u32 new_domain_id, u16 new_src_port); - -#endif /* __included_vnet_flow_report_h__ */ - -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/flow_report_classify.c b/src/vnet/flow/flow_report_classify.c deleted file mode 100644 index 163ce10a369..00000000000 --- a/src/vnet/flow/flow_report_classify.c +++ /dev/null @@ -1,556 +0,0 @@ -/* - * Copyright (c) 2015 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include -#include - -/* Common prefix of tcp and udp headers - * containing only source and destination port fields */ -typedef struct -{ - u16 src_port, dst_port; -} tcpudp_header_t; - -flow_report_classify_main_t flow_report_classify_main; - -u8 * -ipfix_classify_template_rewrite (flow_report_main_t * frm, - flow_report_t * fr, - ip4_address_t * collector_address, - ip4_address_t * src_address, - u16 collector_port) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - vnet_classify_table_t *tblp; - vnet_classify_main_t *vcm = &vnet_classify_main; - u32 flow_table_index = fr->opaque.as_uword; - u8 *ip_start; - ip4_header_t *ip; - ip6_header_t *ip6; - tcpudp_header_t *tcpudp; - udp_header_t *udp; - ipfix_message_header_t *h; - ipfix_set_header_t *s; - ipfix_template_header_t *t; - ipfix_field_specifier_t *f; - ipfix_field_specifier_t *first_field; - u8 *rewrite = 0; - ip4_ipfix_template_packet_t *tp; - u32 field_count = 0; - u32 field_index = 0; - flow_report_stream_t *stream; - u8 ip_version; - u8 transport_protocol; - u8 *virt_mask; - u8 *real_mask; - - stream = &frm->streams[fr->stream_index]; - - ipfix_classify_table_t *table = &fcm->tables[flow_table_index]; - - ip_version = table->ip_version; - transport_protocol = table->transport_protocol; - - tblp = pool_elt_at_index (vcm->tables, table->classify_table_index); - - virt_mask = (u8 *) (tblp->mask - tblp->skip_n_vectors); - real_mask = (u8 *) (tblp->mask); - - /* Determine field count */ - ip_start = virt_mask + sizeof (ethernet_header_t); -#define _(field,mask,item,length) \ - if (((u8 *)&field >= real_mask) && (memcmp(&field, &mask, length) == 0)) \ - { \ - field_count++; \ - \ - fr->fields_to_send = clib_bitmap_set (fr->fields_to_send, \ - field_index, 1); \ - } \ - field_index++; - foreach_ipfix_field; -#undef _ - - /* Add packetTotalCount manually */ - field_count += 1; - - /* $$$ enterprise fields, at some later date */ - - /* allocate rewrite space */ - vec_validate_aligned (rewrite, - sizeof (ip4_ipfix_template_packet_t) - + field_count * sizeof (ipfix_field_specifier_t) - 1, - CLIB_CACHE_LINE_BYTES); - - tp = (ip4_ipfix_template_packet_t *) rewrite; - ip = (ip4_header_t *) & tp->ip4; - udp = (udp_header_t *) (ip + 1); - h = (ipfix_message_header_t *) (udp + 1); - s = (ipfix_set_header_t *) (h + 1); - t = (ipfix_template_header_t *) (s + 1); - first_field = f = (ipfix_field_specifier_t *) (t + 1); - - ip->ip_version_and_header_length = 0x45; - ip->ttl = 254; - ip->protocol = IP_PROTOCOL_UDP; - ip->src_address.as_u32 = src_address->as_u32; - ip->dst_address.as_u32 = collector_address->as_u32; - udp->src_port = clib_host_to_net_u16 (stream->src_port); - udp->dst_port = clib_host_to_net_u16 (collector_port); - udp->length = clib_host_to_net_u16 (vec_len (rewrite) - sizeof (*ip)); - - /* FIXUP: message header export_time */ - /* FIXUP: message header sequence_number */ - h->domain_id = clib_host_to_net_u32 (stream->domain_id); - - /* Take another trip through the mask and build the template */ - ip_start = virt_mask + sizeof (ethernet_header_t); -#define _(field,mask,item,length) \ - if (((u8 *)&field >= real_mask) && (memcmp(&field, &mask, length) == 0)) \ - { \ - f->e_id_length = ipfix_e_id_length (0 /* enterprise */, \ - item, length); \ - f++; \ - } - foreach_ipfix_field; -#undef _ - - /* Add packetTotalCount manually */ - f->e_id_length = - ipfix_e_id_length (0 /* enterprise */ , packetTotalCount, 8); - f++; - - /* Back to the template packet... */ - ip = (ip4_header_t *) & tp->ip4; - udp = (udp_header_t *) (ip + 1); - - ASSERT (f - first_field); - /* Field count in this template */ - t->id_count = ipfix_id_count (fr->template_id, f - first_field); - - /* set length in octets */ - s->set_id_length = - ipfix_set_id_length (2 /* set_id */ , (u8 *) f - (u8 *) s); - - /* message length in octets */ - h->version_length = version_length ((u8 *) f - (u8 *) h); - - ip->length = clib_host_to_net_u16 ((u8 *) f - (u8 *) ip); - ip->checksum = ip4_header_checksum (ip); - - return rewrite; -} - -vlib_frame_t * -ipfix_classify_send_flows (flow_report_main_t * frm, - flow_report_t * fr, - vlib_frame_t * f, u32 * to_next, u32 node_index) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - vnet_classify_main_t *vcm = &vnet_classify_main; - u32 flow_table_index = fr->opaque.as_uword; - vnet_classify_table_t *t; - vnet_classify_bucket_t *b; - vnet_classify_entry_t *v, *save_v; - vlib_buffer_t *b0 = 0; - u32 next_offset = 0; - u32 record_offset = 0; - u32 bi0 = ~0; - int i, j, k; - ip4_ipfix_template_packet_t *tp; - ipfix_message_header_t *h = 0; - ipfix_set_header_t *s = 0; - u8 *ip_start; - ip4_header_t *ip; - ip6_header_t *ip6; - tcpudp_header_t *tcpudp; - udp_header_t *udp; - int field_index; - u32 records_this_buffer; - u16 new_l0, old_l0; - ip_csum_t sum0; - vlib_main_t *vm = frm->vlib_main; - flow_report_stream_t *stream; - u8 ip_version; - u8 transport_protocol; - u8 *virt_key; - - stream = &frm->streams[fr->stream_index]; - - ipfix_classify_table_t *table = &fcm->tables[flow_table_index]; - - ip_version = table->ip_version; - transport_protocol = table->transport_protocol; - - t = pool_elt_at_index (vcm->tables, table->classify_table_index); - - while (__sync_lock_test_and_set (t->writer_lock, 1)) - ; - - for (i = 0; i < t->nbuckets; i++) - { - b = &t->buckets[i]; - if (b->offset == 0) - continue; - - save_v = vnet_classify_get_entry (t, b->offset); - for (j = 0; j < (1 << b->log2_pages); j++) - { - for (k = 0; k < t->entries_per_page; k++) - { - v = vnet_classify_entry_at_index - (t, save_v, j * t->entries_per_page + k); - - if (vnet_classify_entry_is_free (v)) - continue; - - /* OK, we have something to send... */ - if (PREDICT_FALSE (b0 == 0)) - { - if (vlib_buffer_alloc (vm, &bi0, 1) != 1) - goto flush; - b0 = vlib_get_buffer (vm, bi0); - - u32 copy_len = sizeof (ip4_header_t) + - sizeof (udp_header_t) + sizeof (ipfix_message_header_t); - clib_memcpy (b0->data, fr->rewrite, copy_len); - b0->current_data = 0; - b0->current_length = copy_len; - b0->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; - vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0; - vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index; - - tp = vlib_buffer_get_current (b0); - ip = (ip4_header_t *) & tp->ip4; - udp = (udp_header_t *) (ip + 1); - h = (ipfix_message_header_t *) (udp + 1); - s = (ipfix_set_header_t *) (h + 1); - - /* FIXUP: message header export_time */ - h->export_time = (u32) - (((f64) frm->unix_time_0) + - (vlib_time_now (frm->vlib_main) - frm->vlib_time_0)); - h->export_time = clib_host_to_net_u32 (h->export_time); - - /* FIXUP: message header sequence_number */ - h->sequence_number = stream->sequence_number; - h->sequence_number = - clib_host_to_net_u32 (h->sequence_number); - - next_offset = (u32) (((u8 *) (s + 1)) - (u8 *) tp); - record_offset = next_offset; - records_this_buffer = 0; - } - - field_index = 0; - virt_key = (u8 *) (v->key - t->skip_n_vectors); - ip_start = virt_key + sizeof (ethernet_header_t); -#define _(field,mask,item,length) \ - if (clib_bitmap_get (fr->fields_to_send, field_index)) \ - { \ - clib_memcpy (b0->data + next_offset, &field, \ - length); \ - next_offset += length; \ - } \ - field_index++; - foreach_ipfix_field; -#undef _ - - /* Add packetTotalCount manually */ - { - u64 packets = clib_host_to_net_u64 (v->hits); - clib_memcpy (b0->data + next_offset, &packets, - sizeof (packets)); - next_offset += sizeof (packets); - } - records_this_buffer++; - stream->sequence_number++; - - /* Next record will have the same size as this record */ - u32 next_record_size = next_offset - record_offset; - record_offset = next_offset; - - if (next_offset + next_record_size > frm->path_mtu) - { - s->set_id_length = ipfix_set_id_length (fr->template_id, - next_offset - - (sizeof (*ip) + - sizeof (*udp) + - sizeof (*h))); - h->version_length = - version_length (next_offset - - (sizeof (*ip) + sizeof (*udp))); - b0->current_length = next_offset; - b0->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; - - tp = vlib_buffer_get_current (b0); - ip = (ip4_header_t *) & tp->ip4; - udp = (udp_header_t *) (ip + 1); - - sum0 = ip->checksum; - old_l0 = ip->length; - new_l0 = clib_host_to_net_u16 ((u16) next_offset); - - sum0 = ip_csum_update (sum0, old_l0, new_l0, ip4_header_t, - length /* changed member */ ); - - ip->checksum = ip_csum_fold (sum0); - ip->length = new_l0; - udp->length = - clib_host_to_net_u16 (b0->current_length - sizeof (*ip)); - - if (frm->udp_checksum) - { - /* RFC 7011 section 10.3.2. */ - udp->checksum = - ip4_tcp_udp_compute_checksum (vm, b0, ip); - if (udp->checksum == 0) - udp->checksum = 0xffff; - } - - ASSERT (ip->checksum == ip4_header_checksum (ip)); - - to_next[0] = bi0; - f->n_vectors++; - to_next++; - - if (f->n_vectors == VLIB_FRAME_SIZE) - { - vlib_put_frame_to_node (vm, node_index, f); - f = vlib_get_frame_to_node (vm, node_index); - f->n_vectors = 0; - to_next = vlib_frame_vector_args (f); - } - b0 = 0; - bi0 = ~0; - } - } - } - } - -flush: - if (b0) - { - s->set_id_length = ipfix_set_id_length (fr->template_id, - next_offset - - (sizeof (*ip) + sizeof (*udp) + - sizeof (*h))); - h->version_length = version_length (next_offset - - (sizeof (*ip) + sizeof (*udp))); - b0->current_length = next_offset; - b0->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; - - tp = vlib_buffer_get_current (b0); - ip = (ip4_header_t *) & tp->ip4; - udp = (udp_header_t *) (ip + 1); - - sum0 = ip->checksum; - old_l0 = ip->length; - new_l0 = clib_host_to_net_u16 ((u16) next_offset); - - sum0 = ip_csum_update (sum0, old_l0, new_l0, ip4_header_t, - length /* changed member */ ); - - ip->checksum = ip_csum_fold (sum0); - ip->length = new_l0; - udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip)); - - if (frm->udp_checksum) - { - /* RFC 7011 section 10.3.2. */ - udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip); - if (udp->checksum == 0) - udp->checksum = 0xffff; - } - - ASSERT (ip->checksum == ip4_header_checksum (ip)); - - to_next[0] = bi0; - f->n_vectors++; - - b0 = 0; - bi0 = ~0; - } - - *(t->writer_lock) = 0; - return f; -} - -static clib_error_t * -ipfix_classify_table_add_del_command_fn (vlib_main_t * vm, - unformat_input_t * input, - vlib_cli_command_t * cmd) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - flow_report_main_t *frm = &flow_report_main; - vnet_flow_report_add_del_args_t args; - ipfix_classify_table_t *table; - int rv; - int is_add = -1; - u32 classify_table_index = ~0; - u8 ip_version = 0; - u8 transport_protocol = 255; - clib_error_t *error = 0; - - if (fcm->src_port == 0) - clib_error_return (0, "call 'set ipfix classify stream' first"); - - memset (&args, 0, sizeof (args)); - - while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) - { - if (unformat (input, "add")) - is_add = 1; - else if (unformat (input, "del")) - is_add = 0; - else if (unformat (input, "%d", &classify_table_index)) - ; - else if (unformat (input, "ip4")) - ip_version = 4; - else if (unformat (input, "ip6")) - ip_version = 6; - else if (unformat (input, "tcp")) - transport_protocol = 6; - else if (unformat (input, "udp")) - transport_protocol = 17; - else - return clib_error_return (0, "unknown input `%U'", - format_unformat_error, input); - } - - if (is_add == -1) - return clib_error_return (0, "expecting: add|del"); - if (classify_table_index == ~0) - return clib_error_return (0, "classifier table not specified"); - if (ip_version == 0) - return clib_error_return (0, "IP version not specified"); - - table = 0; - int i; - for (i = 0; i < vec_len (fcm->tables); i++) - if (ipfix_classify_table_index_valid (i)) - if (fcm->tables[i].classify_table_index == classify_table_index) - { - table = &fcm->tables[i]; - break; - } - - if (is_add) - { - if (table) - return clib_error_return (0, - "Specified classifier table already used"); - table = ipfix_classify_add_table (); - table->classify_table_index = classify_table_index; - } - else - { - if (!table) - return clib_error_return (0, - "Specified classifier table not registered"); - } - - table->ip_version = ip_version; - table->transport_protocol = transport_protocol; - - args.opaque.as_uword = table - fcm->tables; - args.rewrite_callback = ipfix_classify_template_rewrite; - args.flow_data_callback = ipfix_classify_send_flows; - args.is_add = is_add; - args.domain_id = fcm->domain_id; - args.src_port = fcm->src_port; - - rv = vnet_flow_report_add_del (frm, &args, NULL); - - error = flow_report_add_del_error_to_clib_error (rv); - - /* If deleting, or add failed */ - if (is_add == 0 || (rv && is_add)) - ipfix_classify_delete_table (table - fcm->tables); - - return error; -} - -/* *INDENT-OFF* */ -VLIB_CLI_COMMAND (ipfix_classify_table_add_del_command, static) = { - .path = "ipfix classify table", - .short_help = "ipfix classify table add|del ", - .function = ipfix_classify_table_add_del_command_fn, -}; -/* *INDENT-ON* */ - -static clib_error_t * -set_ipfix_classify_stream_command_fn (vlib_main_t * vm, - unformat_input_t * input, - vlib_cli_command_t * cmd) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - flow_report_main_t *frm = &flow_report_main; - u32 domain_id = 1; - u32 src_port = UDP_DST_PORT_ipfix; - - while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) - { - if (unformat (input, "domain %d", &domain_id)) - ; - else if (unformat (input, "src-port %d", &src_port)) - ; - else - return clib_error_return (0, "unknown input `%U'", - format_unformat_error, input); - } - - if (fcm->src_port != 0 && - (fcm->domain_id != domain_id || fcm->src_port != (u16) src_port)) - { - int rv = vnet_stream_change (frm, fcm->domain_id, fcm->src_port, - domain_id, (u16) src_port); - ASSERT (rv == 0); - } - - fcm->domain_id = domain_id; - fcm->src_port = (u16) src_port; - - return 0; -} - -/* *INDENT-OFF* */ -VLIB_CLI_COMMAND (set_ipfix_classify_stream_command, static) = { - .path = "set ipfix classify stream", - .short_help = "set ipfix classify stream" - "[domain ] [src-port ]", - .function = set_ipfix_classify_stream_command_fn, -}; -/* *INDENT-ON* */ - -static clib_error_t * -flow_report_classify_init (vlib_main_t * vm) -{ - clib_error_t *error; - - if ((error = vlib_call_init_function (vm, flow_report_init))) - return error; - - return 0; -} - -VLIB_INIT_FUNCTION (flow_report_classify_init); - -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/flow_report_classify.h b/src/vnet/flow/flow_report_classify.h deleted file mode 100644 index 0533b450122..00000000000 --- a/src/vnet/flow/flow_report_classify.h +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (c) 2015 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __included_flow_report_classify_h__ -#define __included_flow_report_classify_h__ - -#define foreach_ipfix_ip4_field \ -_(ip->src_address.as_u32, ((u32[]){0xFFFFFFFF}), sourceIPv4Address, 4) \ -_(ip->dst_address.as_u32, ((u32[]){0xFFFFFFFF}), destinationIPv4Address, 4) \ -_(ip->protocol, ((u8[]){0xFF}), protocolIdentifier, 1) - -#define foreach_ipfix_ip6_field \ -_(ip6->src_address.as_u8, \ - ((u32[]){0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF}), \ - sourceIPv6Address, 16) \ -_(ip6->dst_address.as_u8, \ - ((u32[]){0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF}), \ - destinationIPv6Address, 16) \ -_(ip6->protocol, ((u8[]){0xFF}), protocolIdentifier, 1) - -#define foreach_ipfix_tcpudp_field \ -_(tcpudp->src_port, ((u16[]){0xFFFF}), sourceTransportPort, 2) \ -_(tcpudp->dst_port, ((u16[]){0xFFFF}), destinationTransportPort, 2) - -#define foreach_ipfix_tcp_field \ -_(tcpudp->src_port, ((u16[]){0xFFFF}), tcpSourcePort, 2) \ -_(tcpudp->dst_port, ((u16[]){0xFFFF}), tcpDestinationPort, 2) - -#define foreach_ipfix_udp_field \ -_(tcpudp->src_port, ((u16[]){0xFFFF}), udpSourcePort, 2) \ -_(tcpudp->dst_port, ((u16[]){0xFFFF}), udpDestinationPort, 2) - -#define foreach_ipfix_transport_protocol_field \ - switch (transport_protocol) { \ - case 255: \ - foreach_ipfix_tcpudp_field; \ - break; \ - case 6: \ - foreach_ipfix_tcp_field; \ - break; \ - case 17: \ - foreach_ipfix_udp_field; \ - break; \ - } - -#define foreach_ipfix_field \ - if (ip_version == 4) { \ - ip = (ip4_header_t *)ip_start; \ - tcpudp = (tcpudp_header_t *)(ip+1); \ - foreach_ipfix_ip4_field; \ - } else { \ - ip6 = (ip6_header_t *)ip_start; \ - tcpudp = (tcpudp_header_t *)(ip6+1); \ - foreach_ipfix_ip6_field; \ - } \ - foreach_ipfix_transport_protocol_field - -typedef struct -{ - u32 classify_table_index; - u8 ip_version; - u8 transport_protocol; -} ipfix_classify_table_t; - -typedef struct -{ - u32 domain_id; - u16 src_port; - ipfix_classify_table_t *tables; -} flow_report_classify_main_t; - -extern flow_report_classify_main_t flow_report_classify_main; - -static_always_inline u8 -ipfix_classify_table_index_valid (u32 index) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - return index < vec_len (fcm->tables) && - fcm->tables[index].classify_table_index != ~0; -} - -static_always_inline ipfix_classify_table_t * -ipfix_classify_add_table (void) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - u32 i; - for (i = 0; i < vec_len (fcm->tables); i++) - if (!ipfix_classify_table_index_valid (i)) - return &fcm->tables[i]; - u32 index = vec_len (fcm->tables); - vec_validate (fcm->tables, index); - return &fcm->tables[index]; -} - -static_always_inline void -ipfix_classify_delete_table (u32 index) -{ - flow_report_classify_main_t *fcm = &flow_report_classify_main; - ASSERT (index < vec_len (fcm->tables)); - ASSERT (fcm->tables[index].classify_table_index != ~0); - fcm->tables[index].classify_table_index = ~0; -} - -u8 *ipfix_classify_template_rewrite (flow_report_main_t * frm, - flow_report_t * fr, - ip4_address_t * collector_address, - ip4_address_t * src_address, - u16 collector_port); - -vlib_frame_t *ipfix_classify_send_flows (flow_report_main_t * frm, - flow_report_t * fr, - vlib_frame_t * f, - u32 * to_next, u32 node_index); - -#endif /* __included_flow_report_classify_h__ */ - -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/ipfix_info_elements.h b/src/vnet/flow/ipfix_info_elements.h deleted file mode 100644 index 171cdfe702e..00000000000 --- a/src/vnet/flow/ipfix_info_elements.h +++ /dev/null @@ -1,443 +0,0 @@ -/* - * Copyright (c) 2015 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __included_ipfix_info_elements_h__ -#define __included_ipfix_info_elements_h__ - -#define foreach_ipfix_info_element_t \ -_(octetDeltaCount, 1, u64) \ -_(packetDeltaCount, 2, u64) \ -_(deltaFlowCount, 3, u64) \ -_(protocolIdentifier, 4, u8) \ -_(ipClassOfService, 5, u8) \ -_(tcpControlBits, 6, u16) \ -_(sourceTransportPort, 7, u16) \ -_(sourceIPv4Address, 8, ip4_address_t) \ -_(sourceIPv4PrefixLength, 9, u8) \ -_(ingressInterface, 10, u32) \ -_(destinationTransportPort, 11, u16) \ -_(destinationIPv4Address, 12, ip4_address_t) \ -_(destinationIPv4PrefixLength, 13, u8) \ -_(egressInterface, 14, u32) \ -_(ipNextHopIPv4Address, 15, ip4_address_t) \ -_(bgpSourceAsNumber, 16, u32) \ -_(bgpDestinationAsNumber, 17, u32) \ -_(bgpNextHopIPv4Address, 18, ip4_address_t) \ -_(postMCastPacketDeltaCount, 19, u64) \ -_(postMCastOctetDeltaCount, 20, u64) \ -_(flowEndSysUpTime, 21, u32) \ -_(flowStartSysUpTime, 22, u32) \ -_(postOctetDeltaCount, 23, u64) \ -_(postPacketDeltaCount, 24, u64) \ -_(minimumIpTotalLength, 25, u64) \ -_(maximumIpTotalLength, 26, u64) \ -_(sourceIPv6Address, 27, ip6_address_t) \ -_(destinationIPv6Address, 28, ip6_address_t) \ -_(sourceIPv6PrefixLength, 29, u8) \ -_(destinationIPv6PrefixLength, 30, u8) \ -_(flowLabelIPv6, 31, u32) \ -_(icmpTypeCodeIPv4, 32, u16) \ -_(igmpType, 33, u8) \ -_(samplingInterval, 34, u32) \ -_(samplingAlgorithm, 35, u8) \ -_(flowActiveTimeout, 36, u16) \ -_(flowIdleTimeout, 37, u16) \ -_(engineType, 38, u8) \ -_(engineId, 39, u8) \ -_(exportedOctetTotalCount, 40, u64) \ -_(exportedMessageTotalCount, 41, u64) \ -_(exportedFlowRecordTotalCount, 42, u64) \ -_(ipv4RouterSc, 43, ip4_address_t) \ -_(sourceIPv4Prefix, 44, ip4_address_t) \ -_(destinationIPv4Prefix, 45, ip4_address_t) \ -_(mplsTopLabelType, 46, u8) \ -_(mplsTopLabelIPv4Address, 47, ip4_address_t) \ -_(samplerId, 48, u8) \ -_(samplerMode, 49, u8) \ -_(samplerRandomInterval, 50, u32) \ -_(classId, 51, u8) \ -_(minimumTTL, 52, u8) \ -_(maximumTTL, 53, u8) \ -_(fragmentIdentification, 54, u32) \ -_(postIpClassOfService, 55, u8) \ -_(sourceMacAddress, 56, macAddress) \ -_(postDestinationMacAddress, 57, macAddress) \ -_(vlanId, 58, u16) \ -_(postVlanId, 59, u16) \ -_(ipVersion, 60, u8) \ -_(flowDirection, 61, u8) \ -_(ipNextHopIPv6Address, 62, ip6_address_t) \ -_(bgpNextHopIPv6Address, 63, ip6_address_t) \ -_(ipv6ExtensionHeaders, 64, u32) \ -_(mplsTopLabelStackSection, 70, octetArray) \ -_(mplsLabelStackSection2, 71, octetArray) \ -_(mplsLabelStackSection3, 72, octetArray) \ -_(mplsLabelStackSection4, 73, octetArray) \ -_(mplsLabelStackSection5, 74, octetArray) \ -_(mplsLabelStackSection6, 75, octetArray) \ -_(mplsLabelStackSection7, 76, octetArray) \ -_(mplsLabelStackSection8, 77, octetArray) \ -_(mplsLabelStackSection9, 78, octetArray) \ -_(mplsLabelStackSection10, 79, octetArray) \ -_(destinationMacAddress, 80, macAddress) \ -_(postSourceMacAddress, 81, macAddress) \ -_(interfaceName, 82, string) \ -_(interfaceDescription, 83, string) \ -_(samplerName, 84, string) \ -_(octetTotalCount, 85, u64) \ -_(packetTotalCount, 86, u64) \ -_(flagsAndSamplerId, 87, u32) \ -_(fragmentOffset, 88, u16) \ -_(forwardingStatus, 89, u32) \ -_(mplsVpnRouteDistinguisher, 90, octetArray) \ -_(mplsTopLabelPrefixLength, 91, u8) \ -_(srcTrafficIndex, 92, u32) \ -_(dstTrafficIndex, 93, u32) \ -_(applicationDescription, 94, string) \ -_(applicationId, 95, octetArray) \ -_(applicationName, 96, string) \ -_(Assigned, 97, for NetFlow v9 compatibility ) \ -_(postIpDiffServCodePoint, 98, u8) \ -_(multicastReplicationFactor, 99, u32) \ -_(className, 100, string) \ -_(classificationEngineId, 101, u8) \ -_(layer2packetSectionOffset, 102, u16) \ -_(layer2packetSectionSize, 103, u16) \ -_(layer2packetSectionData, 104, octetArray) \ -_(bgpNextAdjacentAsNumber, 128, u32) \ -_(bgpPrevAdjacentAsNumber, 129, u32) \ -_(exporterIPv4Address, 130, ip4_address_t) \ -_(exporterIPv6Address, 131, ip6_address_t) \ -_(droppedOctetDeltaCount, 132, u64) \ -_(droppedPacketDeltaCount, 133, u64) \ -_(droppedOctetTotalCount, 134, u64) \ -_(droppedPacketTotalCount, 135, u64) \ -_(flowEndReason, 136, u8) \ -_(commonPropertiesId, 137, u64) \ -_(observationPointId, 138, u64) \ -_(icmpTypeCodeIPv6, 139, u16) \ -_(mplsTopLabelIPv6Address, 140, ip6_address_t) \ -_(lineCardId, 141, u32) \ -_(portId, 142, u32) \ -_(meteringProcessId, 143, u32) \ -_(exportingProcessId, 144, u32) \ -_(templateId, 145, u16) \ -_(wlanChannelId, 146, u8) \ -_(wlanSSID, 147, string) \ -_(flowId, 148, u64) \ -_(observationDomainId, 149, u32) \ -_(flowStartSeconds, 150, dateTimeSeconds) \ -_(flowEndSeconds, 151, dateTimeSeconds) \ -_(flowStartMilliseconds, 152, dateTimeMilliseconds) \ -_(flowEndMilliseconds, 153, dateTimeMilliseconds) \ -_(flowStartMicroseconds, 154, dateTimeMicroseconds) \ -_(flowEndMicroseconds, 155, dateTimeMicroseconds) \ -_(flowStartNanoseconds, 156, dateTimeNanoseconds) \ -_(flowEndNanoseconds, 157, dateTimeNanoseconds) \ -_(flowStartDeltaMicroseconds, 158, u32) \ -_(flowEndDeltaMicroseconds, 159, u32) \ -_(systemInitTimeMilliseconds, 160, dateTimeMilliseconds) \ -_(flowDurationMilliseconds, 161, u32) \ -_(flowDurationMicroseconds, 162, u32) \ -_(observedFlowTotalCount, 163, u64) \ -_(ignoredPacketTotalCount, 164, u64) \ -_(ignoredOctetTotalCount, 165, u64) \ -_(notSentFlowTotalCount, 166, u64) \ -_(notSentPacketTotalCount, 167, u64) \ -_(notSentOctetTotalCount, 168, u64) \ -_(destinationIPv6Prefix, 169, ip6_address_t) \ -_(sourceIPv6Prefix, 170, ip6_address_t) \ -_(postOctetTotalCount, 171, u64) \ -_(postPacketTotalCount, 172, u64) \ -_(flowKeyIndicator, 173, u64) \ -_(postMCastPacketTotalCount, 174, u64) \ -_(postMCastOctetTotalCount, 175, u64) \ -_(icmpTypeIPv4, 176, u8) \ -_(icmpCodeIPv4, 177, u8) \ -_(icmpTypeIPv6, 178, u8) \ -_(icmpCodeIPv6, 179, u8) \ -_(udpSourcePort, 180, u16) \ -_(udpDestinationPort, 181, u16) \ -_(tcpSourcePort, 182, u16) \ -_(tcpDestinationPort, 183, u16) \ -_(tcpSequenceNumber, 184, u32) \ -_(tcpAcknowledgementNumber, 185, u32) \ -_(tcpWindowSize, 186, u16) \ -_(tcpUrgentPointer, 187, u16) \ -_(tcpHeaderLength, 188, u8) \ -_(ipHeaderLength, 189, u8) \ -_(totalLengthIPv4, 190, u16) \ -_(payloadLengthIPv6, 191, u16) \ -_(ipTTL, 192, u8) \ -_(nextHeaderIPv6, 193, u8) \ -_(mplsPayloadLength, 194, u32) \ -_(ipDiffServCodePoint, 195, u8) \ -_(ipPrecedence, 196, u8) \ -_(fragmentFlags, 197, u8) \ -_(octetDeltaSumOfSquares, 198, u64) \ -_(octetTotalSumOfSquares, 199, u64) \ -_(mplsTopLabelTTL, 200, u8) \ -_(mplsLabelStackLength, 201, u32) \ -_(mplsLabelStackDepth, 202, u32) \ -_(mplsTopLabelExp, 203, u8) \ -_(ipPayloadLength, 204, u32) \ -_(udpMessageLength, 205, u16) \ -_(isMulticast, 206, u8) \ -_(ipv4IHL, 207, u8) \ -_(ipv4Options, 208, u32) \ -_(tcpOptions, 209, u64) \ -_(paddingOctets, 210, octetArray) \ -_(collectorIPv4Address, 211, ip4_address_t) \ -_(collectorIPv6Address, 212, ip6_address_t) \ -_(exportInterface, 213, u32) \ -_(exportProtocolVersion, 214, u8) \ -_(exportTransportProtocol, 215, u8) \ -_(collectorTransportPort, 216, u16) \ -_(exporterTransportPort, 217, u16) \ -_(tcpSynTotalCount, 218, u64) \ -_(tcpFinTotalCount, 219, u64) \ -_(tcpRstTotalCount, 220, u64) \ -_(tcpPshTotalCount, 221, u64) \ -_(tcpAckTotalCount, 222, u64) \ -_(tcpUrgTotalCount, 223, u64) \ -_(ipTotalLength, 224, u64) \ -_(postNATSourceIPv4Address, 225, ip4_address_t) \ -_(postNATDestinationIPv4Address, 226, ip4_address_t) \ -_(postNAPTSourceTransportPort, 227, u16) \ -_(postNAPTDestinationTransportPort, 228, u16) \ -_(natOriginatingAddressRealm, 229, u8) \ -_(natEvent, 230, u8) \ -_(initiatorOctets, 231, u64) \ -_(responderOctets, 232, u64) \ -_(firewallEvent, 233, u8) \ -_(ingressVRFID, 234, u32) \ -_(egressVRFID, 235, u32) \ -_(VRFname, 236, string) \ -_(postMplsTopLabelExp, 237, u8) \ -_(tcpWindowScale, 238, u16) \ -_(biflowDirection, 239, u8) \ -_(ethernetHeaderLength, 240, u8) \ -_(ethernetPayloadLength, 241, u16) \ -_(ethernetTotalLength, 242, u16) \ -_(dot1qVlanId, 243, u16) \ -_(dot1qPriority, 244, u8) \ -_(dot1qCustomerVlanId, 245, u16) \ -_(dot1qCustomerPriority, 246, u8) \ -_(metroEvcId, 247, string) \ -_(metroEvcType, 248, u8) \ -_(pseudoWireId, 249, u32) \ -_(pseudoWireType, 250, u16) \ -_(pseudoWireControlWord, 251, u32) \ -_(ingressPhysicalInterface, 252, u32) \ -_(egressPhysicalInterface, 253, u32) \ -_(postDot1qVlanId, 254, u16) \ -_(postDot1qCustomerVlanId, 255, u16) \ -_(ethernetType, 256, u16) \ -_(postIpPrecedence, 257, u8) \ -_(collectionTimeMilliseconds, 258, dateTimeMilliseconds) \ -_(exportSctpStreamId, 259, u16) \ -_(maxExportSeconds, 260, dateTimeSeconds) \ -_(maxFlowEndSeconds, 261, dateTimeSeconds) \ -_(messageMD5Checksum, 262, octetArray) \ -_(messageScope, 263, u8) \ -_(minExportSeconds, 264, dateTimeSeconds) \ -_(minFlowStartSeconds, 265, dateTimeSeconds) \ -_(opaqueOctets, 266, octetArray) \ -_(sessionScope, 267, u8) \ -_(maxFlowEndMicroseconds, 268, dateTimeMicroseconds) \ -_(maxFlowEndMilliseconds, 269, dateTimeMilliseconds) \ -_(maxFlowEndNanoseconds, 270, dateTimeNanoseconds) \ -_(minFlowStartMicroseconds, 271, dateTimeMicroseconds) \ -_(minFlowStartMilliseconds, 272, dateTimeMilliseconds) \ -_(minFlowStartNanoseconds, 273, dateTimeNanoseconds) \ -_(collectorCertificate, 274, octetArray) \ -_(exporterCertificate, 275, octetArray) \ -_(dataRecordsReliability, 276, boolean) \ -_(observationPointType, 277, u8) \ -_(newConnectionDeltaCount, 278, u32) \ -_(connectionSumDurationSeconds, 279, u64) \ -_(connectionTransactionId, 280, u64) \ -_(postNATSourceIPv6Address, 281, ip6_address_t) \ -_(postNATDestinationIPv6Address, 282, ip6_address_t) \ -_(natPoolId, 283, u32) \ -_(natPoolName, 284, string) \ -_(anonymizationFlags, 285, u16) \ -_(anonymizationTechnique, 286, u16) \ -_(informationElementIndex, 287, u16) \ -_(p2pTechnology, 288, string) \ -_(tunnelTechnology, 289, string) \ -_(encryptedTechnology, 290, string) \ -_(basicList, 291, basicList) \ -_(subTemplateList, 292, subTemplateList) \ -_(subTemplateMultiList, 293, subTemplateMultiList) \ -_(bgpValidityState, 294, u8) \ -_(IPSecSPI, 295, u32) \ -_(greKey, 296, u32) \ -_(natType, 297, u8) \ -_(initiatorPackets, 298, u64) \ -_(responderPackets, 299, u64) \ -_(observationDomainName, 300, string) \ -_(selectionSequenceId, 301, u64) \ -_(selectorId, 302, u64) \ -_(informationElementId, 303, u16) \ -_(selectorAlgorithm, 304, u16) \ -_(samplingPacketInterval, 305, u32) \ -_(samplingPacketSpace, 306, u32) \ -_(samplingTimeInterval, 307, u32) \ -_(samplingTimeSpace, 308, u32) \ -_(samplingSize, 309, u32) \ -_(samplingPopulation, 310, u32) \ -_(samplingProbability, 311, float64) \ -_(dataLinkFrameSize, 312, u16) \ -_(ipHeaderPacketSection, 313, octetArray) \ -_(ipPayloadPacketSection, 314, octetArray) \ -_(dataLinkFrameSection, 315, octetArray) \ -_(mplsLabelStackSection, 316, octetArray) \ -_(mplsPayloadPacketSection, 317, octetArray) \ -_(selectorIdTotalPktsObserved, 318, u64) \ -_(selectorIdTotalPktsSelected, 319, u64) \ -_(absoluteError, 320, float64) \ -_(relativeError, 321, float64) \ -_(observationTimeSeconds, 322, dateTimeSeconds) \ -_(observationTimeMilliseconds, 323, dateTimeMilliseconds) \ -_(observationTimeMicroseconds, 324, dateTimeMicroseconds) \ -_(observationTimeNanoseconds, 325, dateTimeNanoseconds) \ -_(digestHashValue, 326, u64) \ -_(hashIPPayloadOffset, 327, u64) \ -_(hashIPPayloadSize, 328, u64) \ -_(hashOutputRangeMin, 329, u64) \ -_(hashOutputRangeMax, 330, u64) \ -_(hashSelectedRangeMin, 331, u64) \ -_(hashSelectedRangeMax, 332, u64) \ -_(hashDigestOutput, 333, boolean) \ -_(hashInitialiserValue, 334, u64) \ -_(selectorName, 335, string) \ -_(upperCILimit, 336, float64) \ -_(lowerCILimit, 337, float64) \ -_(confidenceLevel, 338, float64) \ -_(informationElementDataType, 339, u8) \ -_(informationElementDescription, 340, string) \ -_(informationElementName, 341, string) \ -_(informationElementRangeBegin, 342, u64) \ -_(informationElementRangeEnd, 343, u64) \ -_(informationElementSemantics, 344, u8) \ -_(informationElementUnits, 345, u16) \ -_(privateEnterpriseNumber, 346, u32) \ -_(virtualStationInterfaceId, 347, octetArray) \ -_(virtualStationInterfaceName, 348, string) \ -_(virtualStationUUID, 349, octetArray) \ -_(virtualStationName, 350, string) \ -_(layer2SegmentId, 351, u64) \ -_(layer2OctetDeltaCount, 352, u64) \ -_(layer2OctetTotalCount, 353, u64) \ -_(ingressUnicastPacketTotalCount, 354, u64) \ -_(ingressMulticastPacketTotalCount, 355, u64) \ -_(ingressBroadcastPacketTotalCount, 356, u64) \ -_(egressUnicastPacketTotalCount, 357, u64) \ -_(egressBroadcastPacketTotalCount, 358, u64) \ -_(monitoringIntervalStartMilliSeconds, 359, dateTimeMilliseconds) \ -_(monitoringIntervalEndMilliSeconds, 360, dateTimeMilliseconds) \ -_(portRangeStart, 361, u16) \ -_(portRangeEnd, 362, u16) \ -_(portRangeStepSize, 363, u16) \ -_(portRangeNumPorts, 364, u16) \ -_(staMacAddress, 365, macAddress) \ -_(staIPv4Address, 366, ip4_address_t) \ -_(wtpMacAddress, 367, macAddress ) \ -_(ingressInterfaceType, 368, u32) \ -_(egressInterfaceType, 369, u32) \ -_(rtpSequenceNumber, 370, u16) \ -_(userName, 371, string) \ -_(applicationCategoryName, 372, string) \ -_(applicationSubCategoryName, 373, string) \ -_(applicationGroupName, 374, string) \ -_(originalFlowsPresent, 375, u64) \ -_(originalFlowsInitiated, 376, u64) \ -_(originalFlowsCompleted, 377, u64) \ -_(distinctCountOfSourceIPAddress, 378, u64) \ -_(distinctCountOfDestinationIPAddress, 379, u64) \ -_(distinctCountOfSourceIPv4Address, 380, u32) \ -_(distinctCountOfDestinationIPv4Address, 381, u32) \ -_(distinctCountOfSourceIPv6Address, 382, u64) \ -_(distinctCountOfDestinationIPv6Address, 383, u64) \ -_(valueDistributionMethod, 384, u8) \ -_(rfc3550JitterMilliseconds, 385, u32) \ -_(rfc3550JitterMicroseconds, 386, u32) \ -_(rfc3550JitterNanoseconds, 387, u32) \ -_(dot1qDEI, 388, boolean) \ -_(dot1qCustomerDEI, 389, boolean) \ -_(flowSelectorAlgorithm, 390, u16) \ -_(flowSelectedOctetDeltaCount, 391, u64) \ -_(flowSelectedPacketDeltaCount, 392, u64) \ -_(flowSelectedFlowDeltaCount, 393, u64) \ -_(selectorIDTotalFlowsObserved, 394, u64) \ -_(selectorIDTotalFlowsSelected, 395, u64) \ -_(samplingFlowInterval, 396, u64) \ -_(samplingFlowSpacing, 397, u64) \ -_(flowSamplingTimeInterval, 398, u64) \ -_(flowSamplingTimeSpacing, 399, u64) \ -_(hashFlowDomain, 400, u16) \ -_(transportOctetDeltaCount, 401, u64) \ -_(transportPacketDeltaCount, 402, u64) \ -_(originalExporterIPv4Address, 403, ip4_address_t) \ -_(originalExporterIPv6Address, 404, ip6_address_t) \ -_(originalObservationDomainId, 405, u32) \ -_(intermediateProcessId, 406, u32) \ -_(ignoredDataRecordTotalCount, 407, u64) \ -_(dataLinkFrameType, 408, u16) \ -_(sectionOffset, 409, u16) \ -_(sectionExportedOctets, 410, u16) \ -_(dot1qServiceInstanceTag, 411, octetArray) \ -_(dot1qServiceInstanceId, 412, u32) \ -_(dot1qServiceInstancePriority, 413, u8) \ -_(dot1qCustomerSourceMacAddress, 414, macAddress) \ -_(dot1qCustomerDestinationMacAddress, 415, macAddress) \ -_(postLayer2OctetDeltaCount, 417, u64) \ -_(postMCastLayer2OctetDeltaCount, 418, u64) \ -_(postLayer2OctetTotalCount, 420, u64) \ -_(postMCastLayer2OctetTotalCount, 421, u64) \ -_(minimumLayer2TotalLength, 422, u64) \ -_(maximumLayer2TotalLength, 423, u64) \ -_(droppedLayer2OctetDeltaCount, 424, u64) \ -_(droppedLayer2OctetTotalCount, 425, u64) \ -_(ignoredLayer2OctetTotalCount, 426, u64) \ -_(notSentLayer2OctetTotalCount, 427, u64) \ -_(layer2OctetDeltaSumOfSquares, 428, u64) \ -_(layer2OctetTotalSumOfSquares, 429, u64) \ -_(layer2FrameDeltaCount, 430, u64) \ -_(layer2FrameTotalCount, 431, u64) \ -_(pseudoWireDestinationIPv4Address, 432, ip4_address_t) \ -_(ignoredLayer2FrameTotalCount, 433, u64) \ -_(natQuotaExceededEvent, 466, u32) \ -_(maxSessionEntries, 471, u32) \ -_(maxBIBEntries, 472, u32) \ -_(maxEntriesPerUser, 473, u32) \ -_(maxFragmentsPendingReassembly, 475, u32) - -typedef enum -{ -#define _(n,v,t) n = v, - foreach_ipfix_info_element_t -#undef _ -} ipfix_info_element_id_t; - -#endif /* __included_ipfix_info_elements_h__ */ - -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/flow/ipfix_packet.h b/src/vnet/flow/ipfix_packet.h deleted file mode 100644 index a50d86ea379..00000000000 --- a/src/vnet/flow/ipfix_packet.h +++ /dev/null @@ -1,206 +0,0 @@ -/* - * Copyright (c) 2015 Cisco and/or its affiliates. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __included_ipfix_packet_h__ -#define __included_ipfix_packet_h__ - -#include - -/* From RFC-7011: - * https://tools.ietf.org/html/rfc7011 - */ - -typedef struct -{ - u32 version_length; - u32 export_time; - u32 sequence_number; - u32 domain_id; -} ipfix_message_header_t; - -static inline u32 -version_length (u16 length) -{ - return clib_host_to_net_u32 (0x000a0000 | length); -} - - -/* - * The Field Specifier format is shown in Figure G. - * - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * |E| Information Element ident. | Field Length | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Enterprise Number | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * - * Figure G: Field Specifier Format - * - * Where: - * - * E - * - * Enterprise bit. This is the first bit of the Field Specifier. If - * this bit is zero, the Information Element identifier identifies an - * Information Element in [IANA-IPFIX], and the four-octet Enterprise - * Number field MUST NOT be present. If this bit is one, the - * Information Element identifier identifies an enterprise-specific - * Information Element, and the Enterprise Number field MUST be - * present. - */ - -typedef struct -{ - u32 e_id_length; - u32 enterprise; -} ipfix_enterprise_field_specifier_t; - -typedef struct -{ - u32 e_id_length; -} ipfix_field_specifier_t; - -static inline u32 -ipfix_e_id_length (int e, u16 id, u16 length) -{ - u32 value; - value = (e << 31) | ((id & 0x7FFF) << 16) | length; - return clib_host_to_net_u32 (value); -} - -/* - * Every Set contains a common header. This header is defined in - * Figure I. - * - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Set ID | Length | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * - * Figure I: Set Header Format - * - * Each Set Header field is exported in network format. The fields are - * defined as follows: - * - * Set ID - * - * Identifies the Set. A value of 2 is reserved for Template Sets. - * A value of 3 is reserved for Options Template Sets. Values from 4 - * to 255 are reserved for future use. Values 256 and above are used - * for Data Sets. The Set ID values of 0 and 1 are not used, for - * historical reasons [RFC3954]. - * - * Length - * - * Total length of the Set, in octets, including the Set Header, all - * records, and the optional padding. Because an individual Set MAY - * contain multiple records, the Length value MUST be used to - * determine the position of the next Set. - */ - -typedef struct -{ - u32 set_id_length; -} ipfix_set_header_t; - -static inline u32 -ipfix_set_id_length (u16 set_id, u16 length) -{ - return clib_host_to_net_u32 ((set_id << 16) | length); -} - -/* - * The format of the Template Record is shown in Figure J. It consists - * of a Template Record Header and one or more Field Specifiers. Field - * Specifiers are defined in Figure G above. - * - * +--------------------------------------------------+ - * | Template Record Header | - * +--------------------------------------------------+ - * | Field Specifier | - * +--------------------------------------------------+ - * | Field Specifier | - * +--------------------------------------------------+ - * ... - * +--------------------------------------------------+ - * | Field Specifier | - * +--------------------------------------------------+ - * - * Figure J: Template Record Format - * - * The format of the Template Record Header is shown in Figure K. - * - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Template ID (> 255) | Field Count | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * - * Figure K: Template Record Header Format - * - * The Template Record Header Field definitions are as follows: - * - * Template ID - * - * Each Template Record is given a unique Template ID in the range - * 256 to 65535. This uniqueness is local to the Transport Session - * and Observation Domain that generated the Template ID. Since - * Template IDs are used as Set IDs in the Sets they describe (see - * Section 3.4.3), values 0-255 are reserved for special Set types - * (e.g., Template Sets themselves), and Templates and Options - * Templates (see Section 3.4.2) cannot share Template IDs within a - * Transport Session and Observation Domain. There are no - * constraints regarding the order of the Template ID allocation. As - * Exporting Processes are free to allocate Template IDs as they see - * fit, Collecting Processes MUST NOT assume incremental Template - * IDs, or anything about the contents of a Template based on its - * Template ID alone. - * - * Field Count - * - * Number of fields in this Template Record. - */ - -typedef struct -{ - u32 id_count; -} ipfix_template_header_t; - -static inline u32 -ipfix_id_count (u16 id, u16 count) -{ - return clib_host_to_net_u32 ((id << 16) | count); -} - -/* Template packet */ -typedef struct -{ - ipfix_message_header_t h; - ipfix_set_header_t s; - ipfix_template_header_t t; - ipfix_field_specifier_t fields[0]; -} ipfix_template_packet_t; - -#endif /* __included_ipfix_packet_h__ */ - -/* - * fd.io coding-style-patch-verification: ON - * - * Local Variables: - * eval: (c-set-style "gnu") - * End: - */ diff --git a/src/vnet/ipfix-export/flow_api.c b/src/vnet/ipfix-export/flow_api.c new file mode 100644 index 00000000000..e6446ef7033 --- /dev/null +++ b/src/vnet/ipfix-export/flow_api.c @@ -0,0 +1,396 @@ +/* + *------------------------------------------------------------------ + * flow_api.c - flow api + * + * Copyright (c) 2016 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + *------------------------------------------------------------------ + */ + +#include +#include + +#include +#include + +#include +#include +#include + +#include + +#define vl_typedefs /* define message structures */ +#include +#undef vl_typedefs + +#define vl_endianfun /* define message structures */ +#include +#undef vl_endianfun + +/* instantiate all the print functions we know about */ +#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__) +#define vl_printfun +#include +#undef vl_printfun + +#include + +#define foreach_vpe_api_msg \ +_(SET_IPFIX_EXPORTER, set_ipfix_exporter) \ +_(IPFIX_EXPORTER_DUMP, ipfix_exporter_dump) \ +_(SET_IPFIX_CLASSIFY_STREAM, set_ipfix_classify_stream) \ +_(IPFIX_CLASSIFY_STREAM_DUMP, ipfix_classify_stream_dump) \ +_(IPFIX_CLASSIFY_TABLE_ADD_DEL, ipfix_classify_table_add_del) \ +_(IPFIX_CLASSIFY_TABLE_DUMP, ipfix_classify_table_dump) + +static void +vl_api_set_ipfix_exporter_t_handler (vl_api_set_ipfix_exporter_t * mp) +{ + vlib_main_t *vm = vlib_get_main (); + flow_report_main_t *frm = &flow_report_main; + vl_api_set_ipfix_exporter_reply_t *rmp; + ip4_address_t collector, src; + u16 collector_port = UDP_DST_PORT_ipfix; + u32 path_mtu; + u32 template_interval; + u8 udp_checksum; + u32 fib_id; + u32 fib_index = ~0; + int rv = 0; + + memcpy (collector.data, mp->collector_address, sizeof (collector.data)); + collector_port = ntohs (mp->collector_port); + if (collector_port == (u16) ~ 0) + collector_port = UDP_DST_PORT_ipfix; + memcpy (src.data, mp->src_address, sizeof (src.data)); + fib_id = ntohl (mp->vrf_id); + + ip4_main_t *im = &ip4_main; + if (fib_id == ~0) + { + fib_index = ~0; + } + else + { + uword *p = hash_get (im->fib_index_by_table_id, fib_id); + if (!p) + { + rv = VNET_API_ERROR_NO_SUCH_FIB; + goto out; + } + fib_index = p[0]; + } + + path_mtu = ntohl (mp->path_mtu); + if (path_mtu == ~0) + path_mtu = 512; // RFC 7011 section 10.3.3. + template_interval = ntohl (mp->template_interval); + if (template_interval == ~0) + template_interval = 20; + udp_checksum = mp->udp_checksum; + + if (collector.as_u32 == 0) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto out; + } + + if (src.as_u32 == 0) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto out; + } + + if (path_mtu > 1450 /* vpp does not support fragmentation */ ) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto out; + } + + if (path_mtu < 68) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto out; + } + + /* Reset report streams if we are reconfiguring IP addresses */ + if (frm->ipfix_collector.as_u32 != collector.as_u32 || + frm->src_address.as_u32 != src.as_u32 || + frm->collector_port != collector_port) + vnet_flow_reports_reset (frm); + + frm->ipfix_collector.as_u32 = collector.as_u32; + frm->collector_port = collector_port; + frm->src_address.as_u32 = src.as_u32; + frm->fib_index = fib_index; + frm->path_mtu = path_mtu; + frm->template_interval = template_interval; + frm->udp_checksum = udp_checksum; + + /* Turn on the flow reporting process */ + vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0); + +out: + REPLY_MACRO (VL_API_SET_IPFIX_EXPORTER_REPLY); +} + +static void +vl_api_ipfix_exporter_dump_t_handler (vl_api_ipfix_exporter_dump_t * mp) +{ + flow_report_main_t *frm = &flow_report_main; + vl_api_registration_t *reg; + vl_api_ipfix_exporter_details_t *rmp; + ip4_main_t *im = &ip4_main; + u32 vrf_id; + + reg = vl_api_client_index_to_registration (mp->client_index); + if (!reg) + return;; + + rmp = vl_msg_api_alloc (sizeof (*rmp)); + memset (rmp, 0, sizeof (*rmp)); + rmp->_vl_msg_id = ntohs (VL_API_IPFIX_EXPORTER_DETAILS); + rmp->context = mp->context; + memcpy (rmp->collector_address, frm->ipfix_collector.data, + sizeof (frm->ipfix_collector.data)); + rmp->collector_port = htons (frm->collector_port); + memcpy (rmp->src_address, frm->src_address.data, + sizeof (frm->src_address.data)); + if (frm->fib_index == ~0) + vrf_id = ~0; + else + vrf_id = im->fibs[frm->fib_index].ft_table_id; + rmp->vrf_id = htonl (vrf_id); + rmp->path_mtu = htonl (frm->path_mtu); + rmp->template_interval = htonl (frm->template_interval); + rmp->udp_checksum = (frm->udp_checksum != 0); + + vl_api_send_msg (reg, (u8 *) rmp); +} + +static void + vl_api_set_ipfix_classify_stream_t_handler + (vl_api_set_ipfix_classify_stream_t * mp) +{ + vl_api_set_ipfix_classify_stream_reply_t *rmp; + flow_report_classify_main_t *fcm = &flow_report_classify_main; + flow_report_main_t *frm = &flow_report_main; + u32 domain_id = 0; + u32 src_port = UDP_DST_PORT_ipfix; + int rv = 0; + + domain_id = ntohl (mp->domain_id); + src_port = ntohs (mp->src_port); + + if (fcm->src_port != 0 && + (fcm->domain_id != domain_id || fcm->src_port != (u16) src_port)) + { + int rv = vnet_stream_change (frm, fcm->domain_id, fcm->src_port, + domain_id, (u16) src_port); + ASSERT (rv == 0); + } + + fcm->domain_id = domain_id; + fcm->src_port = (u16) src_port; + + REPLY_MACRO (VL_API_SET_IPFIX_CLASSIFY_STREAM_REPLY); +} + +static void + vl_api_ipfix_classify_stream_dump_t_handler + (vl_api_ipfix_classify_stream_dump_t * mp) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + vl_api_registration_t *reg; + vl_api_ipfix_classify_stream_details_t *rmp; + + reg = vl_api_client_index_to_registration (mp->client_index); + if (!reg) + return; + + rmp = vl_msg_api_alloc (sizeof (*rmp)); + memset (rmp, 0, sizeof (*rmp)); + rmp->_vl_msg_id = ntohs (VL_API_IPFIX_CLASSIFY_STREAM_DETAILS); + rmp->context = mp->context; + rmp->domain_id = htonl (fcm->domain_id); + rmp->src_port = htons (fcm->src_port); + + vl_api_send_msg (reg, (u8 *) rmp); +} + +static void + vl_api_ipfix_classify_table_add_del_t_handler + (vl_api_ipfix_classify_table_add_del_t * mp) +{ + vl_api_ipfix_classify_table_add_del_reply_t *rmp; + flow_report_classify_main_t *fcm = &flow_report_classify_main; + flow_report_main_t *frm = &flow_report_main; + vnet_flow_report_add_del_args_t args; + ipfix_classify_table_t *table; + int is_add; + u32 classify_table_index; + u8 ip_version; + u8 transport_protocol; + int rv = 0; + + classify_table_index = ntohl (mp->table_id); + ip_version = mp->ip_version; + transport_protocol = mp->transport_protocol; + is_add = mp->is_add; + + if (fcm->src_port == 0) + { + /* call set_ipfix_classify_stream first */ + rv = VNET_API_ERROR_UNSPECIFIED; + goto out; + } + + memset (&args, 0, sizeof (args)); + + table = 0; + int i; + for (i = 0; i < vec_len (fcm->tables); i++) + if (ipfix_classify_table_index_valid (i)) + if (fcm->tables[i].classify_table_index == classify_table_index) + { + table = &fcm->tables[i]; + break; + } + + if (is_add) + { + if (table) + { + rv = VNET_API_ERROR_VALUE_EXIST; + goto out; + } + table = ipfix_classify_add_table (); + table->classify_table_index = classify_table_index; + } + else + { + if (!table) + { + rv = VNET_API_ERROR_NO_SUCH_ENTRY; + goto out; + } + } + + table->ip_version = ip_version; + table->transport_protocol = transport_protocol; + + args.opaque.as_uword = table - fcm->tables; + args.rewrite_callback = ipfix_classify_template_rewrite; + args.flow_data_callback = ipfix_classify_send_flows; + args.is_add = is_add; + args.domain_id = fcm->domain_id; + args.src_port = fcm->src_port; + + rv = vnet_flow_report_add_del (frm, &args, NULL); + + /* If deleting, or add failed */ + if (is_add == 0 || (rv && is_add)) + ipfix_classify_delete_table (table - fcm->tables); + +out: + REPLY_MACRO (VL_API_SET_IPFIX_CLASSIFY_STREAM_REPLY); +} + +static void +send_ipfix_classify_table_details (u32 table_index, + vl_api_registration_t * reg, u32 context) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + vl_api_ipfix_classify_table_details_t *mp; + + ipfix_classify_table_t *table = &fcm->tables[table_index]; + + mp = vl_msg_api_alloc (sizeof (*mp)); + memset (mp, 0, sizeof (*mp)); + mp->_vl_msg_id = ntohs (VL_API_IPFIX_CLASSIFY_TABLE_DETAILS); + mp->context = context; + mp->table_id = htonl (table->classify_table_index); + mp->ip_version = table->ip_version; + mp->transport_protocol = table->transport_protocol; + + vl_api_send_msg (reg, (u8 *) mp); +} + +static void + vl_api_ipfix_classify_table_dump_t_handler + (vl_api_ipfix_classify_table_dump_t * mp) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + vl_api_registration_t *reg; + u32 i; + + reg = vl_api_client_index_to_registration (mp->client_index); + if (!reg) + return; + + for (i = 0; i < vec_len (fcm->tables); i++) + if (ipfix_classify_table_index_valid (i)) + send_ipfix_classify_table_details (i, reg, mp->context); +} + +/* + * flow_api_hookup + * Add vpe's API message handlers to the table. + * vlib has alread mapped shared memory and + * added the client registration handlers. + * See .../vlib-api/vlibmemory/memclnt_vlib.c:memclnt_process() + */ +#define vl_msg_name_crc_list +#include +#undef vl_msg_name_crc_list + +static void +setup_message_id_table (api_main_t * am) +{ +#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id); + foreach_vl_msg_name_crc_ipfix_export; +#undef _ +} + +static clib_error_t * +flow_api_hookup (vlib_main_t * vm) +{ + api_main_t *am = &api_main; + +#define _(N,n) \ + vl_msg_api_set_handlers(VL_API_##N, #n, \ + vl_api_##n##_t_handler, \ + vl_noop_handler, \ + vl_api_##n##_t_endian, \ + vl_api_##n##_t_print, \ + sizeof(vl_api_##n##_t), 1); + foreach_vpe_api_msg; +#undef _ + + /* + * Set up the (msg_name, crc, message-id) table + */ + setup_message_id_table (am); + + return 0; +} + +VLIB_API_INIT_FUNCTION (flow_api_hookup); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/flow_report.c b/src/vnet/ipfix-export/flow_report.c new file mode 100644 index 00000000000..793eedaeb38 --- /dev/null +++ b/src/vnet/ipfix-export/flow_report.c @@ -0,0 +1,529 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * flow_report.c + */ +#include +#include + +flow_report_main_t flow_report_main; + +static_always_inline u8 +stream_index_valid (u32 index) +{ + flow_report_main_t *frm = &flow_report_main; + return index < vec_len (frm->streams) && + frm->streams[index].domain_id != ~0; +} + +static_always_inline flow_report_stream_t * +add_stream (void) +{ + flow_report_main_t *frm = &flow_report_main; + u32 i; + for (i = 0; i < vec_len (frm->streams); i++) + if (!stream_index_valid (i)) + return &frm->streams[i]; + u32 index = vec_len (frm->streams); + vec_validate (frm->streams, index); + return &frm->streams[index]; +} + +static_always_inline void +delete_stream (u32 index) +{ + flow_report_main_t *frm = &flow_report_main; + ASSERT (index < vec_len (frm->streams)); + ASSERT (frm->streams[index].domain_id != ~0); + frm->streams[index].domain_id = ~0; +} + +static i32 +find_stream (u32 domain_id, u16 src_port) +{ + flow_report_main_t *frm = &flow_report_main; + flow_report_stream_t *stream; + u32 i; + for (i = 0; i < vec_len (frm->streams); i++) + if (stream_index_valid (i)) + { + stream = &frm->streams[i]; + if (domain_id == stream->domain_id) + { + if (src_port != stream->src_port) + return -2; + return i; + } + else if (src_port == stream->src_port) + { + return -2; + } + } + return -1; +} + +int +send_template_packet (flow_report_main_t * frm, + flow_report_t * fr, u32 * buffer_indexp) +{ + u32 bi0; + vlib_buffer_t *b0; + ip4_ipfix_template_packet_t *tp; + ipfix_message_header_t *h; + ip4_header_t *ip; + udp_header_t *udp; + vlib_main_t *vm = frm->vlib_main; + flow_report_stream_t *stream; + vlib_buffer_free_list_t *fl; + + ASSERT (buffer_indexp); + + if (fr->update_rewrite || fr->rewrite == 0) + { + if (frm->ipfix_collector.as_u32 == 0 || frm->src_address.as_u32 == 0) + { + vlib_node_set_state (frm->vlib_main, flow_report_process_node.index, + VLIB_NODE_STATE_DISABLED); + return -1; + } + vec_free (fr->rewrite); + fr->update_rewrite = 1; + } + + if (fr->update_rewrite) + { + fr->rewrite = fr->rewrite_callback (frm, fr, + &frm->ipfix_collector, + &frm->src_address, + frm->collector_port); + fr->update_rewrite = 0; + } + + if (vlib_buffer_alloc (vm, &bi0, 1) != 1) + return -1; + + b0 = vlib_get_buffer (vm, bi0); + + /* Initialize the buffer */ + fl = vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX); + vlib_buffer_init_for_free_list (b0, fl); + VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0); + + ASSERT (vec_len (fr->rewrite) < VLIB_BUFFER_DEFAULT_FREE_LIST_BYTES); + + clib_memcpy (b0->data, fr->rewrite, vec_len (fr->rewrite)); + b0->current_data = 0; + b0->current_length = vec_len (fr->rewrite); + b0->flags |= (VLIB_BUFFER_TOTAL_LENGTH_VALID | VNET_BUFFER_F_FLOW_REPORT); + vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0; + vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index; + + tp = vlib_buffer_get_current (b0); + ip = (ip4_header_t *) & tp->ip4; + udp = (udp_header_t *) (ip + 1); + h = (ipfix_message_header_t *) (udp + 1); + + /* FIXUP: message header export_time */ + h->export_time = (u32) + (((f64) frm->unix_time_0) + + (vlib_time_now (frm->vlib_main) - frm->vlib_time_0)); + h->export_time = clib_host_to_net_u32 (h->export_time); + + stream = &frm->streams[fr->stream_index]; + + /* FIXUP: message header sequence_number. Templates do not increase it */ + h->sequence_number = clib_host_to_net_u32 (stream->sequence_number); + + /* FIXUP: udp length */ + udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip)); + + if (frm->udp_checksum) + { + /* RFC 7011 section 10.3.2. */ + udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip); + if (udp->checksum == 0) + udp->checksum = 0xffff; + } + + *buffer_indexp = bi0; + + fr->last_template_sent = vlib_time_now (vm); + + return 0; +} + +static uword +flow_report_process (vlib_main_t * vm, + vlib_node_runtime_t * rt, vlib_frame_t * f) +{ + flow_report_main_t *frm = &flow_report_main; + flow_report_t *fr; + u32 ip4_lookup_node_index; + vlib_node_t *ip4_lookup_node; + vlib_frame_t *nf = 0; + u32 template_bi; + u32 *to_next; + int send_template; + f64 now; + int rv; + uword event_type; + uword *event_data = 0; + + /* Wait for Godot... */ + vlib_process_wait_for_event_or_clock (vm, 1e9); + event_type = vlib_process_get_events (vm, &event_data); + if (event_type != 1) + clib_warning ("bogus kickoff event received, %d", event_type); + vec_reset_length (event_data); + + /* Enqueue pkts to ip4-lookup */ + ip4_lookup_node = vlib_get_node_by_name (vm, (u8 *) "ip4-lookup"); + ip4_lookup_node_index = ip4_lookup_node->index; + + while (1) + { + vlib_process_wait_for_event_or_clock (vm, 5.0); + event_type = vlib_process_get_events (vm, &event_data); + vec_reset_length (event_data); + + vec_foreach (fr, frm->reports) + { + now = vlib_time_now (vm); + + /* Need to send a template packet? */ + send_template = + now > (fr->last_template_sent + frm->template_interval); + send_template += fr->last_template_sent == 0; + template_bi = ~0; + rv = 0; + + if (send_template) + rv = send_template_packet (frm, fr, &template_bi); + + if (rv < 0) + continue; + + nf = vlib_get_frame_to_node (vm, ip4_lookup_node_index); + nf->n_vectors = 0; + to_next = vlib_frame_vector_args (nf); + + if (template_bi != ~0) + { + to_next[0] = template_bi; + to_next++; + nf->n_vectors++; + } + + nf = fr->flow_data_callback (frm, fr, + nf, to_next, ip4_lookup_node_index); + if (nf) + vlib_put_frame_to_node (vm, ip4_lookup_node_index, nf); + } + } + + return 0; /* not so much */ +} + +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE (flow_report_process_node) = { + .function = flow_report_process, + .type = VLIB_NODE_TYPE_PROCESS, + .name = "flow-report-process", +}; +/* *INDENT-ON* */ + +int +vnet_flow_report_add_del (flow_report_main_t * frm, + vnet_flow_report_add_del_args_t * a, + u16 * template_id) +{ + int i; + int found_index = ~0; + flow_report_t *fr; + flow_report_stream_t *stream; + u32 si; + + si = find_stream (a->domain_id, a->src_port); + if (si == -2) + return VNET_API_ERROR_INVALID_VALUE; + if (si == -1 && a->is_add == 0) + return VNET_API_ERROR_NO_SUCH_ENTRY; + + for (i = 0; i < vec_len (frm->reports); i++) + { + fr = vec_elt_at_index (frm->reports, i); + if (fr->opaque.as_uword == a->opaque.as_uword + && fr->rewrite_callback == a->rewrite_callback + && fr->flow_data_callback == a->flow_data_callback) + { + found_index = i; + if (template_id) + *template_id = fr->template_id; + break; + } + } + + if (a->is_add == 0) + { + if (found_index != ~0) + { + vec_delete (frm->reports, 1, found_index); + stream = &frm->streams[si]; + stream->n_reports--; + if (stream->n_reports == 0) + delete_stream (si); + return 0; + } + return VNET_API_ERROR_NO_SUCH_ENTRY; + } + + if (found_index != ~0) + return VNET_API_ERROR_VALUE_EXIST; + + if (si == -1) + { + stream = add_stream (); + stream->domain_id = a->domain_id; + stream->src_port = a->src_port; + stream->sequence_number = 0; + stream->n_reports = 0; + si = stream - frm->streams; + } + else + stream = &frm->streams[si]; + + stream->n_reports++; + + vec_add2 (frm->reports, fr, 1); + + fr->stream_index = si; + fr->template_id = 256 + stream->next_template_no; + stream->next_template_no = (stream->next_template_no + 1) % (65536 - 256); + fr->update_rewrite = 1; + fr->opaque = a->opaque; + fr->rewrite_callback = a->rewrite_callback; + fr->flow_data_callback = a->flow_data_callback; + + if (template_id) + *template_id = fr->template_id; + + return 0; +} + +clib_error_t * +flow_report_add_del_error_to_clib_error (int error) +{ + switch (error) + { + case 0: + return 0; + case VNET_API_ERROR_NO_SUCH_ENTRY: + return clib_error_return (0, "Flow report not found"); + case VNET_API_ERROR_VALUE_EXIST: + return clib_error_return (0, "Flow report already exists"); + case VNET_API_ERROR_INVALID_VALUE: + return clib_error_return (0, "Expecting either still unused values " + "for both domain_id and src_port " + "or already used values for both fields"); + default: + return clib_error_return (0, "vnet_flow_report_add_del returned %d", + error); + } +} + +void +vnet_flow_reports_reset (flow_report_main_t * frm) +{ + flow_report_t *fr; + u32 i; + + for (i = 0; i < vec_len (frm->streams); i++) + if (stream_index_valid (i)) + frm->streams[i].sequence_number = 0; + + vec_foreach (fr, frm->reports) + { + fr->update_rewrite = 1; + fr->last_template_sent = 0; + } +} + +void +vnet_stream_reset (flow_report_main_t * frm, u32 stream_index) +{ + flow_report_t *fr; + + frm->streams[stream_index].sequence_number = 0; + + vec_foreach (fr, frm->reports) + if (frm->reports->stream_index == stream_index) + { + fr->update_rewrite = 1; + fr->last_template_sent = 0; + } +} + +int +vnet_stream_change (flow_report_main_t * frm, + u32 old_domain_id, u16 old_src_port, + u32 new_domain_id, u16 new_src_port) +{ + i32 stream_index = find_stream (old_domain_id, old_src_port); + if (stream_index < 0) + return 1; + flow_report_stream_t *stream = &frm->streams[stream_index]; + stream->domain_id = new_domain_id; + stream->src_port = new_src_port; + if (old_domain_id != new_domain_id || old_src_port != new_src_port) + vnet_stream_reset (frm, stream_index); + return 0; +} + +static clib_error_t * +set_ipfix_exporter_command_fn (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + flow_report_main_t *frm = &flow_report_main; + ip4_address_t collector, src; + u16 collector_port = UDP_DST_PORT_ipfix; + u32 fib_id; + u32 fib_index = ~0; + + collector.as_u32 = 0; + src.as_u32 = 0; + u32 path_mtu = 512; // RFC 7011 section 10.3.3. + u32 template_interval = 20; + u8 udp_checksum = 0; + + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "collector %U", unformat_ip4_address, &collector)) + ; + else if (unformat (input, "port %u", &collector_port)) + ; + else if (unformat (input, "src %U", unformat_ip4_address, &src)) + ; + else if (unformat (input, "fib-id %u", &fib_id)) + { + ip4_main_t *im = &ip4_main; + uword *p = hash_get (im->fib_index_by_table_id, fib_id); + if (!p) + return clib_error_return (0, "fib ID %d doesn't exist\n", fib_id); + fib_index = p[0]; + } + else if (unformat (input, "path-mtu %u", &path_mtu)) + ; + else if (unformat (input, "template-interval %u", &template_interval)) + ; + else if (unformat (input, "udp-checksum")) + udp_checksum = 1; + else + break; + } + + if (collector.as_u32 != 0 && src.as_u32 == 0) + return clib_error_return (0, "src address required"); + + if (path_mtu > 1450 /* vpp does not support fragmentation */ ) + return clib_error_return (0, "too big path-mtu value, maximum is 1450"); + + if (path_mtu < 68) + return clib_error_return (0, "too small path-mtu value, minimum is 68"); + + /* Reset report streams if we are reconfiguring IP addresses */ + if (frm->ipfix_collector.as_u32 != collector.as_u32 || + frm->src_address.as_u32 != src.as_u32 || + frm->collector_port != collector_port) + vnet_flow_reports_reset (frm); + + frm->ipfix_collector.as_u32 = collector.as_u32; + frm->collector_port = collector_port; + frm->src_address.as_u32 = src.as_u32; + frm->fib_index = fib_index; + frm->path_mtu = path_mtu; + frm->template_interval = template_interval; + frm->udp_checksum = udp_checksum; + + if (collector.as_u32) + vlib_cli_output (vm, "Collector %U, src address %U, " + "fib index %d, path MTU %u, " + "template resend interval %us, " + "udp checksum %s", + format_ip4_address, &frm->ipfix_collector, + format_ip4_address, &frm->src_address, + fib_index, path_mtu, template_interval, + udp_checksum ? "enabled" : "disabled"); + else + vlib_cli_output (vm, "IPFIX Collector is disabled"); + + /* Turn on the flow reporting process */ + vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0); + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (set_ipfix_exporter_command, static) = { + .path = "set ipfix exporter", + .short_help = "set ipfix exporter " + "collector [port ] " + "src [fib-id ] " + "[path-mtu ] " + "[template-interval ]", + "[udp-checksum]", + .function = set_ipfix_exporter_command_fn, +}; +/* *INDENT-ON* */ + + +static clib_error_t * +ipfix_flush_command_fn (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + /* poke the flow reporting process */ + vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0); + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (ipfix_flush_command, static) = { + .path = "ipfix flush", + .short_help = "flush the current ipfix data [for make test]", + .function = ipfix_flush_command_fn, +}; +/* *INDENT-ON* */ + +static clib_error_t * +flow_report_init (vlib_main_t * vm) +{ + flow_report_main_t *frm = &flow_report_main; + + frm->vlib_main = vm; + frm->vnet_main = vnet_get_main (); + frm->unix_time_0 = time (0); + frm->vlib_time_0 = vlib_time_now (frm->vlib_main); + frm->fib_index = ~0; + + return 0; +} + +VLIB_INIT_FUNCTION (flow_report_init) +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/flow_report.h b/src/vnet/ipfix-export/flow_report.h new file mode 100644 index 00000000000..b45ce06a880 --- /dev/null +++ b/src/vnet/ipfix-export/flow_report.h @@ -0,0 +1,159 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __included_vnet_flow_report_h__ +#define __included_vnet_flow_report_h__ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +/* Used to build the rewrite */ +typedef struct +{ + ip4_header_t ip4; + udp_header_t udp; + ipfix_template_packet_t ipfix; +} ip4_ipfix_template_packet_t; + +struct flow_report_main; +struct flow_report; + +typedef u8 *(vnet_flow_rewrite_callback_t) (struct flow_report_main *, + struct flow_report *, + ip4_address_t *, + ip4_address_t *, u16); + +typedef vlib_frame_t *(vnet_flow_data_callback_t) (struct flow_report_main *, + struct flow_report *, + vlib_frame_t *, u32 *, + u32); + +typedef union +{ + void *as_ptr; + uword as_uword; +} opaque_t; + +typedef struct +{ + u32 domain_id; + u32 sequence_number; + u16 src_port; + u16 n_reports; + u16 next_template_no; +} flow_report_stream_t; + +typedef struct flow_report +{ + /* ipfix rewrite, set by callback */ + u8 *rewrite; + u16 template_id; + u32 stream_index; + f64 last_template_sent; + int update_rewrite; + + /* Bitmap of fields to send */ + uword *fields_to_send; + + /* Opaque data */ + opaque_t opaque; + + /* build-the-rewrite callback */ + vnet_flow_rewrite_callback_t *rewrite_callback; + + /* Send-flow-data callback */ + vnet_flow_data_callback_t *flow_data_callback; +} flow_report_t; + +typedef struct flow_report_main +{ + flow_report_t *reports; + flow_report_stream_t *streams; + + /* ipfix collector ip address, port, our ip address, fib index */ + ip4_address_t ipfix_collector; + u16 collector_port; + ip4_address_t src_address; + u32 fib_index; + + /* Path MTU */ + u32 path_mtu; + + /* time interval in seconds after which to resend templates */ + u32 template_interval; + + /* UDP checksum calculation enable flag */ + u8 udp_checksum; + + /* time scale transform. Joy. */ + u32 unix_time_0; + f64 vlib_time_0; + + /* convenience variables */ + vlib_main_t *vlib_main; + vnet_main_t *vnet_main; +} flow_report_main_t; + +extern flow_report_main_t flow_report_main; + +extern vlib_node_registration_t flow_report_process_node; + +int vnet_flow_report_enable_disable (u32 sw_if_index, u32 table_index, + int enable_disable); +typedef struct +{ + vnet_flow_data_callback_t *flow_data_callback; + vnet_flow_rewrite_callback_t *rewrite_callback; + opaque_t opaque; + int is_add; + u32 domain_id; + u16 src_port; +} vnet_flow_report_add_del_args_t; + +int vnet_flow_report_add_del (flow_report_main_t * frm, + vnet_flow_report_add_del_args_t * a, + u16 * template_id); + +clib_error_t *flow_report_add_del_error_to_clib_error (int error); + +void vnet_flow_reports_reset (flow_report_main_t * frm); + +void vnet_stream_reset (flow_report_main_t * frm, u32 stream_index); + +int vnet_stream_change (flow_report_main_t * frm, + u32 old_domain_id, u16 old_src_port, + u32 new_domain_id, u16 new_src_port); + +#endif /* __included_vnet_flow_report_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/flow_report_classify.c b/src/vnet/ipfix-export/flow_report_classify.c new file mode 100644 index 00000000000..46813ee6e1b --- /dev/null +++ b/src/vnet/ipfix-export/flow_report_classify.c @@ -0,0 +1,556 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include +#include +#include + +/* Common prefix of tcp and udp headers + * containing only source and destination port fields */ +typedef struct +{ + u16 src_port, dst_port; +} tcpudp_header_t; + +flow_report_classify_main_t flow_report_classify_main; + +u8 * +ipfix_classify_template_rewrite (flow_report_main_t * frm, + flow_report_t * fr, + ip4_address_t * collector_address, + ip4_address_t * src_address, + u16 collector_port) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + vnet_classify_table_t *tblp; + vnet_classify_main_t *vcm = &vnet_classify_main; + u32 flow_table_index = fr->opaque.as_uword; + u8 *ip_start; + ip4_header_t *ip; + ip6_header_t *ip6; + tcpudp_header_t *tcpudp; + udp_header_t *udp; + ipfix_message_header_t *h; + ipfix_set_header_t *s; + ipfix_template_header_t *t; + ipfix_field_specifier_t *f; + ipfix_field_specifier_t *first_field; + u8 *rewrite = 0; + ip4_ipfix_template_packet_t *tp; + u32 field_count = 0; + u32 field_index = 0; + flow_report_stream_t *stream; + u8 ip_version; + u8 transport_protocol; + u8 *virt_mask; + u8 *real_mask; + + stream = &frm->streams[fr->stream_index]; + + ipfix_classify_table_t *table = &fcm->tables[flow_table_index]; + + ip_version = table->ip_version; + transport_protocol = table->transport_protocol; + + tblp = pool_elt_at_index (vcm->tables, table->classify_table_index); + + virt_mask = (u8 *) (tblp->mask - tblp->skip_n_vectors); + real_mask = (u8 *) (tblp->mask); + + /* Determine field count */ + ip_start = virt_mask + sizeof (ethernet_header_t); +#define _(field,mask,item,length) \ + if (((u8 *)&field >= real_mask) && (memcmp(&field, &mask, length) == 0)) \ + { \ + field_count++; \ + \ + fr->fields_to_send = clib_bitmap_set (fr->fields_to_send, \ + field_index, 1); \ + } \ + field_index++; + foreach_ipfix_field; +#undef _ + + /* Add packetTotalCount manually */ + field_count += 1; + + /* $$$ enterprise fields, at some later date */ + + /* allocate rewrite space */ + vec_validate_aligned (rewrite, + sizeof (ip4_ipfix_template_packet_t) + + field_count * sizeof (ipfix_field_specifier_t) - 1, + CLIB_CACHE_LINE_BYTES); + + tp = (ip4_ipfix_template_packet_t *) rewrite; + ip = (ip4_header_t *) & tp->ip4; + udp = (udp_header_t *) (ip + 1); + h = (ipfix_message_header_t *) (udp + 1); + s = (ipfix_set_header_t *) (h + 1); + t = (ipfix_template_header_t *) (s + 1); + first_field = f = (ipfix_field_specifier_t *) (t + 1); + + ip->ip_version_and_header_length = 0x45; + ip->ttl = 254; + ip->protocol = IP_PROTOCOL_UDP; + ip->src_address.as_u32 = src_address->as_u32; + ip->dst_address.as_u32 = collector_address->as_u32; + udp->src_port = clib_host_to_net_u16 (stream->src_port); + udp->dst_port = clib_host_to_net_u16 (collector_port); + udp->length = clib_host_to_net_u16 (vec_len (rewrite) - sizeof (*ip)); + + /* FIXUP: message header export_time */ + /* FIXUP: message header sequence_number */ + h->domain_id = clib_host_to_net_u32 (stream->domain_id); + + /* Take another trip through the mask and build the template */ + ip_start = virt_mask + sizeof (ethernet_header_t); +#define _(field,mask,item,length) \ + if (((u8 *)&field >= real_mask) && (memcmp(&field, &mask, length) == 0)) \ + { \ + f->e_id_length = ipfix_e_id_length (0 /* enterprise */, \ + item, length); \ + f++; \ + } + foreach_ipfix_field; +#undef _ + + /* Add packetTotalCount manually */ + f->e_id_length = + ipfix_e_id_length (0 /* enterprise */ , packetTotalCount, 8); + f++; + + /* Back to the template packet... */ + ip = (ip4_header_t *) & tp->ip4; + udp = (udp_header_t *) (ip + 1); + + ASSERT (f - first_field); + /* Field count in this template */ + t->id_count = ipfix_id_count (fr->template_id, f - first_field); + + /* set length in octets */ + s->set_id_length = + ipfix_set_id_length (2 /* set_id */ , (u8 *) f - (u8 *) s); + + /* message length in octets */ + h->version_length = version_length ((u8 *) f - (u8 *) h); + + ip->length = clib_host_to_net_u16 ((u8 *) f - (u8 *) ip); + ip->checksum = ip4_header_checksum (ip); + + return rewrite; +} + +vlib_frame_t * +ipfix_classify_send_flows (flow_report_main_t * frm, + flow_report_t * fr, + vlib_frame_t * f, u32 * to_next, u32 node_index) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + vnet_classify_main_t *vcm = &vnet_classify_main; + u32 flow_table_index = fr->opaque.as_uword; + vnet_classify_table_t *t; + vnet_classify_bucket_t *b; + vnet_classify_entry_t *v, *save_v; + vlib_buffer_t *b0 = 0; + u32 next_offset = 0; + u32 record_offset = 0; + u32 bi0 = ~0; + int i, j, k; + ip4_ipfix_template_packet_t *tp; + ipfix_message_header_t *h = 0; + ipfix_set_header_t *s = 0; + u8 *ip_start; + ip4_header_t *ip; + ip6_header_t *ip6; + tcpudp_header_t *tcpudp; + udp_header_t *udp; + int field_index; + u32 records_this_buffer; + u16 new_l0, old_l0; + ip_csum_t sum0; + vlib_main_t *vm = frm->vlib_main; + flow_report_stream_t *stream; + u8 ip_version; + u8 transport_protocol; + u8 *virt_key; + + stream = &frm->streams[fr->stream_index]; + + ipfix_classify_table_t *table = &fcm->tables[flow_table_index]; + + ip_version = table->ip_version; + transport_protocol = table->transport_protocol; + + t = pool_elt_at_index (vcm->tables, table->classify_table_index); + + while (__sync_lock_test_and_set (t->writer_lock, 1)) + ; + + for (i = 0; i < t->nbuckets; i++) + { + b = &t->buckets[i]; + if (b->offset == 0) + continue; + + save_v = vnet_classify_get_entry (t, b->offset); + for (j = 0; j < (1 << b->log2_pages); j++) + { + for (k = 0; k < t->entries_per_page; k++) + { + v = vnet_classify_entry_at_index + (t, save_v, j * t->entries_per_page + k); + + if (vnet_classify_entry_is_free (v)) + continue; + + /* OK, we have something to send... */ + if (PREDICT_FALSE (b0 == 0)) + { + if (vlib_buffer_alloc (vm, &bi0, 1) != 1) + goto flush; + b0 = vlib_get_buffer (vm, bi0); + + u32 copy_len = sizeof (ip4_header_t) + + sizeof (udp_header_t) + sizeof (ipfix_message_header_t); + clib_memcpy (b0->data, fr->rewrite, copy_len); + b0->current_data = 0; + b0->current_length = copy_len; + b0->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; + vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0; + vnet_buffer (b0)->sw_if_index[VLIB_TX] = frm->fib_index; + + tp = vlib_buffer_get_current (b0); + ip = (ip4_header_t *) & tp->ip4; + udp = (udp_header_t *) (ip + 1); + h = (ipfix_message_header_t *) (udp + 1); + s = (ipfix_set_header_t *) (h + 1); + + /* FIXUP: message header export_time */ + h->export_time = (u32) + (((f64) frm->unix_time_0) + + (vlib_time_now (frm->vlib_main) - frm->vlib_time_0)); + h->export_time = clib_host_to_net_u32 (h->export_time); + + /* FIXUP: message header sequence_number */ + h->sequence_number = stream->sequence_number; + h->sequence_number = + clib_host_to_net_u32 (h->sequence_number); + + next_offset = (u32) (((u8 *) (s + 1)) - (u8 *) tp); + record_offset = next_offset; + records_this_buffer = 0; + } + + field_index = 0; + virt_key = (u8 *) (v->key - t->skip_n_vectors); + ip_start = virt_key + sizeof (ethernet_header_t); +#define _(field,mask,item,length) \ + if (clib_bitmap_get (fr->fields_to_send, field_index)) \ + { \ + clib_memcpy (b0->data + next_offset, &field, \ + length); \ + next_offset += length; \ + } \ + field_index++; + foreach_ipfix_field; +#undef _ + + /* Add packetTotalCount manually */ + { + u64 packets = clib_host_to_net_u64 (v->hits); + clib_memcpy (b0->data + next_offset, &packets, + sizeof (packets)); + next_offset += sizeof (packets); + } + records_this_buffer++; + stream->sequence_number++; + + /* Next record will have the same size as this record */ + u32 next_record_size = next_offset - record_offset; + record_offset = next_offset; + + if (next_offset + next_record_size > frm->path_mtu) + { + s->set_id_length = ipfix_set_id_length (fr->template_id, + next_offset - + (sizeof (*ip) + + sizeof (*udp) + + sizeof (*h))); + h->version_length = + version_length (next_offset - + (sizeof (*ip) + sizeof (*udp))); + b0->current_length = next_offset; + b0->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; + + tp = vlib_buffer_get_current (b0); + ip = (ip4_header_t *) & tp->ip4; + udp = (udp_header_t *) (ip + 1); + + sum0 = ip->checksum; + old_l0 = ip->length; + new_l0 = clib_host_to_net_u16 ((u16) next_offset); + + sum0 = ip_csum_update (sum0, old_l0, new_l0, ip4_header_t, + length /* changed member */ ); + + ip->checksum = ip_csum_fold (sum0); + ip->length = new_l0; + udp->length = + clib_host_to_net_u16 (b0->current_length - sizeof (*ip)); + + if (frm->udp_checksum) + { + /* RFC 7011 section 10.3.2. */ + udp->checksum = + ip4_tcp_udp_compute_checksum (vm, b0, ip); + if (udp->checksum == 0) + udp->checksum = 0xffff; + } + + ASSERT (ip->checksum == ip4_header_checksum (ip)); + + to_next[0] = bi0; + f->n_vectors++; + to_next++; + + if (f->n_vectors == VLIB_FRAME_SIZE) + { + vlib_put_frame_to_node (vm, node_index, f); + f = vlib_get_frame_to_node (vm, node_index); + f->n_vectors = 0; + to_next = vlib_frame_vector_args (f); + } + b0 = 0; + bi0 = ~0; + } + } + } + } + +flush: + if (b0) + { + s->set_id_length = ipfix_set_id_length (fr->template_id, + next_offset - + (sizeof (*ip) + sizeof (*udp) + + sizeof (*h))); + h->version_length = version_length (next_offset - + (sizeof (*ip) + sizeof (*udp))); + b0->current_length = next_offset; + b0->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID; + + tp = vlib_buffer_get_current (b0); + ip = (ip4_header_t *) & tp->ip4; + udp = (udp_header_t *) (ip + 1); + + sum0 = ip->checksum; + old_l0 = ip->length; + new_l0 = clib_host_to_net_u16 ((u16) next_offset); + + sum0 = ip_csum_update (sum0, old_l0, new_l0, ip4_header_t, + length /* changed member */ ); + + ip->checksum = ip_csum_fold (sum0); + ip->length = new_l0; + udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip)); + + if (frm->udp_checksum) + { + /* RFC 7011 section 10.3.2. */ + udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip); + if (udp->checksum == 0) + udp->checksum = 0xffff; + } + + ASSERT (ip->checksum == ip4_header_checksum (ip)); + + to_next[0] = bi0; + f->n_vectors++; + + b0 = 0; + bi0 = ~0; + } + + *(t->writer_lock) = 0; + return f; +} + +static clib_error_t * +ipfix_classify_table_add_del_command_fn (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + flow_report_main_t *frm = &flow_report_main; + vnet_flow_report_add_del_args_t args; + ipfix_classify_table_t *table; + int rv; + int is_add = -1; + u32 classify_table_index = ~0; + u8 ip_version = 0; + u8 transport_protocol = 255; + clib_error_t *error = 0; + + if (fcm->src_port == 0) + clib_error_return (0, "call 'set ipfix classify stream' first"); + + memset (&args, 0, sizeof (args)); + + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "add")) + is_add = 1; + else if (unformat (input, "del")) + is_add = 0; + else if (unformat (input, "%d", &classify_table_index)) + ; + else if (unformat (input, "ip4")) + ip_version = 4; + else if (unformat (input, "ip6")) + ip_version = 6; + else if (unformat (input, "tcp")) + transport_protocol = 6; + else if (unformat (input, "udp")) + transport_protocol = 17; + else + return clib_error_return (0, "unknown input `%U'", + format_unformat_error, input); + } + + if (is_add == -1) + return clib_error_return (0, "expecting: add|del"); + if (classify_table_index == ~0) + return clib_error_return (0, "classifier table not specified"); + if (ip_version == 0) + return clib_error_return (0, "IP version not specified"); + + table = 0; + int i; + for (i = 0; i < vec_len (fcm->tables); i++) + if (ipfix_classify_table_index_valid (i)) + if (fcm->tables[i].classify_table_index == classify_table_index) + { + table = &fcm->tables[i]; + break; + } + + if (is_add) + { + if (table) + return clib_error_return (0, + "Specified classifier table already used"); + table = ipfix_classify_add_table (); + table->classify_table_index = classify_table_index; + } + else + { + if (!table) + return clib_error_return (0, + "Specified classifier table not registered"); + } + + table->ip_version = ip_version; + table->transport_protocol = transport_protocol; + + args.opaque.as_uword = table - fcm->tables; + args.rewrite_callback = ipfix_classify_template_rewrite; + args.flow_data_callback = ipfix_classify_send_flows; + args.is_add = is_add; + args.domain_id = fcm->domain_id; + args.src_port = fcm->src_port; + + rv = vnet_flow_report_add_del (frm, &args, NULL); + + error = flow_report_add_del_error_to_clib_error (rv); + + /* If deleting, or add failed */ + if (is_add == 0 || (rv && is_add)) + ipfix_classify_delete_table (table - fcm->tables); + + return error; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (ipfix_classify_table_add_del_command, static) = { + .path = "ipfix classify table", + .short_help = "ipfix classify table add|del ", + .function = ipfix_classify_table_add_del_command_fn, +}; +/* *INDENT-ON* */ + +static clib_error_t * +set_ipfix_classify_stream_command_fn (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + flow_report_main_t *frm = &flow_report_main; + u32 domain_id = 1; + u32 src_port = UDP_DST_PORT_ipfix; + + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "domain %d", &domain_id)) + ; + else if (unformat (input, "src-port %d", &src_port)) + ; + else + return clib_error_return (0, "unknown input `%U'", + format_unformat_error, input); + } + + if (fcm->src_port != 0 && + (fcm->domain_id != domain_id || fcm->src_port != (u16) src_port)) + { + int rv = vnet_stream_change (frm, fcm->domain_id, fcm->src_port, + domain_id, (u16) src_port); + ASSERT (rv == 0); + } + + fcm->domain_id = domain_id; + fcm->src_port = (u16) src_port; + + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (set_ipfix_classify_stream_command, static) = { + .path = "set ipfix classify stream", + .short_help = "set ipfix classify stream" + "[domain ] [src-port ]", + .function = set_ipfix_classify_stream_command_fn, +}; +/* *INDENT-ON* */ + +static clib_error_t * +flow_report_classify_init (vlib_main_t * vm) +{ + clib_error_t *error; + + if ((error = vlib_call_init_function (vm, flow_report_init))) + return error; + + return 0; +} + +VLIB_INIT_FUNCTION (flow_report_classify_init); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/flow_report_classify.h b/src/vnet/ipfix-export/flow_report_classify.h new file mode 100644 index 00000000000..0533b450122 --- /dev/null +++ b/src/vnet/ipfix-export/flow_report_classify.h @@ -0,0 +1,134 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __included_flow_report_classify_h__ +#define __included_flow_report_classify_h__ + +#define foreach_ipfix_ip4_field \ +_(ip->src_address.as_u32, ((u32[]){0xFFFFFFFF}), sourceIPv4Address, 4) \ +_(ip->dst_address.as_u32, ((u32[]){0xFFFFFFFF}), destinationIPv4Address, 4) \ +_(ip->protocol, ((u8[]){0xFF}), protocolIdentifier, 1) + +#define foreach_ipfix_ip6_field \ +_(ip6->src_address.as_u8, \ + ((u32[]){0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF}), \ + sourceIPv6Address, 16) \ +_(ip6->dst_address.as_u8, \ + ((u32[]){0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF}), \ + destinationIPv6Address, 16) \ +_(ip6->protocol, ((u8[]){0xFF}), protocolIdentifier, 1) + +#define foreach_ipfix_tcpudp_field \ +_(tcpudp->src_port, ((u16[]){0xFFFF}), sourceTransportPort, 2) \ +_(tcpudp->dst_port, ((u16[]){0xFFFF}), destinationTransportPort, 2) + +#define foreach_ipfix_tcp_field \ +_(tcpudp->src_port, ((u16[]){0xFFFF}), tcpSourcePort, 2) \ +_(tcpudp->dst_port, ((u16[]){0xFFFF}), tcpDestinationPort, 2) + +#define foreach_ipfix_udp_field \ +_(tcpudp->src_port, ((u16[]){0xFFFF}), udpSourcePort, 2) \ +_(tcpudp->dst_port, ((u16[]){0xFFFF}), udpDestinationPort, 2) + +#define foreach_ipfix_transport_protocol_field \ + switch (transport_protocol) { \ + case 255: \ + foreach_ipfix_tcpudp_field; \ + break; \ + case 6: \ + foreach_ipfix_tcp_field; \ + break; \ + case 17: \ + foreach_ipfix_udp_field; \ + break; \ + } + +#define foreach_ipfix_field \ + if (ip_version == 4) { \ + ip = (ip4_header_t *)ip_start; \ + tcpudp = (tcpudp_header_t *)(ip+1); \ + foreach_ipfix_ip4_field; \ + } else { \ + ip6 = (ip6_header_t *)ip_start; \ + tcpudp = (tcpudp_header_t *)(ip6+1); \ + foreach_ipfix_ip6_field; \ + } \ + foreach_ipfix_transport_protocol_field + +typedef struct +{ + u32 classify_table_index; + u8 ip_version; + u8 transport_protocol; +} ipfix_classify_table_t; + +typedef struct +{ + u32 domain_id; + u16 src_port; + ipfix_classify_table_t *tables; +} flow_report_classify_main_t; + +extern flow_report_classify_main_t flow_report_classify_main; + +static_always_inline u8 +ipfix_classify_table_index_valid (u32 index) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + return index < vec_len (fcm->tables) && + fcm->tables[index].classify_table_index != ~0; +} + +static_always_inline ipfix_classify_table_t * +ipfix_classify_add_table (void) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + u32 i; + for (i = 0; i < vec_len (fcm->tables); i++) + if (!ipfix_classify_table_index_valid (i)) + return &fcm->tables[i]; + u32 index = vec_len (fcm->tables); + vec_validate (fcm->tables, index); + return &fcm->tables[index]; +} + +static_always_inline void +ipfix_classify_delete_table (u32 index) +{ + flow_report_classify_main_t *fcm = &flow_report_classify_main; + ASSERT (index < vec_len (fcm->tables)); + ASSERT (fcm->tables[index].classify_table_index != ~0); + fcm->tables[index].classify_table_index = ~0; +} + +u8 *ipfix_classify_template_rewrite (flow_report_main_t * frm, + flow_report_t * fr, + ip4_address_t * collector_address, + ip4_address_t * src_address, + u16 collector_port); + +vlib_frame_t *ipfix_classify_send_flows (flow_report_main_t * frm, + flow_report_t * fr, + vlib_frame_t * f, + u32 * to_next, u32 node_index); + +#endif /* __included_flow_report_classify_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/ipfix_export.api b/src/vnet/ipfix-export/ipfix_export.api new file mode 100644 index 00000000000..9bd3790a430 --- /dev/null +++ b/src/vnet/ipfix-export/ipfix_export.api @@ -0,0 +1,149 @@ +/* + * Copyright (c) 2015-2016 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +option version = "1.0.0"; + +/** \brief Configure IPFIX exporter process request + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param collector_address - address of IPFIX collector + @param collector_port - port of IPFIX collector + @param src_address - address of IPFIX exporter + @param vrf_id - VRF / fib table ID + @param path_mtu - Path MTU between exporter and collector + @param template_interval - number of seconds after which to resend template + @param udp_checksum - UDP checksum calculation enable flag +*/ +autoreply define set_ipfix_exporter +{ + u32 client_index; + u32 context; + u8 collector_address[16]; + u16 collector_port; + u8 src_address[16]; + u32 vrf_id; + u32 path_mtu; + u32 template_interval; + u8 udp_checksum; +}; + +/** \brief IPFIX exporter dump request + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request +*/ +define ipfix_exporter_dump +{ + u32 client_index; + u32 context; +}; + +/** \brief Reply to IPFIX exporter dump request + @param context - sender context which was passed in the request + @param collector_address - address of IPFIX collector + @param collector_port - port of IPFIX collector + @param src_address - address of IPFIX exporter + @param fib_index - fib table index + @param path_mtu - Path MTU between exporter and collector + @param template_interval - number of seconds after which to resend template + @param udp_checksum - UDP checksum calculation enable flag +*/ +define ipfix_exporter_details +{ + u32 context; + u8 collector_address[16]; + u16 collector_port; + u8 src_address[16]; + u32 vrf_id; + u32 path_mtu; + u32 template_interval; + u8 udp_checksum; +}; + +/** \brief IPFIX classify stream configure request + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param domain_id - domain ID reported in IPFIX messages for classify stream + @param src_port - source port of UDP session for classify stream +*/ +autoreply define set_ipfix_classify_stream { + u32 client_index; + u32 context; + u32 domain_id; + u16 src_port; +}; + +/** \brief IPFIX classify stream dump request + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request +*/ +define ipfix_classify_stream_dump { + u32 client_index; + u32 context; +}; + +/** \brief Reply to IPFIX classify stream dump request + @param context - sender context, to match reply w/ request + @param domain_id - domain ID reported in IPFIX messages for classify stream + @param src_port - source port of UDP session for classify stream +*/ +define ipfix_classify_stream_details { + u32 context; + u32 domain_id; + u16 src_port; +}; + +/** \brief IPFIX add or delete classifier table request + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param table_id - classifier table ID + @param ip_version - version of IP used in the classifier table + @param transport_protocol - transport protocol used in the classifier table or 255 for unspecified +*/ +autoreply define ipfix_classify_table_add_del { + u32 client_index; + u32 context; + u32 table_id; + u8 ip_version; + u8 transport_protocol; + u8 is_add; +}; + +/** \brief IPFIX classify tables dump request + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request +*/ +define ipfix_classify_table_dump { + u32 client_index; + u32 context; +}; + +/** \brief Reply to IPFIX classify tables dump request + @param context - sender context, to match reply w/ request + @param table_id - classifier table ID + @param ip_version - version of IP used in the classifier table + @param transport_protocol - transport protocol used in the classifier table or 255 for unspecified +*/ +define ipfix_classify_table_details { + u32 context; + u32 table_id; + u8 ip_version; + u8 transport_protocol; +}; + +/* + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/ipfix_info_elements.h b/src/vnet/ipfix-export/ipfix_info_elements.h new file mode 100644 index 00000000000..171cdfe702e --- /dev/null +++ b/src/vnet/ipfix-export/ipfix_info_elements.h @@ -0,0 +1,443 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __included_ipfix_info_elements_h__ +#define __included_ipfix_info_elements_h__ + +#define foreach_ipfix_info_element_t \ +_(octetDeltaCount, 1, u64) \ +_(packetDeltaCount, 2, u64) \ +_(deltaFlowCount, 3, u64) \ +_(protocolIdentifier, 4, u8) \ +_(ipClassOfService, 5, u8) \ +_(tcpControlBits, 6, u16) \ +_(sourceTransportPort, 7, u16) \ +_(sourceIPv4Address, 8, ip4_address_t) \ +_(sourceIPv4PrefixLength, 9, u8) \ +_(ingressInterface, 10, u32) \ +_(destinationTransportPort, 11, u16) \ +_(destinationIPv4Address, 12, ip4_address_t) \ +_(destinationIPv4PrefixLength, 13, u8) \ +_(egressInterface, 14, u32) \ +_(ipNextHopIPv4Address, 15, ip4_address_t) \ +_(bgpSourceAsNumber, 16, u32) \ +_(bgpDestinationAsNumber, 17, u32) \ +_(bgpNextHopIPv4Address, 18, ip4_address_t) \ +_(postMCastPacketDeltaCount, 19, u64) \ +_(postMCastOctetDeltaCount, 20, u64) \ +_(flowEndSysUpTime, 21, u32) \ +_(flowStartSysUpTime, 22, u32) \ +_(postOctetDeltaCount, 23, u64) \ +_(postPacketDeltaCount, 24, u64) \ +_(minimumIpTotalLength, 25, u64) \ +_(maximumIpTotalLength, 26, u64) \ +_(sourceIPv6Address, 27, ip6_address_t) \ +_(destinationIPv6Address, 28, ip6_address_t) \ +_(sourceIPv6PrefixLength, 29, u8) \ +_(destinationIPv6PrefixLength, 30, u8) \ +_(flowLabelIPv6, 31, u32) \ +_(icmpTypeCodeIPv4, 32, u16) \ +_(igmpType, 33, u8) \ +_(samplingInterval, 34, u32) \ +_(samplingAlgorithm, 35, u8) \ +_(flowActiveTimeout, 36, u16) \ +_(flowIdleTimeout, 37, u16) \ +_(engineType, 38, u8) \ +_(engineId, 39, u8) \ +_(exportedOctetTotalCount, 40, u64) \ +_(exportedMessageTotalCount, 41, u64) \ +_(exportedFlowRecordTotalCount, 42, u64) \ +_(ipv4RouterSc, 43, ip4_address_t) \ +_(sourceIPv4Prefix, 44, ip4_address_t) \ +_(destinationIPv4Prefix, 45, ip4_address_t) \ +_(mplsTopLabelType, 46, u8) \ +_(mplsTopLabelIPv4Address, 47, ip4_address_t) \ +_(samplerId, 48, u8) \ +_(samplerMode, 49, u8) \ +_(samplerRandomInterval, 50, u32) \ +_(classId, 51, u8) \ +_(minimumTTL, 52, u8) \ +_(maximumTTL, 53, u8) \ +_(fragmentIdentification, 54, u32) \ +_(postIpClassOfService, 55, u8) \ +_(sourceMacAddress, 56, macAddress) \ +_(postDestinationMacAddress, 57, macAddress) \ +_(vlanId, 58, u16) \ +_(postVlanId, 59, u16) \ +_(ipVersion, 60, u8) \ +_(flowDirection, 61, u8) \ +_(ipNextHopIPv6Address, 62, ip6_address_t) \ +_(bgpNextHopIPv6Address, 63, ip6_address_t) \ +_(ipv6ExtensionHeaders, 64, u32) \ +_(mplsTopLabelStackSection, 70, octetArray) \ +_(mplsLabelStackSection2, 71, octetArray) \ +_(mplsLabelStackSection3, 72, octetArray) \ +_(mplsLabelStackSection4, 73, octetArray) \ +_(mplsLabelStackSection5, 74, octetArray) \ +_(mplsLabelStackSection6, 75, octetArray) \ +_(mplsLabelStackSection7, 76, octetArray) \ +_(mplsLabelStackSection8, 77, octetArray) \ +_(mplsLabelStackSection9, 78, octetArray) \ +_(mplsLabelStackSection10, 79, octetArray) \ +_(destinationMacAddress, 80, macAddress) \ +_(postSourceMacAddress, 81, macAddress) \ +_(interfaceName, 82, string) \ +_(interfaceDescription, 83, string) \ +_(samplerName, 84, string) \ +_(octetTotalCount, 85, u64) \ +_(packetTotalCount, 86, u64) \ +_(flagsAndSamplerId, 87, u32) \ +_(fragmentOffset, 88, u16) \ +_(forwardingStatus, 89, u32) \ +_(mplsVpnRouteDistinguisher, 90, octetArray) \ +_(mplsTopLabelPrefixLength, 91, u8) \ +_(srcTrafficIndex, 92, u32) \ +_(dstTrafficIndex, 93, u32) \ +_(applicationDescription, 94, string) \ +_(applicationId, 95, octetArray) \ +_(applicationName, 96, string) \ +_(Assigned, 97, for NetFlow v9 compatibility ) \ +_(postIpDiffServCodePoint, 98, u8) \ +_(multicastReplicationFactor, 99, u32) \ +_(className, 100, string) \ +_(classificationEngineId, 101, u8) \ +_(layer2packetSectionOffset, 102, u16) \ +_(layer2packetSectionSize, 103, u16) \ +_(layer2packetSectionData, 104, octetArray) \ +_(bgpNextAdjacentAsNumber, 128, u32) \ +_(bgpPrevAdjacentAsNumber, 129, u32) \ +_(exporterIPv4Address, 130, ip4_address_t) \ +_(exporterIPv6Address, 131, ip6_address_t) \ +_(droppedOctetDeltaCount, 132, u64) \ +_(droppedPacketDeltaCount, 133, u64) \ +_(droppedOctetTotalCount, 134, u64) \ +_(droppedPacketTotalCount, 135, u64) \ +_(flowEndReason, 136, u8) \ +_(commonPropertiesId, 137, u64) \ +_(observationPointId, 138, u64) \ +_(icmpTypeCodeIPv6, 139, u16) \ +_(mplsTopLabelIPv6Address, 140, ip6_address_t) \ +_(lineCardId, 141, u32) \ +_(portId, 142, u32) \ +_(meteringProcessId, 143, u32) \ +_(exportingProcessId, 144, u32) \ +_(templateId, 145, u16) \ +_(wlanChannelId, 146, u8) \ +_(wlanSSID, 147, string) \ +_(flowId, 148, u64) \ +_(observationDomainId, 149, u32) \ +_(flowStartSeconds, 150, dateTimeSeconds) \ +_(flowEndSeconds, 151, dateTimeSeconds) \ +_(flowStartMilliseconds, 152, dateTimeMilliseconds) \ +_(flowEndMilliseconds, 153, dateTimeMilliseconds) \ +_(flowStartMicroseconds, 154, dateTimeMicroseconds) \ +_(flowEndMicroseconds, 155, dateTimeMicroseconds) \ +_(flowStartNanoseconds, 156, dateTimeNanoseconds) \ +_(flowEndNanoseconds, 157, dateTimeNanoseconds) \ +_(flowStartDeltaMicroseconds, 158, u32) \ +_(flowEndDeltaMicroseconds, 159, u32) \ +_(systemInitTimeMilliseconds, 160, dateTimeMilliseconds) \ +_(flowDurationMilliseconds, 161, u32) \ +_(flowDurationMicroseconds, 162, u32) \ +_(observedFlowTotalCount, 163, u64) \ +_(ignoredPacketTotalCount, 164, u64) \ +_(ignoredOctetTotalCount, 165, u64) \ +_(notSentFlowTotalCount, 166, u64) \ +_(notSentPacketTotalCount, 167, u64) \ +_(notSentOctetTotalCount, 168, u64) \ +_(destinationIPv6Prefix, 169, ip6_address_t) \ +_(sourceIPv6Prefix, 170, ip6_address_t) \ +_(postOctetTotalCount, 171, u64) \ +_(postPacketTotalCount, 172, u64) \ +_(flowKeyIndicator, 173, u64) \ +_(postMCastPacketTotalCount, 174, u64) \ +_(postMCastOctetTotalCount, 175, u64) \ +_(icmpTypeIPv4, 176, u8) \ +_(icmpCodeIPv4, 177, u8) \ +_(icmpTypeIPv6, 178, u8) \ +_(icmpCodeIPv6, 179, u8) \ +_(udpSourcePort, 180, u16) \ +_(udpDestinationPort, 181, u16) \ +_(tcpSourcePort, 182, u16) \ +_(tcpDestinationPort, 183, u16) \ +_(tcpSequenceNumber, 184, u32) \ +_(tcpAcknowledgementNumber, 185, u32) \ +_(tcpWindowSize, 186, u16) \ +_(tcpUrgentPointer, 187, u16) \ +_(tcpHeaderLength, 188, u8) \ +_(ipHeaderLength, 189, u8) \ +_(totalLengthIPv4, 190, u16) \ +_(payloadLengthIPv6, 191, u16) \ +_(ipTTL, 192, u8) \ +_(nextHeaderIPv6, 193, u8) \ +_(mplsPayloadLength, 194, u32) \ +_(ipDiffServCodePoint, 195, u8) \ +_(ipPrecedence, 196, u8) \ +_(fragmentFlags, 197, u8) \ +_(octetDeltaSumOfSquares, 198, u64) \ +_(octetTotalSumOfSquares, 199, u64) \ +_(mplsTopLabelTTL, 200, u8) \ +_(mplsLabelStackLength, 201, u32) \ +_(mplsLabelStackDepth, 202, u32) \ +_(mplsTopLabelExp, 203, u8) \ +_(ipPayloadLength, 204, u32) \ +_(udpMessageLength, 205, u16) \ +_(isMulticast, 206, u8) \ +_(ipv4IHL, 207, u8) \ +_(ipv4Options, 208, u32) \ +_(tcpOptions, 209, u64) \ +_(paddingOctets, 210, octetArray) \ +_(collectorIPv4Address, 211, ip4_address_t) \ +_(collectorIPv6Address, 212, ip6_address_t) \ +_(exportInterface, 213, u32) \ +_(exportProtocolVersion, 214, u8) \ +_(exportTransportProtocol, 215, u8) \ +_(collectorTransportPort, 216, u16) \ +_(exporterTransportPort, 217, u16) \ +_(tcpSynTotalCount, 218, u64) \ +_(tcpFinTotalCount, 219, u64) \ +_(tcpRstTotalCount, 220, u64) \ +_(tcpPshTotalCount, 221, u64) \ +_(tcpAckTotalCount, 222, u64) \ +_(tcpUrgTotalCount, 223, u64) \ +_(ipTotalLength, 224, u64) \ +_(postNATSourceIPv4Address, 225, ip4_address_t) \ +_(postNATDestinationIPv4Address, 226, ip4_address_t) \ +_(postNAPTSourceTransportPort, 227, u16) \ +_(postNAPTDestinationTransportPort, 228, u16) \ +_(natOriginatingAddressRealm, 229, u8) \ +_(natEvent, 230, u8) \ +_(initiatorOctets, 231, u64) \ +_(responderOctets, 232, u64) \ +_(firewallEvent, 233, u8) \ +_(ingressVRFID, 234, u32) \ +_(egressVRFID, 235, u32) \ +_(VRFname, 236, string) \ +_(postMplsTopLabelExp, 237, u8) \ +_(tcpWindowScale, 238, u16) \ +_(biflowDirection, 239, u8) \ +_(ethernetHeaderLength, 240, u8) \ +_(ethernetPayloadLength, 241, u16) \ +_(ethernetTotalLength, 242, u16) \ +_(dot1qVlanId, 243, u16) \ +_(dot1qPriority, 244, u8) \ +_(dot1qCustomerVlanId, 245, u16) \ +_(dot1qCustomerPriority, 246, u8) \ +_(metroEvcId, 247, string) \ +_(metroEvcType, 248, u8) \ +_(pseudoWireId, 249, u32) \ +_(pseudoWireType, 250, u16) \ +_(pseudoWireControlWord, 251, u32) \ +_(ingressPhysicalInterface, 252, u32) \ +_(egressPhysicalInterface, 253, u32) \ +_(postDot1qVlanId, 254, u16) \ +_(postDot1qCustomerVlanId, 255, u16) \ +_(ethernetType, 256, u16) \ +_(postIpPrecedence, 257, u8) \ +_(collectionTimeMilliseconds, 258, dateTimeMilliseconds) \ +_(exportSctpStreamId, 259, u16) \ +_(maxExportSeconds, 260, dateTimeSeconds) \ +_(maxFlowEndSeconds, 261, dateTimeSeconds) \ +_(messageMD5Checksum, 262, octetArray) \ +_(messageScope, 263, u8) \ +_(minExportSeconds, 264, dateTimeSeconds) \ +_(minFlowStartSeconds, 265, dateTimeSeconds) \ +_(opaqueOctets, 266, octetArray) \ +_(sessionScope, 267, u8) \ +_(maxFlowEndMicroseconds, 268, dateTimeMicroseconds) \ +_(maxFlowEndMilliseconds, 269, dateTimeMilliseconds) \ +_(maxFlowEndNanoseconds, 270, dateTimeNanoseconds) \ +_(minFlowStartMicroseconds, 271, dateTimeMicroseconds) \ +_(minFlowStartMilliseconds, 272, dateTimeMilliseconds) \ +_(minFlowStartNanoseconds, 273, dateTimeNanoseconds) \ +_(collectorCertificate, 274, octetArray) \ +_(exporterCertificate, 275, octetArray) \ +_(dataRecordsReliability, 276, boolean) \ +_(observationPointType, 277, u8) \ +_(newConnectionDeltaCount, 278, u32) \ +_(connectionSumDurationSeconds, 279, u64) \ +_(connectionTransactionId, 280, u64) \ +_(postNATSourceIPv6Address, 281, ip6_address_t) \ +_(postNATDestinationIPv6Address, 282, ip6_address_t) \ +_(natPoolId, 283, u32) \ +_(natPoolName, 284, string) \ +_(anonymizationFlags, 285, u16) \ +_(anonymizationTechnique, 286, u16) \ +_(informationElementIndex, 287, u16) \ +_(p2pTechnology, 288, string) \ +_(tunnelTechnology, 289, string) \ +_(encryptedTechnology, 290, string) \ +_(basicList, 291, basicList) \ +_(subTemplateList, 292, subTemplateList) \ +_(subTemplateMultiList, 293, subTemplateMultiList) \ +_(bgpValidityState, 294, u8) \ +_(IPSecSPI, 295, u32) \ +_(greKey, 296, u32) \ +_(natType, 297, u8) \ +_(initiatorPackets, 298, u64) \ +_(responderPackets, 299, u64) \ +_(observationDomainName, 300, string) \ +_(selectionSequenceId, 301, u64) \ +_(selectorId, 302, u64) \ +_(informationElementId, 303, u16) \ +_(selectorAlgorithm, 304, u16) \ +_(samplingPacketInterval, 305, u32) \ +_(samplingPacketSpace, 306, u32) \ +_(samplingTimeInterval, 307, u32) \ +_(samplingTimeSpace, 308, u32) \ +_(samplingSize, 309, u32) \ +_(samplingPopulation, 310, u32) \ +_(samplingProbability, 311, float64) \ +_(dataLinkFrameSize, 312, u16) \ +_(ipHeaderPacketSection, 313, octetArray) \ +_(ipPayloadPacketSection, 314, octetArray) \ +_(dataLinkFrameSection, 315, octetArray) \ +_(mplsLabelStackSection, 316, octetArray) \ +_(mplsPayloadPacketSection, 317, octetArray) \ +_(selectorIdTotalPktsObserved, 318, u64) \ +_(selectorIdTotalPktsSelected, 319, u64) \ +_(absoluteError, 320, float64) \ +_(relativeError, 321, float64) \ +_(observationTimeSeconds, 322, dateTimeSeconds) \ +_(observationTimeMilliseconds, 323, dateTimeMilliseconds) \ +_(observationTimeMicroseconds, 324, dateTimeMicroseconds) \ +_(observationTimeNanoseconds, 325, dateTimeNanoseconds) \ +_(digestHashValue, 326, u64) \ +_(hashIPPayloadOffset, 327, u64) \ +_(hashIPPayloadSize, 328, u64) \ +_(hashOutputRangeMin, 329, u64) \ +_(hashOutputRangeMax, 330, u64) \ +_(hashSelectedRangeMin, 331, u64) \ +_(hashSelectedRangeMax, 332, u64) \ +_(hashDigestOutput, 333, boolean) \ +_(hashInitialiserValue, 334, u64) \ +_(selectorName, 335, string) \ +_(upperCILimit, 336, float64) \ +_(lowerCILimit, 337, float64) \ +_(confidenceLevel, 338, float64) \ +_(informationElementDataType, 339, u8) \ +_(informationElementDescription, 340, string) \ +_(informationElementName, 341, string) \ +_(informationElementRangeBegin, 342, u64) \ +_(informationElementRangeEnd, 343, u64) \ +_(informationElementSemantics, 344, u8) \ +_(informationElementUnits, 345, u16) \ +_(privateEnterpriseNumber, 346, u32) \ +_(virtualStationInterfaceId, 347, octetArray) \ +_(virtualStationInterfaceName, 348, string) \ +_(virtualStationUUID, 349, octetArray) \ +_(virtualStationName, 350, string) \ +_(layer2SegmentId, 351, u64) \ +_(layer2OctetDeltaCount, 352, u64) \ +_(layer2OctetTotalCount, 353, u64) \ +_(ingressUnicastPacketTotalCount, 354, u64) \ +_(ingressMulticastPacketTotalCount, 355, u64) \ +_(ingressBroadcastPacketTotalCount, 356, u64) \ +_(egressUnicastPacketTotalCount, 357, u64) \ +_(egressBroadcastPacketTotalCount, 358, u64) \ +_(monitoringIntervalStartMilliSeconds, 359, dateTimeMilliseconds) \ +_(monitoringIntervalEndMilliSeconds, 360, dateTimeMilliseconds) \ +_(portRangeStart, 361, u16) \ +_(portRangeEnd, 362, u16) \ +_(portRangeStepSize, 363, u16) \ +_(portRangeNumPorts, 364, u16) \ +_(staMacAddress, 365, macAddress) \ +_(staIPv4Address, 366, ip4_address_t) \ +_(wtpMacAddress, 367, macAddress ) \ +_(ingressInterfaceType, 368, u32) \ +_(egressInterfaceType, 369, u32) \ +_(rtpSequenceNumber, 370, u16) \ +_(userName, 371, string) \ +_(applicationCategoryName, 372, string) \ +_(applicationSubCategoryName, 373, string) \ +_(applicationGroupName, 374, string) \ +_(originalFlowsPresent, 375, u64) \ +_(originalFlowsInitiated, 376, u64) \ +_(originalFlowsCompleted, 377, u64) \ +_(distinctCountOfSourceIPAddress, 378, u64) \ +_(distinctCountOfDestinationIPAddress, 379, u64) \ +_(distinctCountOfSourceIPv4Address, 380, u32) \ +_(distinctCountOfDestinationIPv4Address, 381, u32) \ +_(distinctCountOfSourceIPv6Address, 382, u64) \ +_(distinctCountOfDestinationIPv6Address, 383, u64) \ +_(valueDistributionMethod, 384, u8) \ +_(rfc3550JitterMilliseconds, 385, u32) \ +_(rfc3550JitterMicroseconds, 386, u32) \ +_(rfc3550JitterNanoseconds, 387, u32) \ +_(dot1qDEI, 388, boolean) \ +_(dot1qCustomerDEI, 389, boolean) \ +_(flowSelectorAlgorithm, 390, u16) \ +_(flowSelectedOctetDeltaCount, 391, u64) \ +_(flowSelectedPacketDeltaCount, 392, u64) \ +_(flowSelectedFlowDeltaCount, 393, u64) \ +_(selectorIDTotalFlowsObserved, 394, u64) \ +_(selectorIDTotalFlowsSelected, 395, u64) \ +_(samplingFlowInterval, 396, u64) \ +_(samplingFlowSpacing, 397, u64) \ +_(flowSamplingTimeInterval, 398, u64) \ +_(flowSamplingTimeSpacing, 399, u64) \ +_(hashFlowDomain, 400, u16) \ +_(transportOctetDeltaCount, 401, u64) \ +_(transportPacketDeltaCount, 402, u64) \ +_(originalExporterIPv4Address, 403, ip4_address_t) \ +_(originalExporterIPv6Address, 404, ip6_address_t) \ +_(originalObservationDomainId, 405, u32) \ +_(intermediateProcessId, 406, u32) \ +_(ignoredDataRecordTotalCount, 407, u64) \ +_(dataLinkFrameType, 408, u16) \ +_(sectionOffset, 409, u16) \ +_(sectionExportedOctets, 410, u16) \ +_(dot1qServiceInstanceTag, 411, octetArray) \ +_(dot1qServiceInstanceId, 412, u32) \ +_(dot1qServiceInstancePriority, 413, u8) \ +_(dot1qCustomerSourceMacAddress, 414, macAddress) \ +_(dot1qCustomerDestinationMacAddress, 415, macAddress) \ +_(postLayer2OctetDeltaCount, 417, u64) \ +_(postMCastLayer2OctetDeltaCount, 418, u64) \ +_(postLayer2OctetTotalCount, 420, u64) \ +_(postMCastLayer2OctetTotalCount, 421, u64) \ +_(minimumLayer2TotalLength, 422, u64) \ +_(maximumLayer2TotalLength, 423, u64) \ +_(droppedLayer2OctetDeltaCount, 424, u64) \ +_(droppedLayer2OctetTotalCount, 425, u64) \ +_(ignoredLayer2OctetTotalCount, 426, u64) \ +_(notSentLayer2OctetTotalCount, 427, u64) \ +_(layer2OctetDeltaSumOfSquares, 428, u64) \ +_(layer2OctetTotalSumOfSquares, 429, u64) \ +_(layer2FrameDeltaCount, 430, u64) \ +_(layer2FrameTotalCount, 431, u64) \ +_(pseudoWireDestinationIPv4Address, 432, ip4_address_t) \ +_(ignoredLayer2FrameTotalCount, 433, u64) \ +_(natQuotaExceededEvent, 466, u32) \ +_(maxSessionEntries, 471, u32) \ +_(maxBIBEntries, 472, u32) \ +_(maxEntriesPerUser, 473, u32) \ +_(maxFragmentsPendingReassembly, 475, u32) + +typedef enum +{ +#define _(n,v,t) n = v, + foreach_ipfix_info_element_t +#undef _ +} ipfix_info_element_id_t; + +#endif /* __included_ipfix_info_elements_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ipfix-export/ipfix_packet.h b/src/vnet/ipfix-export/ipfix_packet.h new file mode 100644 index 00000000000..8b026e4db27 --- /dev/null +++ b/src/vnet/ipfix-export/ipfix_packet.h @@ -0,0 +1,206 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __included_ipfix_packet_h__ +#define __included_ipfix_packet_h__ + +#include + +/* From RFC-7011: + * https://tools.ietf.org/html/rfc7011 + */ + +typedef struct +{ + u32 version_length; + u32 export_time; + u32 sequence_number; + u32 domain_id; +} ipfix_message_header_t; + +static inline u32 +version_length (u16 length) +{ + return clib_host_to_net_u32 (0x000a0000 | length); +} + + +/* + * The Field Specifier format is shown in Figure G. + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |E| Information Element ident. | Field Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Enterprise Number | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * Figure G: Field Specifier Format + * + * Where: + * + * E + * + * Enterprise bit. This is the first bit of the Field Specifier. If + * this bit is zero, the Information Element identifier identifies an + * Information Element in [IANA-IPFIX], and the four-octet Enterprise + * Number field MUST NOT be present. If this bit is one, the + * Information Element identifier identifies an enterprise-specific + * Information Element, and the Enterprise Number field MUST be + * present. + */ + +typedef struct +{ + u32 e_id_length; + u32 enterprise; +} ipfix_enterprise_field_specifier_t; + +typedef struct +{ + u32 e_id_length; +} ipfix_field_specifier_t; + +static inline u32 +ipfix_e_id_length (int e, u16 id, u16 length) +{ + u32 value; + value = (e << 31) | ((id & 0x7FFF) << 16) | length; + return clib_host_to_net_u32 (value); +} + +/* + * Every Set contains a common header. This header is defined in + * Figure I. + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Set ID | Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * Figure I: Set Header Format + * + * Each Set Header field is exported in network format. The fields are + * defined as follows: + * + * Set ID + * + * Identifies the Set. A value of 2 is reserved for Template Sets. + * A value of 3 is reserved for Options Template Sets. Values from 4 + * to 255 are reserved for future use. Values 256 and above are used + * for Data Sets. The Set ID values of 0 and 1 are not used, for + * historical reasons [RFC3954]. + * + * Length + * + * Total length of the Set, in octets, including the Set Header, all + * records, and the optional padding. Because an individual Set MAY + * contain multiple records, the Length value MUST be used to + * determine the position of the next Set. + */ + +typedef struct +{ + u32 set_id_length; +} ipfix_set_header_t; + +static inline u32 +ipfix_set_id_length (u16 set_id, u16 length) +{ + return clib_host_to_net_u32 ((set_id << 16) | length); +} + +/* + * The format of the Template Record is shown in Figure J. It consists + * of a Template Record Header and one or more Field Specifiers. Field + * Specifiers are defined in Figure G above. + * + * +--------------------------------------------------+ + * | Template Record Header | + * +--------------------------------------------------+ + * | Field Specifier | + * +--------------------------------------------------+ + * | Field Specifier | + * +--------------------------------------------------+ + * ... + * +--------------------------------------------------+ + * | Field Specifier | + * +--------------------------------------------------+ + * + * Figure J: Template Record Format + * + * The format of the Template Record Header is shown in Figure K. + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Template ID (> 255) | Field Count | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * Figure K: Template Record Header Format + * + * The Template Record Header Field definitions are as follows: + * + * Template ID + * + * Each Template Record is given a unique Template ID in the range + * 256 to 65535. This uniqueness is local to the Transport Session + * and Observation Domain that generated the Template ID. Since + * Template IDs are used as Set IDs in the Sets they describe (see + * Section 3.4.3), values 0-255 are reserved for special Set types + * (e.g., Template Sets themselves), and Templates and Options + * Templates (see Section 3.4.2) cannot share Template IDs within a + * Transport Session and Observation Domain. There are no + * constraints regarding the order of the Template ID allocation. As + * Exporting Processes are free to allocate Template IDs as they see + * fit, Collecting Processes MUST NOT assume incremental Template + * IDs, or anything about the contents of a Template based on its + * Template ID alone. + * + * Field Count + * + * Number of fields in this Template Record. + */ + +typedef struct +{ + u32 id_count; +} ipfix_template_header_t; + +static inline u32 +ipfix_id_count (u16 id, u16 count) +{ + return clib_host_to_net_u32 ((id << 16) | count); +} + +/* Template packet */ +typedef struct +{ + ipfix_message_header_t h; + ipfix_set_header_t s; + ipfix_template_header_t t; + ipfix_field_specifier_t fields[0]; +} ipfix_template_packet_t; + +#endif /* __included_ipfix_packet_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/vnet_all_api_h.h b/src/vnet/vnet_all_api_h.h index 5c7c4869c91..9d416e92e4e 100644 --- a/src/vnet/vnet_all_api_h.h +++ b/src/vnet/vnet_all_api_h.h @@ -59,7 +59,7 @@ #include #include #include -#include +#include #include #include #include -- cgit 1.2.3-korg