1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
/*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* @brief
* The IP NULL DPO represents the rubbish bin for IP traffic. Without specifying an
* action (i.e. send IMCP type X to sender) it is equivalent to using a drop DPO.
* However, in contrast to the drop DPO any route that resovles via a NULL, is
* considered to 'resolved' by FIB, i.e. a IP NULL is used when the control plane
* is explicitly expressing the desire to drop packets. Drop DPOs are used
* internally by FIB when resolution is not possible.
*
* Any replies to sender are rate limited.
*/
#ifndef __IP_NULL_DPO_H__
#define __IP_NULL_DPO_H__
#include <vnet/dpo/dpo.h>
/**
* @brief Actions to take when a packet encounters the NULL DPO
*/
typedef enum ip_null_dpo_action_t_
{
IP_NULL_ACTION_NONE,
IP_NULL_ACTION_SEND_ICMP_UNREACH,
IP_NULL_ACTION_SEND_ICMP_PROHIBIT,
} ip_null_dpo_action_t;
#define IP_NULL_ACTIONS { \
[IP_NULL_ACTION_NONE] = "discard", \
[IP_NULL_ACTION_SEND_ICMP_UNREACH] = "send-unreachable", \
[IP_NULL_ACTION_SEND_ICMP_PROHIBIT] = "send-prohibited", \
}
#define IP_NULL_DPO_ACTION_NUM (IP_NULL_ACTION_SEND_ICMP_PROHIBIT+1)
extern void ip_null_dpo_add_and_lock (dpo_proto_t proto,
ip_null_dpo_action_t action,
dpo_id_t *dpo);
extern void ip_null_dpo_module_init(void);
extern ip_null_dpo_action_t ip_null_dpo_get_action(index_t indi);
#endif
|