2 * Copyright (c) 2018 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <plugins/gbp/gbp_recirc.h>
17 #include <plugins/gbp/gbp_endpoint_group.h>
18 #include <plugins/gbp/gbp_endpoint.h>
20 #include <vnet/dpo/dvr_dpo.h>
21 #include <vnet/fib/fib_table.h>
26 gbp_recirc_t *gbp_recirc_pool;
29 * Recirc configs keyed by sw_if_index
31 index_t *gbp_recirc_db;
34 gbp_recirc_add (u32 sw_if_index, epg_id_t epg_id, u8 is_ext)
39 vec_validate_init_empty (gbp_recirc_db, sw_if_index, INDEX_INVALID);
41 gri = gbp_recirc_db[sw_if_index];
43 if (INDEX_INVALID == gri)
45 gbp_endpoint_group_t *gepg;
46 fib_protocol_t fproto;
48 pool_get (gbp_recirc_pool, gr);
49 memset (gr, 0, sizeof (*gr));
50 gri = gr - gbp_recirc_pool;
53 gr->gr_is_ext = is_ext;
54 gr->gr_sw_if_index = sw_if_index;
57 * IP enable the recirc interface
59 ip4_sw_interface_enable_disable (gr->gr_sw_if_index, 1);
60 ip6_sw_interface_enable_disable (gr->gr_sw_if_index, 1);
63 * cache the FIB indicies of the EPG
65 gepg = gbp_endpoint_group_find (gr->gr_epg);
68 return (VNET_API_ERROR_NO_SUCH_ENTRY);
70 FOR_EACH_FIB_IP_PROTOCOL (fproto)
72 gr->gr_fib_index[fproto] = gepg->gepg_fib_index[fproto];
76 * Packets on the recirculation interface are subjet to src-EPG
77 * classification. Recirc interfaces are L2-emulation mode.
78 * for internal EPGs this is via an LPM on all external subnets.
79 * for external EPGs this is via a port mapping.
84 * recirc is for post-NAT translation packets going into
85 * the external EPG, these are classified to the NAT EPG
88 gbp_itf_epg_update (gr->gr_sw_if_index, gr->gr_epg, 0);
89 vnet_feature_enable_disable ("ip4-unicast",
90 "ip4-gbp-src-classify",
91 gr->gr_sw_if_index, 1, 0, 0);
92 vnet_feature_enable_disable ("ip6-unicast",
93 "ip6-gbp-src-classify",
94 gr->gr_sw_if_index, 1, 0, 0);
99 * recirc is for pre-NAT translation packets coming from
100 * the external EPG, these are classified based on a LPM
101 * in the EPG's route-domain
103 vnet_feature_enable_disable ("ip4-unicast",
104 "ip4-gbp-lpm-classify",
105 gr->gr_sw_if_index, 1, 0, 0);
106 vnet_feature_enable_disable ("ip6-unicast",
107 "ip6-gbp-lpm-classify",
108 gr->gr_sw_if_index, 1, 0, 0);
111 gbp_recirc_db[sw_if_index] = gri;
118 gbp_recirc_delete (u32 sw_if_index)
123 gri = gbp_recirc_db[sw_if_index];
125 if (INDEX_INVALID != gri)
127 gr = pool_elt_at_index (gbp_recirc_pool, gri);
131 gbp_itf_epg_delete (gr->gr_sw_if_index);
132 vnet_feature_enable_disable ("ip4-unicast",
133 "ip4-gbp-src-classify",
134 gr->gr_sw_if_index, 0, 0, 0);
135 vnet_feature_enable_disable ("ip6-unicast",
136 "ip6-gbp-src-classify",
137 gr->gr_sw_if_index, 0, 0, 0);
141 vnet_feature_enable_disable ("ip4-unicast",
142 "ip4-gbp-lpm-classify",
143 gr->gr_sw_if_index, 0, 0, 0);
144 vnet_feature_enable_disable ("ip6-unicast",
145 "ip6-gbp-lpm-classify",
146 gr->gr_sw_if_index, 0, 0, 0);
149 ip4_sw_interface_enable_disable (gr->gr_sw_if_index, 0);
150 ip6_sw_interface_enable_disable (gr->gr_sw_if_index, 0);
152 gbp_recirc_db[sw_if_index] = INDEX_INVALID;
153 pool_put (gbp_recirc_pool, gr);
158 gbp_recirc_walk (gbp_recirc_cb_t cb, void *ctx)
163 pool_foreach(gbpe, gbp_recirc_pool,
172 gbp_recirc_show_one (gbp_recirc_t * gr, void *ctx)
174 vnet_main_t *vnm = vnet_get_main ();
178 vlib_cli_output (vm, " %U, epg:%d, ext:%d",
179 format_vnet_sw_if_index_name, vnm,
180 gr->gr_sw_if_index, gr->gr_epg, gr->gr_is_ext);
185 static clib_error_t *
186 gbp_recirc_show (vlib_main_t * vm,
187 unformat_input_t * input, vlib_cli_command_t * cmd)
189 vlib_cli_output (vm, "Recirculation-Interfaces:");
190 gbp_recirc_walk (gbp_recirc_show_one, vm);
197 * Show Group Based Policy Recircs and derived information
200 * @cliexstart{show gbp recirc}
204 VLIB_CLI_COMMAND (gbp_recirc_show_node, static) = {
205 .path = "show gbp recirc",
206 .short_help = "show gbp recirc\n",
207 .function = gbp_recirc_show,
212 * fd.io coding-style-patch-verification: ON
215 * eval: (c-set-style "gnu")