FD.io VPP  v19.04-6-g6f05f72
Vector Packet Processing
gbp_endpoint_group.c
Go to the documentation of this file.
1 /*
2  * gbp.h : Group Based Policy
3  *
4  * Copyright (c) 2018 Cisco and/or its affiliates.
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at:
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 
22 
23 #include <vnet/dpo/dvr_dpo.h>
24 #include <vnet/fib/fib_table.h>
25 #include <vnet/l2/l2_input.h>
26 
27 /**
28  * Pool of GBP endpoint_groups
29  */
31 
32 /**
33  * DB of endpoint_groups
34  */
36 
37 /**
38  * Map sclass to EPG
39  */
41 
43 
44 #define GBP_EPG_DBG(...) \
45  vlib_log_debug (gg_logger, __VA_ARGS__);
46 
49 {
50  return (pool_elt_at_index (gbp_endpoint_group_pool, i));
51 }
52 
53 void
55 {
57 
58  gg = gbp_endpoint_group_get (i);
59  gg->gg_locks++;
60 }
61 
62 index_t
64 {
65  uword *p;
66 
67  p = hash_get (gbp_endpoint_group_db.gg_hash_sclass, sclass);
68 
69  if (NULL != p)
70  return p[0];
71 
72  return (INDEX_INVALID);
73 }
74 
75 int
77  u16 sclass,
78  u32 bd_id,
79  u32 rd_id,
80  u32 uplink_sw_if_index,
81  const gbp_endpoint_retention_t * retention)
82 {
84  index_t ggi;
85 
86  ggi = gbp_endpoint_group_find (sclass);
87 
88  if (INDEX_INVALID == ggi)
89  {
91  fib_protocol_t fproto;
92  index_t gbi, grdi;
93 
94  gbi = gbp_bridge_domain_find_and_lock (bd_id);
95 
96  if (~0 == gbi)
97  return (VNET_API_ERROR_BD_NOT_MODIFIABLE);
98 
99  grdi = gbp_route_domain_find_and_lock (rd_id);
100 
101  if (~0 == grdi)
102  {
104  return (VNET_API_ERROR_NO_SUCH_FIB);
105  }
106 
107  gb = gbp_bridge_domain_get (gbi);
108 
109  pool_get_zero (gbp_endpoint_group_pool, gg);
110 
111  gg->gg_vnid = vnid;
112  gg->gg_rd = grdi;
113  gg->gg_gbd = gbi;
114  gg->gg_bd_index = gb->gb_bd_index;
115 
116  gg->gg_uplink_sw_if_index = uplink_sw_if_index;
117  gg->gg_locks = 1;
118  gg->gg_sclass = sclass;
119  gg->gg_retention = *retention;
120 
121  if (SCLASS_INVALID != gg->gg_sclass)
123 
124  /*
125  * an egress DVR dpo for internal subnets to use when sending
126  * on the uplink interface
127  */
128  if (~0 != gg->gg_uplink_sw_if_index)
129  {
130  FOR_EACH_FIB_IP_PROTOCOL (fproto)
131  {
132  dvr_dpo_add_or_lock (uplink_sw_if_index,
133  fib_proto_to_dpo (fproto),
134  &gg->gg_dpo[fproto]);
135  }
136 
137  /*
138  * Add the uplink to the BD
139  * packets direct from the uplink have had policy applied
140  */
145  L2INPUT_FEAT_GBP_NULL_CLASSIFY, 1);
146  }
147 
148  hash_set (gbp_endpoint_group_db.gg_hash_sclass,
149  gg->gg_sclass, gg - gbp_endpoint_group_pool);
150  }
151  else
152  {
153  gg = gbp_endpoint_group_get (ggi);
154  gg->gg_locks++;
155  }
156 
157  GBP_EPG_DBG ("add: %U", format_gbp_endpoint_group, gg);
158 
159  return (0);
160 }
161 
162 void
164 {
166 
167  if (INDEX_INVALID == ggi)
168  return;
169 
170  gg = gbp_endpoint_group_get (ggi);
171 
172  gg->gg_locks--;
173 
174  if (0 == gg->gg_locks)
175  {
176  fib_protocol_t fproto;
177 
178  gg = pool_elt_at_index (gbp_endpoint_group_pool, ggi);
179 
180  if (~0 != gg->gg_uplink_sw_if_index)
181  {
185 
187  L2INPUT_FEAT_GBP_NULL_CLASSIFY, 0);
188  }
189  FOR_EACH_FIB_IP_PROTOCOL (fproto)
190  {
191  dpo_reset (&gg->gg_dpo[fproto]);
192  }
195 
196  if (SCLASS_INVALID != gg->gg_sclass)
198  hash_unset (gbp_endpoint_group_db.gg_hash_sclass, gg->gg_sclass);
199 
200  pool_put (gbp_endpoint_group_pool, gg);
201  }
202 }
203 
204 int
206 {
207  index_t ggi;
208 
209  ggi = gbp_endpoint_group_find (sclass);
210 
211  if (INDEX_INVALID != ggi)
212  {
214  gbp_endpoint_group_get (ggi));
216 
217  return (0);
218  }
219 
220  return (VNET_API_ERROR_NO_SUCH_ENTRY);
221 }
222 
223 u32
225 {
226  const gbp_bridge_domain_t *gb;
227 
228  gb = gbp_bridge_domain_get (gg->gg_gbd);
229 
230  return (gb->gb_bd_id);
231 }
232 
233 index_t
235  fib_protocol_t fproto)
236 {
237  const gbp_route_domain_t *grd;
238 
239  grd = gbp_route_domain_get (gg->gg_rd);
240 
241  return (grd->grd_fib_index[fproto]);
242 }
243 
244 void
246 {
247  gbp_endpoint_group_t *gbpe;
248 
249  /* *INDENT-OFF* */
250  pool_foreach(gbpe, gbp_endpoint_group_pool,
251  {
252  if (!cb(gbpe, ctx))
253  break;
254  });
255  /* *INDENT-ON* */
256 }
257 
258 static clib_error_t *
260  unformat_input_t * input, vlib_cli_command_t * cmd)
261 {
262  gbp_endpoint_retention_t retention = { 0 };
263  vnid_t vnid = VNID_INVALID, sclass;
264  vnet_main_t *vnm = vnet_get_main ();
265  u32 uplink_sw_if_index = ~0;
266  u32 bd_id = ~0;
267  u32 rd_id = ~0;
268  u8 add = 1;
269 
271  {
272  if (unformat (input, "%U", unformat_vnet_sw_interface,
273  vnm, &uplink_sw_if_index))
274  ;
275  else if (unformat (input, "add"))
276  add = 1;
277  else if (unformat (input, "del"))
278  add = 0;
279  else if (unformat (input, "epg %d", &vnid))
280  ;
281  else if (unformat (input, "sclass %d", &sclass))
282  ;
283  else if (unformat (input, "bd %d", &bd_id))
284  ;
285  else if (unformat (input, "rd %d", &rd_id))
286  ;
287  else
288  break;
289  }
290 
291  if (VNID_INVALID == vnid)
292  return clib_error_return (0, "EPG-ID must be specified");
293 
294  if (add)
295  {
296  if (~0 == uplink_sw_if_index)
297  return clib_error_return (0, "interface must be specified");
298  if (~0 == bd_id)
299  return clib_error_return (0, "Bridge-domain must be specified");
300  if (~0 == rd_id)
301  return clib_error_return (0, "route-domain must be specified");
302 
303  gbp_endpoint_group_add_and_lock (vnid, sclass, bd_id, rd_id,
304  uplink_sw_if_index, &retention);
305  }
306  else
308 
309  return (NULL);
310 }
311 
312 /*?
313  * Configure a GBP Endpoint Group
314  *
315  * @cliexpar
316  * @cliexstart{set gbp endpoint-group [del] epg <ID> bd <ID> <interface>}
317  * @cliexend
318  ?*/
319 /* *INDENT-OFF* */
320 VLIB_CLI_COMMAND (gbp_endpoint_group_cli_node, static) = {
321  .path = "gbp endpoint-group",
322  .short_help = "gbp endpoint-group [del] epg <ID> bd <ID> rd <ID> <interface>",
323  .function = gbp_endpoint_group_cli,
324 };
325 
326 static u8 *
327 format_gbp_endpoint_retention (u8 * s, va_list * args)
328 {
329  gbp_endpoint_retention_t *rt = va_arg (*args, gbp_endpoint_retention_t*);
330 
331  s = format (s, "[remote-EP-timeout:%d]", rt->remote_ep_timeout);
332 
333  return (s);
334 }
335 
336 u8 *
337 format_gbp_endpoint_group (u8 * s, va_list * args)
338 {
339  gbp_endpoint_group_t *gg = va_arg (*args, gbp_endpoint_group_t*);
340  vnet_main_t *vnm = vnet_get_main ();
341 
342  if (NULL != gg)
343  s = format (s, "[%d] %d, sclass:%d bd:[%d,%d] rd:[%d] uplink:%U retnetion:%U locks:%d",
344  gg - gbp_endpoint_group_pool,
345  gg->gg_vnid,
346  gg->gg_sclass,
348  gg->gg_rd,
351  gg->gg_locks);
352  else
353  s = format (s, "NULL");
354 
355  return (s);
356 }
357 
358 static int
360 {
361  vlib_main_t *vm;
362 
363  vm = ctx;
365 
366  return (1);
367 }
368 
369 static clib_error_t *
371  unformat_input_t * input, vlib_cli_command_t * cmd)
372 {
373  vlib_cli_output (vm, "Endpoint-Groups:");
375 
376  return (NULL);
377 }
378 
379 
380 /*?
381  * Show Group Based Policy Endpoint_Groups and derived information
382  *
383  * @cliexpar
384  * @cliexstart{show gbp endpoint_group}
385  * @cliexend
386  ?*/
387 /* *INDENT-OFF* */
388 VLIB_CLI_COMMAND (gbp_endpoint_group_show_node, static) = {
389  .path = "show gbp endpoint-group",
390  .short_help = "show gbp endpoint-group\n",
391  .function = gbp_endpoint_group_show,
392 };
393 /* *INDENT-ON* */
394 
395 static clib_error_t *
397 {
398  gg_logger = vlib_log_register_class ("gbp", "epg");
399 
400  return (NULL);
401 }
402 
404 
405 /*
406  * fd.io coding-style-patch-verification: ON
407  *
408  * Local Variables:
409  * eval: (c-set-style "gnu")
410  * End:
411  */
vlib_log_class_t vlib_log_register_class(char *class, char *subclass)
Definition: log.c:227
EPG DB, key&#39;d on EGP-ID.
void gbp_route_domain_unlock(index_t index)
#define hash_set(h, key, value)
Definition: hash.h:255
u16 sclass_t
Definition: gbp_types.h:24
#define hash_unset(h, key)
Definition: hash.h:261
vnet_main_t * vnet_get_main(void)
Definition: misc.c:47
#define pool_get_zero(P, E)
Allocate an object E from a pool P and zero it.
Definition: pool.h:239
#define NULL
Definition: clib.h:58
A bridge Domain Representation.
int gbp_endpoint_group_delete(sclass_t sclass)
u8 * format_gbp_endpoint_group(u8 *s, va_list *args)
u32 index_t
A Data-Path Object is an object that represents actions that are applied to packets are they are swit...
Definition: dpo.h:41
int i
u32 rd_id
Definition: gbp.api:270
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:424
unformat_function_t unformat_vnet_sw_interface
index_t gg_rd
route-domain/IP-table ID the EPG is in
Endpoint Retnetion Policy.
static gbp_bridge_domain_t * gbp_bridge_domain_get(index_t i)
vlib_log_class_t gg_logger
format_function_t format_vnet_sw_if_index_name
unsigned char u8
Definition: types.h:56
enum fib_protocol_t_ fib_protocol_t
Protocol Type.
u32 vlib_log_class_t
Definition: vlib.h:50
#define pool_foreach(VAR, POOL, BODY)
Iterate through pool.
Definition: pool.h:493
#define VLIB_INIT_FUNCTION(x)
Definition: init.h:163
#define MODE_L2_BRIDGE
Definition: l2_input.h:211
gbp_endpoint_group_t * gbp_endpoint_group_get(index_t i)
#define clib_error_return(e, args...)
Definition: error.h:99
static u8 * format_gbp_endpoint_retention(u8 *s, va_list *args)
unsigned int u32
Definition: types.h:88
int(* gbp_endpoint_group_cb_t)(gbp_endpoint_group_t *gbpe, void *ctx)
#define hash_get(h, key)
Definition: hash.h:249
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:514
long ctx[MAX_CONNS]
Definition: main.c:144
u32 bd_id
Definition: gbp.api:269
struct _unformat_input_t unformat_input_t
unsigned short u16
Definition: types.h:57
int gbp_endpoint_group_add_and_lock(vnid_t vnid, u16 sclass, u32 bd_id, u32 rd_id, u32 uplink_sw_if_index, const gbp_endpoint_retention_t *retention)
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:286
u16 sclass
Definition: gbp.api:118
u32 remote_ep_timeout
Aging timeout for remote endpoints.
#define SCLASS_INVALID
Definition: gbp_types.h:25
u32 gb_bd_id
Bridge-domain ID.
gbp_endpoint_group_db_t gbp_endpoint_group_db
DB of endpoint_groups.
An Endpoint Group representation.
void dvr_dpo_add_or_lock(u32 sw_if_index, dpo_proto_t dproto, dpo_id_t *dpo)
Definition: dvr_dpo.c:90
#define UNFORMAT_END_OF_INPUT
Definition: format.h:144
vlib_main_t * vm
Definition: buffer.c:312
static clib_error_t * gbp_endpoint_group_show(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
u32 grd_fib_index[FIB_PROTOCOL_IP_MAX]
u32 gg_locks
Locks/references to this EPG.
u32 vnid_t
Definition: gbp_types.h:21
void gbp_endpoint_group_lock(index_t i)
index_t gbp_bridge_domain_find_and_lock(u32 bd_id)
#define VLIB_CLI_COMMAND(x,...)
Definition: cli.h:155
uword * gbp_epg_sclass_db
Map sclass to EPG.
gbp_route_domain_t * gbp_route_domain_get(index_t i)
static int gbp_endpoint_group_show_one(gbp_endpoint_group_t *gg, void *ctx)
dpo_id_t gg_dpo[FIB_PROTOCOL_IP_MAX]
The DPO used in the L3 path for forwarding internal subnets.
void gbp_endpoint_group_unlock(index_t ggi)
#define GBP_EPG_DBG(...)
u32 set_int_l2_mode(vlib_main_t *vm, vnet_main_t *vnet_main, u32 mode, u32 sw_if_index, u32 bd_index, l2_bd_port_type_t port_type, u32 shg, u32 xc_sw_if_index)
Set the subinterface to run in l2 or l3 mode.
Definition: l2_input.c:589
u32 l2input_intf_bitmap_enable(u32 sw_if_index, l2input_feat_masks_t feature_bitmap, u32 enable)
Enable (or disable) the feature in the bitmap for the given interface.
Definition: l2_input.c:536
gbp_endpoint_retention_t gg_retention
EP retention policy.
dpo_proto_t fib_proto_to_dpo(fib_protocol_t fib_proto)
Definition: fib_types.c:237
static clib_error_t * gbp_endpoint_group_cli(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
static vlib_main_t * vlib_get_main(void)
Definition: global_funcs.h:23
static clib_error_t * gbp_endpoint_group_init(vlib_main_t *vm)
A route Domain Representation.
u32 gg_uplink_sw_if_index
the uplink interface dedicated to the EPG
#define INDEX_INVALID
Invalid index - used when no index is known blazoned capitals INVALID speak volumes where ~0 does not...
Definition: dpo.h:47
u64 uword
Definition: types.h:112
#define FOR_EACH_FIB_IP_PROTOCOL(_item)
Definition: fib_types.h:70
index_t gbp_endpoint_group_find(sclass_t sclass)
u32 gbp_endpoint_group_get_bd_id(const gbp_endpoint_group_t *gg)
void dpo_reset(dpo_id_t *dpo)
reset a DPO ID The DPO will be unlocked.
Definition: dpo.c:231
gbp_endpoint_group_t * gbp_endpoint_group_pool
Pool of GBP endpoint_groups.
index_t gbp_endpoint_group_get_fib_index(const gbp_endpoint_group_t *gg, fib_protocol_t fproto)
void gbp_bridge_domain_unlock(index_t index)
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
Definition: cli.c:725
#define VNID_INVALID
Definition: gbp_types.h:22
uword unformat(unformat_input_t *i, const char *fmt,...)
Definition: unformat.c:972
index_t gbp_route_domain_find_and_lock(u32 rd_id)
static uword unformat_check_input(unformat_input_t *i)
Definition: format.h:170
#define MODE_L3
Definition: l2_input.h:210
index_t gg_gbd
Bridge-domain ID the EPG is in.
void gbp_endpoint_group_walk(gbp_endpoint_group_cb_t cb, void *ctx)