aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/classify/flow_classify.h
blob: e3308f3a302d73e85a8da8e6f33fea3e7087cefd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
/*
 * Copyright (c) 2016 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef __included_vnet_flow_classify_h__
#define __included_vnet_flow_classify_h__

#include <vlib/vlib.h>
#include <vnet/vnet.h>
#include <vnet/classify/vnet_classify.h>

typedef enum
{
  FLOW_CLASSIFY_TABLE_IP4,
  FLOW_CLASSIFY_TABLE_IP6,
  FLOW_CLASSIFY_N_TABLES,
} flow_classify_table_id_t;

typedef enum
{
  FLOW_CLASSIFY_NEXT_INDEX_DROP,
  FLOW_CLASSIFY_NEXT_INDEX_N_NEXT,
} flow_classify_next_index_t;

typedef struct
{
  /* Classifier table vectors */
  u32 *classify_table_index_by_sw_if_index[FLOW_CLASSIFY_N_TABLES];

  /* Convenience variables */
  vlib_main_t *vlib_main;
  vnet_main_t *vnet_main;
  vnet_classify_main_t *vnet_classify_main;
  vnet_config_main_t *vnet_config_main[FLOW_CLASSIFY_N_TABLES];
} flow_classify_main_t;

extern flow_classify_main_t flow_classify_main;

int vnet_set_flow_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
				  u32 ip4_table_index, u32 ip6_table_index,
				  u32 is_add);

#endif /* __included_vnet_flow_classify_h__ */

/*
 * fd.io coding-style-patch-verification: ON
 *
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End:
 */
ghlight .vg { color: #f8f8f2 } /* Name.Variable.Global */ .highlight .vi { color: #f8f8f2 } /* Name.Variable.Instance */ .highlight .vm { color: #f8f8f2 } /* Name.Variable.Magic */ .highlight .il { color: #ae81ff } /* Literal.Number.Integer.Long */ } @media (prefers-color-scheme: light) { .highlight .hll { background-color: #ffffcc } .highlight .c { color: #888888 } /* Comment */ .highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */ .highlight .k { color: #008800; font-weight: bold } /* Keyword */ .highlight .ch { color: #888888 } /* Comment.Hashbang */ .highlight .cm { color: #888888 } /* Comment.Multiline */ .highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */ .highlight .cpf { color: #888888 } /* Comment.PreprocFile */ .highlight .c1 { color: #888888 } /* Comment.Single */ .highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */ .highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */ .highlight .ge { font-style: italic } /* Generic.Emph */ .highlight .gr { color: #aa0000 } /* Generic.Error */ .highlight .gh { color: #333333 } /* Generic.Heading */ .highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */ .highlight .go { color: #888888 } /* Generic.Output */ .highlight .gp { color: #555555 } /* Generic.Prompt */ .highlight .gs { font-weight: bold } /* Generic.Strong */ .highlight .gu { color: #666666 } /* Generic.Subheading */ .highlight .gt { color: #aa0000 } /* Generic.Traceback */ .highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */ .highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */ .highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */ .highlight .kp { color: #008800 } /* Keyword.Pseudo */ .highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */ .highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */ .highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */ .highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */ .highlight .na { color: #336699 } /* Name.Attribute */ .highlight .nb { color: #003388 } /* Name.Builtin */ .highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */ .highlight .no { color: #003366; font-weight: bold } /* Name.Constant */ .highlight .nd { color: #555555 } /* Name.Decorator */ .highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */ .highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */ .highlight .nl { color: #336699; font-style: italic } /* Name.Label */ .highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */ .highlight .py { color: #336699; font-weight: bold } /* Name.Property */ .highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */ .highlight .nv { color: #336699 } /* Name.Variable */ .highlight .ow { color: #008800 } /* Operator.Word */ .highlight .w { color: #bbbbbb } /* Text.Whitespace */ .highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */ .highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */ .highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */ .highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */ .highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */ .highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */ .highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */ .highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */ .highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */ .highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */ .highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */ .highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */ .highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ }
/*
 * Copyright (c) 2018 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef __GBP_ENDPOINT_H__
#define __GBP_ENDPOINT_H__

#include <plugins/gbp/gbp_types.h>
#include <plugins/gbp/gbp_itf.h>
#include <vnet/ip/ip.h>
#include <vnet/ethernet/mac_address.h>

#include <vppinfra/bihash_16_8.h>
#include <vppinfra/bihash_template.h>
#include <vppinfra/bihash_24_8.h>
#include <vppinfra/bihash_template.h>

/**
 * Flags for each endpoint
 */
typedef enum gbp_endpoint_attr_t_
{
  GBP_ENDPOINT_ATTR_FIRST = 0,
  GBP_ENDPOINT_ATTR_BOUNCE = GBP_ENDPOINT_ATTR_FIRST,
  GBP_ENDPOINT_ATTR_REMOTE,
  GBP_ENDPOINT_ATTR_LEARNT,
  GBP_ENDPOINT_ATTR_EXTERNAL,
  GBP_ENDPOINT_ATTR_LAST,
} gbp_endpoint_attr_t;

typedef enum gbp_endpoint_flags_t_
{
  GBP_ENDPOINT_FLAG_NONE = 0,
  GBP_ENDPOINT_FLAG_BOUNCE = (1 << GBP_ENDPOINT_ATTR_BOUNCE),
  GBP_ENDPOINT_FLAG_REMOTE = (1 << GBP_ENDPOINT_ATTR_REMOTE),
  GBP_ENDPOINT_FLAG_LEARNT = (1 << GBP_ENDPOINT_ATTR_LEARNT),
  GBP_ENDPOINT_FLAG_EXTERNAL = (1 << GBP_ENDPOINT_ATTR_EXTERNAL),
} gbp_endpoint_flags_t;

#define GBP_ENDPOINT_ATTR_NAMES {                 \
    [GBP_ENDPOINT_ATTR_BOUNCE] = "bounce",        \
    [GBP_ENDPOINT_ATTR_REMOTE] = "remote",        \
    [GBP_ENDPOINT_ATTR_LEARNT] = "learnt",        \
    [GBP_ENDPOINT_ATTR_EXTERNAL] = "external",    \
}

extern u8 *format_gbp_endpoint_flags (u8 * s, va_list * args);

/**
 * Sources of Endpoints in priority order. The best (lowest value) source
 * provides the forwarding information.
 * Data-plane takes preference because the CP data is not always complete,
 * it may not have the sclass.
 */
#define foreach_gbp_endpoint_src    \
  _(DP, "data-plane")               \
  _(CP, "control-plane")            \
  _(RR, "recursive-resolution")

typedef enum gbp_endpoint_src_t_
{
#define _(v,s) GBP_ENDPOINT_SRC_##v,
  foreach_gbp_endpoint_src
#undef _
} gbp_endpoint_src_t;

#define GBP_ENDPOINT_SRC_MAX (GBP_ENDPOINT_SRC_RR+1)

extern u8 *format_gbp_endpoint_src (u8 * s, va_list * args);

/**
 * This is the identity of an endpoint, as such it is information
 * about an endpoint that is idempotent.
 * The ID is used to add the EP into the various data-bases for retrieval.
 */
typedef struct gbp_endpoint_key_t_
{
  /**
   * A vector of ip addresses that belong to the endpoint.
   * Together with the route EPG's RD this forms the EP's L3 key
   */
  fib_prefix_t *gek_ips;

  /**
   * MAC address of the endpoint.
   * Together with the route EPG's BD this forms the EP's L2 key
   */
  mac_address_t gek_mac;

  /**
   * Index of the Bridge-Domain
   */
  index_t gek_gbd;

  /**
   * Index of the Route-Domain
   */
  index_t gek_grd;
} gbp_endpoint_key_t;

/**
 * Information about the location of the endpoint provided by a source
 * of endpoints
 */
typedef struct gbp_endpoint_loc_t_
{
  /**
   * The source providing this location information
   */
  gbp_endpoint_src_t gel_src;

  /**
   * The interface on which the EP is connected
   */
  gbp_itf_hdl_t gel_itf;

  /**
   * Endpoint flags
   */
  gbp_endpoint_flags_t gel_flags;

  /**
   * Endpoint Group.
   */
  index_t gel_epg;

  /**
   * number of times this source has locked this
   */
  u32 gel_locks;

  /**
   * Tunnel info for remote endpoints
   */
  struct
  {
    u32 gel_parent_sw_if_index;
    ip46_address_t gel_src;
    ip46_address_t gel_dst;
  } tun;
} gbp_endpoint_loc_t;

/**
 * And endpoints current forwarding state
 */
typedef struct gbp_endpoint_fwd_t_
{
  /**
   * The interface on which the EP is connected
   */
  gbp_itf_hdl_t gef_itf;

  /**
   * The L3 adj, if created
   */
  index_t *gef_adjs;

  /**
   * Endpoint Group's sclass. cached for fast DP access.
   */
  sclass_t gef_sclass;

  /**
   * FIB index the EP is in
   */
  u32 gef_fib_index;

  gbp_endpoint_flags_t gef_flags;
} gbp_endpoint_fwd_t;

/**
 * A Group Based Policy Endpoint.
 * This is typically a VM or container. If the endpoint is local (i.e. on
 * the same compute node as VPP) then there is one interface per-endpoint.
 * If the EP is remote,e.g. reachable over a [vxlan] tunnel, then there
 * will be multiple EPs reachable over the tunnel and they can be distinguished
 * via either their MAC or IP Address[es].
 */
typedef struct gbp_endpoint_t_
{
  /**
   * A FIB node that allows the tracking of children.
   */
  fib_node_t ge_node;

  /**
   * The key/ID of this EP
   */
  gbp_endpoint_key_t ge_key;

  /**
   * Location information provided by the various sources.
   * These are sorted based on source priority.
   */
  gbp_endpoint_loc_t *ge_locs;

  gbp_endpoint_fwd_t ge_fwd;

  /**
   * The last time a packet from seen from this end point
   */
  f64 ge_last_time;
} gbp_endpoint_t;

extern u8 *format_gbp_endpoint (u8 * s, va_list * args);

/**
 * GBP Endpoint Databases
 */
typedef struct gbp_ep_by_ip_itf_db_t_
{
  index_t *ged_by_sw_if_index;
  clib_bihash_24_8_t ged_by_ip_rd;
  clib_bihash_16_8_t ged_by_mac_bd;
} gbp_ep_db_t;

extern int gbp_endpoint_update_and_lock (gbp_endpoint_src_t src,
					 u32 sw_if_index,
					 const ip46_address_t * ip,
					 const mac_address_t * mac,
					 index_t gbd, index_t grd,
					 sclass_t sclass,
					 gbp_endpoint_flags_t flags,
					 const ip46_address_t * tun_src,
					 const ip46_address_t * tun_dst,
					 u32 * handle);
extern void gbp_endpoint_unlock (gbp_endpoint_src_t src, index_t gbpei);
extern u32 gbp_endpoint_child_add (index_t gei,
				   fib_node_type_t type,
				   fib_node_index_t index);
extern void gbp_endpoint_child_remove (index_t gei, u32 sibling);

typedef walk_rc_t (*gbp_endpoint_cb_t) (index_t gbpei, void *ctx);
extern void gbp_endpoint_walk (gbp_endpoint_cb_t cb, void *ctx);
extern void gbp_endpoint_scan (vlib_main_t * vm);
extern int gbp_endpoint_is_remote (const gbp_endpoint_t * ge);
extern int gbp_endpoint_is_local (const gbp_endpoint_t * ge);
extern int gbp_endpoint_is_external (const gbp_endpoint_t * ge);
extern int gbp_endpoint_is_learnt (const gbp_endpoint_t * ge);


extern void gbp_endpoint_flush (gbp_endpoint_src_t src, u32 sw_if_index);

/**
 * DP functions and databases
 */
extern gbp_ep_db_t gbp_ep_db;
extern gbp_endpoint_t *gbp_endpoint_pool;

/**
 * Get the endpoint from a port/interface
 */
always_inline gbp_endpoint_t *
gbp_endpoint_get (index_t gbpei)
{
  return (pool_elt_at_index (gbp_endpoint_pool, gbpei));
}

static_always_inline void
gbp_endpoint_mk_key_mac (const u8 * mac,
			 u32 bd_index, clib_bihash_kv_16_8_t * key)
{
  key->key[0] = ethernet_mac_address_u64 (mac);
  key->key[1] = bd_index;
}

static_always_inline gbp_endpoint_t *
gbp_endpoint_find_mac (const u8 * mac, u32 bd_index)
{
  clib_bihash_kv_16_8_t key, value;
  int rv;

  gbp_endpoint_mk_key_mac (mac, bd_index, &key);

  rv = clib_bihash_search_16_8 (&gbp_ep_db.ged_by_mac_bd, &key, &value);

  if (0 != rv)
    return NULL;

  return (gbp_endpoint_get (value.value));
}

static_always_inline void
gbp_endpoint_mk_key_ip (const ip46_address_t * ip,
			u32 fib_index, clib_bihash_kv_24_8_t * key)
{
  key->key[0] = ip->as_u64[0];
  key->key[1] = ip->as_u64[1];
  key->key[2] = fib_index;
}

static_always_inline void
gbp_endpoint_mk_key_ip4 (const ip4_address_t * ip,
			 u32 fib_index, clib_bihash_kv_24_8_t * key)
{
  const ip46_address_t a = {
    .ip4 = *ip,
  };
  gbp_endpoint_mk_key_ip (&a, fib_index, key);
}

static_always_inline gbp_endpoint_t *
gbp_endpoint_find_ip4 (const ip4_address_t * ip, u32 fib_index)
{
  clib_bihash_kv_24_8_t key, value;
  int rv;

  gbp_endpoint_mk_key_ip4 (ip, fib_index, &key);

  rv = clib_bihash_search_24_8 (&gbp_ep_db.ged_by_ip_rd, &key, &value);

  if (0 != rv)
    return NULL;

  return (gbp_endpoint_get (value.value));
}

static_always_inline void
gbp_endpoint_mk_key_ip6 (const ip6_address_t * ip,
			 u32 fib_index, clib_bihash_kv_24_8_t * key)
{
  key->key[0] = ip->as_u64[0];
  key->key[1] = ip->as_u64[1];
  key->key[2] = fib_index;
}

static_always_inline gbp_endpoint_t *
gbp_endpoint_find_ip6 (const ip6_address_t * ip, u32 fib_index)
{
  clib_bihash_kv_24_8_t key, value;
  int rv;

  gbp_endpoint_mk_key_ip6 (ip, fib_index, &key);

  rv = clib_bihash_search_24_8 (&gbp_ep_db.ged_by_ip_rd, &key, &value);

  if (0 != rv)
    return NULL;

  return (gbp_endpoint_get (value.value));
}

static_always_inline gbp_endpoint_t *
gbp_endpoint_find_itf (u32 sw_if_index)
{
  index_t gei;

  gei = gbp_ep_db.ged_by_sw_if_index[sw_if_index];

  if (INDEX_INVALID != gei)
    return (gbp_endpoint_get (gei));

  return (NULL);
}


#endif

/*
 * fd.io coding-style-patch-verification: ON
 *
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End:
 */