2 * Copyright (c) 2018 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <plugins/gbp/gbp_recirc.h>
17 #include <plugins/gbp/gbp_endpoint_group.h>
18 #include <plugins/gbp/gbp_endpoint.h>
19 #include <plugins/gbp/gbp_itf.h>
21 #include <vnet/dpo/dvr_dpo.h>
22 #include <vnet/fib/fib_table.h>
24 #include <vlib/unix/plugin.h>
29 gbp_recirc_t *gbp_recirc_pool;
32 * Recirc configs keyed by sw_if_index
34 index_t *gbp_recirc_db;
39 vlib_log_class_t gr_logger;
42 * L2 Emulation enable/disable symbols
44 static void (*l2e_enable) (u32 sw_if_index);
45 static void (*l2e_disable) (u32 sw_if_index);
47 #define GBP_RECIRC_DBG(...) \
48 vlib_log_debug (gr_logger, __VA_ARGS__);
51 format_gbp_recirc (u8 * s, va_list * args)
53 gbp_recirc_t *gr = va_arg (*args, gbp_recirc_t *);
54 vnet_main_t *vnm = vnet_get_main ();
56 return format (s, " %U, sclass:%d, ext:%d",
57 format_vnet_sw_if_index_name, vnm,
58 gr->gr_sw_if_index, gr->gr_sclass, gr->gr_is_ext);
62 gbp_recirc_add (u32 sw_if_index, sclass_t sclass, u8 is_ext)
67 vec_validate_init_empty (gbp_recirc_db, sw_if_index, INDEX_INVALID);
69 gri = gbp_recirc_db[sw_if_index];
71 if (INDEX_INVALID == gri)
73 gbp_endpoint_group_t *gg;
74 fib_protocol_t fproto;
77 ggi = gbp_endpoint_group_find (sclass);
79 if (INDEX_INVALID == ggi)
80 return (VNET_API_ERROR_NO_SUCH_ENTRY);
82 gbp_endpoint_group_lock (ggi);
83 pool_get_zero (gbp_recirc_pool, gr);
84 gri = gr - gbp_recirc_pool;
86 gr->gr_sclass = sclass;
87 gr->gr_is_ext = is_ext;
88 gr->gr_sw_if_index = sw_if_index;
91 * IP enable the recirc interface
93 ip4_sw_interface_enable_disable (gr->gr_sw_if_index, 1);
94 ip6_sw_interface_enable_disable (gr->gr_sw_if_index, 1);
97 * cache the FIB indicies of the EPG
101 gg = gbp_endpoint_group_get (gr->gr_epgi);
102 FOR_EACH_FIB_IP_PROTOCOL (fproto)
104 gr->gr_fib_index[fib_proto_to_dpo (fproto)] =
105 gbp_endpoint_group_get_fib_index (gg, fproto);
109 * bind to the bridge-domain of the EPG
111 gr->gr_itf = gbp_itf_add_and_lock (gr->gr_sw_if_index, gg->gg_bd_index);
114 * set the interface into L2 emulation mode
116 l2e_enable (gr->gr_sw_if_index);
119 * Packets on the recirculation interface are subject to src-EPG
120 * classification. Recirc interfaces are L2-emulation mode.
121 * for internal EPGs this is via an LPM on all external subnets.
122 * for external EPGs this is via a port mapping.
128 * recirc is for post-NAT translation packets going into
129 * the external EPG, these are classified to the NAT EPG
132 mac_address_from_bytes (&mac,
133 vnet_sw_interface_get_hw_address
134 (vnet_get_main (), gr->gr_sw_if_index));
135 gbp_endpoint_update_and_lock (GBP_ENDPOINT_SRC_CP,
137 NULL, &mac, INDEX_INVALID,
138 INDEX_INVALID, gr->gr_sclass,
139 GBP_ENDPOINT_FLAG_NONE,
140 NULL, NULL, &gr->gr_ep);
141 vnet_feature_enable_disable ("ip4-unicast",
142 "ip4-gbp-src-classify",
143 gr->gr_sw_if_index, 1, 0, 0);
144 vnet_feature_enable_disable ("ip6-unicast",
145 "ip6-gbp-src-classify",
146 gr->gr_sw_if_index, 1, 0, 0);
151 * recirc is for pre-NAT translation packets coming from
152 * the external EPG, these are classified based on a LPM
153 * in the EPG's route-domain
155 vnet_feature_enable_disable ("ip4-unicast",
156 "ip4-gbp-lpm-classify",
157 gr->gr_sw_if_index, 1, 0, 0);
158 vnet_feature_enable_disable ("ip6-unicast",
159 "ip6-gbp-lpm-classify",
160 gr->gr_sw_if_index, 1, 0, 0);
163 gbp_recirc_db[sw_if_index] = gri;
167 gr = gbp_recirc_get (gri);
170 GBP_RECIRC_DBG ("add: %U", format_gbp_recirc, gr);
175 gbp_recirc_delete (u32 sw_if_index)
180 if (vec_len (gbp_recirc_db) <= sw_if_index)
181 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
182 gri = gbp_recirc_db[sw_if_index];
184 if (INDEX_INVALID != gri)
186 gr = pool_elt_at_index (gbp_recirc_pool, gri);
188 GBP_RECIRC_DBG ("del: %U", format_gbp_recirc, gr);
192 gbp_endpoint_unlock (GBP_ENDPOINT_SRC_CP, gr->gr_ep);
193 vnet_feature_enable_disable ("ip4-unicast",
194 "ip4-gbp-src-classify",
195 gr->gr_sw_if_index, 0, 0, 0);
196 vnet_feature_enable_disable ("ip6-unicast",
197 "ip6-gbp-src-classify",
198 gr->gr_sw_if_index, 0, 0, 0);
202 vnet_feature_enable_disable ("ip4-unicast",
203 "ip4-gbp-lpm-classify",
204 gr->gr_sw_if_index, 0, 0, 0);
205 vnet_feature_enable_disable ("ip6-unicast",
206 "ip6-gbp-lpm-classify",
207 gr->gr_sw_if_index, 0, 0, 0);
210 ip4_sw_interface_enable_disable (gr->gr_sw_if_index, 0);
211 ip6_sw_interface_enable_disable (gr->gr_sw_if_index, 0);
212 l2e_disable (gr->gr_sw_if_index);
214 gbp_itf_unlock (gr->gr_itf);
216 gbp_endpoint_group_unlock (gr->gr_epgi);
217 gbp_recirc_db[sw_if_index] = INDEX_INVALID;
218 pool_put (gbp_recirc_pool, gr);
221 return VNET_API_ERROR_NO_SUCH_ENTRY;
225 gbp_recirc_walk (gbp_recirc_cb_t cb, void *ctx)
230 pool_foreach(ge, gbp_recirc_pool,
239 gbp_recirc_show_one (gbp_recirc_t * gr, void *ctx)
241 vlib_cli_output (ctx, " %U", format_gbp_recirc, gr);
243 return (WALK_CONTINUE);
246 static clib_error_t *
247 gbp_recirc_show (vlib_main_t * vm,
248 unformat_input_t * input, vlib_cli_command_t * cmd)
250 vlib_cli_output (vm, "Recirculation-Interfaces:");
251 gbp_recirc_walk (gbp_recirc_show_one, vm);
257 * Show Group Based Policy Recircs and derived information
260 * @cliexstart{show gbp recirc}
264 VLIB_CLI_COMMAND (gbp_recirc_show_node, static) = {
265 .path = "show gbp recirc",
266 .short_help = "show gbp recirc\n",
267 .function = gbp_recirc_show,
271 static clib_error_t *
272 gbp_recirc_init (vlib_main_t * vm)
274 gr_logger = vlib_log_register_class ("gbp", "recirc");
277 vlib_get_plugin_symbol ("l2e_plugin.so", "l2_emulation_enable");
279 vlib_get_plugin_symbol ("l2e_plugin.so", "l2_emulation_disable");
284 VLIB_INIT_FUNCTION (gbp_recirc_init);
287 * fd.io coding-style-patch-verification: ON
290 * eval: (c-set-style "gnu")