projects / mirror_frr.git / blame
| Commit | Line | Data |
|---|---|---|
| acddc0ed | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
| bbe6ffd6 PG |
2 | /* |
| 3 | * BGP pbr | |
| 4 | * Copyright (C) 6WIND | |
| bbe6ffd6 PG |
5 | */ |
| 6 | #ifndef __BGP_PBR_H__ | |
| 7 | #define __BGP_PBR_H__ | |
| 8 | ||
| 9 | #include "nexthop.h" | |
| 10 | #include "zclient.h" | |
| 11 | ||
| b46b6f1a PG |
12 | /* flowspec case: 0 to 3 actions maximum: |
| 13 | * 1 redirect | |
| 14 | * 1 set dscp | |
| 15 | * 1 set traffic rate | |
| 16 | */ | |
| 17 | #define ACTIONS_MAX_NUM 4 | |
| 18 | enum bgp_pbr_action_enum { | |
| 19 | ACTION_TRAFFICRATE = 1, | |
| 20 | ACTION_TRAFFIC_ACTION = 2, | |
| 21 | ACTION_REDIRECT = 3, | |
| 22 | ACTION_MARKING = 4, | |
| 23 | ACTION_REDIRECT_IP = 5 | |
| 24 | }; | |
| 25 | ||
| 26 | #define TRAFFIC_ACTION_SAMPLE (1 << 0) | |
| 27 | #define TRAFFIC_ACTION_TERMINATE (1 << 1) | |
| 28 | #define TRAFFIC_ACTION_DISTRIBUTE (1 << 2) | |
| 29 | ||
| 30 | #define OPERATOR_COMPARE_LESS_THAN (1<<1) | |
| 31 | #define OPERATOR_COMPARE_GREATER_THAN (1<<2) | |
| 32 | #define OPERATOR_COMPARE_EQUAL_TO (1<<3) | |
| 33 | #define OPERATOR_COMPARE_EXACT_MATCH (1<<4) | |
| 34 | ||
| 35 | #define OPERATOR_UNARY_OR (1<<1) | |
| 36 | #define OPERATOR_UNARY_AND (1<<2) | |
| 37 | ||
| 38 | /* struct used to store values [0;65535] | |
| 39 | * this can be used for port number of protocol | |
| 40 | */ | |
| 41 | #define BGP_PBR_MATCH_VAL_MAX 5 | |
| 42 | ||
| 43 | struct bgp_pbr_match_val { | |
| 44 | uint16_t value; | |
| 45 | uint8_t compare_operator; | |
| 46 | uint8_t unary_operator; | |
| 3f54c705 | 47 | }; |
| b46b6f1a PG |
48 | |
| 49 | #define FRAGMENT_DONT 1 | |
| 50 | #define FRAGMENT_IS 2 | |
| 51 | #define FRAGMENT_FIRST 4 | |
| 52 | #define FRAGMENT_LAST 8 | |
| 53 | ||
| b46b6f1a PG |
54 | struct bgp_pbr_entry_action { |
| 55 | /* used to store enum bgp_pbr_action_enum enumerate */ | |
| 56 | uint8_t action; | |
| 57 | union { | |
| 58 | union { | |
| 59 | uint8_t rate_info[4]; /* IEEE.754.1985 */ | |
| 60 | float rate; | |
| 61 | } r __attribute__((aligned(8))); | |
| 62 | struct _pbr_action { | |
| 63 | uint8_t do_sample; | |
| 64 | uint8_t filter; | |
| 65 | } za; | |
| 66 | vrf_id_t redirect_vrf; | |
| 67 | struct _pbr_redirect_ip { | |
| 68 | struct in_addr redirect_ip_v4; | |
| 1840384b | 69 | struct in6_addr redirect_ip_v6; |
| b46b6f1a PG |
70 | uint8_t duplicate; |
| 71 | } zr; | |
| 72 | uint8_t marking_dscp; | |
| 73 | } u __attribute__((aligned(8))); | |
| 74 | }; | |
| 75 | ||
| 76 | /* BGP Policy Route structure */ | |
| 77 | struct bgp_pbr_entry_main { | |
| 5fa779c9 PG |
78 | #define BGP_PBR_UNDEFINED 0 |
| 79 | #define BGP_PBR_IPSET 1 | |
| 80 | #define BGP_PBR_IPRULE 2 | |
| b46b6f1a | 81 | uint8_t type; |
| b46b6f1a PG |
82 | |
| 83 | /* | |
| 84 | * This is an enum but we are going to treat it as a uint8_t | |
| 85 | * for purpose of encoding/decoding | |
| 86 | */ | |
| 87 | afi_t afi; | |
| 88 | safi_t safi; | |
| 89 | ||
| 90 | #define PREFIX_SRC_PRESENT (1 << 0) | |
| 91 | #define PREFIX_DST_PRESENT (1 << 1) | |
| 5fa779c9 | 92 | uint8_t match_bitmask_iprule; |
| b46b6f1a PG |
93 | uint8_t match_bitmask; |
| 94 | ||
| 95 | uint8_t match_src_port_num; | |
| 96 | uint8_t match_dst_port_num; | |
| 97 | uint8_t match_port_num; | |
| 98 | uint8_t match_protocol_num; | |
| 99 | uint8_t match_icmp_type_num; | |
| 100 | uint8_t match_icmp_code_num; | |
| 101 | uint8_t match_packet_length_num; | |
| 102 | uint8_t match_dscp_num; | |
| 103 | uint8_t match_tcpflags_num; | |
| 588ec356 | 104 | uint8_t match_fragment_num; |
| 40881800 | 105 | uint8_t match_flowlabel_num; |
| b46b6f1a PG |
106 | |
| 107 | struct prefix src_prefix; | |
| 108 | struct prefix dst_prefix; | |
| 9cec4121 PG |
109 | uint8_t src_prefix_offset; |
| 110 | uint8_t dst_prefix_offset; | |
| b46b6f1a | 111 | |
| 1de7dfff PG |
112 | #define PROTOCOL_UDP 17 |
| 113 | #define PROTOCOL_TCP 6 | |
| 932404b7 | 114 | #define PROTOCOL_ICMP 1 |
| f2ead0a5 | 115 | #define PROTOCOL_ICMPV6 58 |
| b46b6f1a PG |
116 | struct bgp_pbr_match_val protocol[BGP_PBR_MATCH_VAL_MAX]; |
| 117 | struct bgp_pbr_match_val src_port[BGP_PBR_MATCH_VAL_MAX]; | |
| 118 | struct bgp_pbr_match_val dst_port[BGP_PBR_MATCH_VAL_MAX]; | |
| 119 | struct bgp_pbr_match_val port[BGP_PBR_MATCH_VAL_MAX]; | |
| 120 | struct bgp_pbr_match_val icmp_type[BGP_PBR_MATCH_VAL_MAX]; | |
| 121 | struct bgp_pbr_match_val icmp_code[BGP_PBR_MATCH_VAL_MAX]; | |
| 122 | struct bgp_pbr_match_val packet_length[BGP_PBR_MATCH_VAL_MAX]; | |
| 123 | struct bgp_pbr_match_val dscp[BGP_PBR_MATCH_VAL_MAX]; | |
| 40881800 | 124 | struct bgp_pbr_match_val flow_label[BGP_PBR_MATCH_VAL_MAX]; |
| 2da7d62e | 125 | |
| b46b6f1a | 126 | struct bgp_pbr_match_val tcpflags[BGP_PBR_MATCH_VAL_MAX]; |
| 588ec356 | 127 | struct bgp_pbr_match_val fragment[BGP_PBR_MATCH_VAL_MAX]; |
| b46b6f1a PG |
128 | |
| 129 | uint16_t action_num; | |
| 130 | struct bgp_pbr_entry_action actions[ACTIONS_MAX_NUM]; | |
| 131 | ||
| b46b6f1a PG |
132 | vrf_id_t vrf_id; |
| 133 | }; | |
| 134 | ||
| 4762c213 PG |
135 | struct bgp_pbr_interface { |
| 136 | RB_ENTRY(bgp_pbr_interface) id_entry; | |
| 137 | char name[INTERFACE_NAMSIZ]; | |
| 138 | }; | |
| 139 | ||
| 140 | RB_HEAD(bgp_pbr_interface_head, bgp_pbr_interface); | |
| 141 | RB_PROTOTYPE(bgp_pbr_interface_head, bgp_pbr_interface, id_entry, | |
| 142 | bgp_pbr_interface_compare); | |
| 143 | ||
| 144 | extern int bgp_pbr_interface_compare(const struct bgp_pbr_interface *a, | |
| 145 | const struct bgp_pbr_interface *b); | |
| 146 | ||
| 147 | struct bgp_pbr_config { | |
| 148 | struct bgp_pbr_interface_head ifaces_by_name_ipv4; | |
| 149 | bool pbr_interface_any_ipv4; | |
| 8f242187 PG |
150 | struct bgp_pbr_interface_head ifaces_by_name_ipv6; |
| 151 | bool pbr_interface_any_ipv6; | |
| 4762c213 PG |
152 | }; |
| 153 | ||
| 154 | extern struct bgp_pbr_config *bgp_pbr_cfg; | |
| 155 | ||
| 27e376d4 PG |
156 | struct bgp_pbr_rule { |
| 157 | uint32_t flags; | |
| 158 | struct prefix src; | |
| 159 | struct prefix dst; | |
| 160 | struct bgp_pbr_action *action; | |
| 161 | vrf_id_t vrf_id; | |
| 162 | uint32_t unique; | |
| 8112a7a0 | 163 | uint32_t priority; |
| 27e376d4 PG |
164 | bool installed; |
| 165 | bool install_in_progress; | |
| ce3c0614 | 166 | void *path; |
| 27e376d4 PG |
167 | }; |
| 168 | ||
| bbe6ffd6 PG |
169 | struct bgp_pbr_match { |
| 170 | char ipset_name[ZEBRA_IPSET_NAME_SIZE]; | |
| 171 | ||
| 172 | /* mapped on enum ipset_type | |
| 173 | */ | |
| 174 | uint32_t type; | |
| 175 | ||
| f3d32faa | 176 | uint32_t flags; |
| a60b7031 | 177 | uint8_t family; |
| f3d32faa | 178 | |
| 83360720 PG |
179 | uint16_t pkt_len_min; |
| 180 | uint16_t pkt_len_max; | |
| 2da7d62e PG |
181 | uint16_t tcp_flags; |
| 182 | uint16_t tcp_mask_flags; | |
| 4977bd6c | 183 | uint8_t dscp_value; |
| 6f5617d8 | 184 | uint8_t fragment; |
| f449d223 | 185 | uint8_t protocol; |
| 40881800 | 186 | uint16_t flow_label; |
| 83360720 | 187 | |
| f3d32faa PG |
188 | vrf_id_t vrf_id; |
| 189 | ||
| 190 | /* unique identifier for ipset create transaction | |
| 191 | */ | |
| bbe6ffd6 PG |
192 | uint32_t unique; |
| 193 | ||
| f3d32faa PG |
194 | /* unique identifier for iptable add transaction |
| 195 | */ | |
| 196 | uint32_t unique2; | |
| 197 | ||
| bbe6ffd6 | 198 | bool installed; |
| 30d50e6d | 199 | bool install_in_progress; |
| f3d32faa PG |
200 | |
| 201 | bool installed_in_iptable; | |
| 202 | bool install_iptable_in_progress; | |
| 203 | ||
| 204 | struct hash *entry_hash; | |
| 205 | ||
| 206 | struct bgp_pbr_action *action; | |
| 207 | ||
| bbe6ffd6 PG |
208 | }; |
| 209 | ||
| 210 | struct bgp_pbr_match_entry { | |
| 211 | struct bgp_pbr_match *backpointer; | |
| 212 | ||
| 213 | uint32_t unique; | |
| 214 | ||
| 215 | struct prefix src; | |
| 216 | struct prefix dst; | |
| 217 | ||
| f730e566 PG |
218 | uint16_t src_port_min; |
| 219 | uint16_t src_port_max; | |
| 220 | uint16_t dst_port_min; | |
| 221 | uint16_t dst_port_max; | |
| 222 | uint8_t proto; | |
| 223 | ||
| 9b6d8fcf | 224 | void *path; |
| b588b642 | 225 | |
| bbe6ffd6 PG |
226 | bool installed; |
| 227 | bool install_in_progress; | |
| 228 | }; | |
| 229 | ||
| 230 | struct bgp_pbr_action { | |
| 231 | ||
| 232 | /* | |
| 233 | * The Unique identifier of this specific pbrms | |
| 234 | */ | |
| 235 | uint32_t unique; | |
| 236 | ||
| 237 | uint32_t fwmark; | |
| 238 | ||
| 239 | uint32_t table_id; | |
| 240 | ||
| f3d32faa PG |
241 | float rate; |
| 242 | ||
| bbe6ffd6 PG |
243 | /* |
| 244 | * nexthop information, or drop information | |
| 245 | * contains src vrf_id and nh contains dest vrf_id | |
| 246 | */ | |
| 247 | vrf_id_t vrf_id; | |
| 248 | struct nexthop nh; | |
| 249 | ||
| 250 | bool installed; | |
| 251 | bool install_in_progress; | |
| a6b07429 PG |
252 | uint32_t refcnt; |
| 253 | struct bgp *bgp; | |
| f01e580f | 254 | afi_t afi; |
| bbe6ffd6 PG |
255 | }; |
| 256 | ||
| ffee150e PG |
257 | extern struct bgp_pbr_rule *bgp_pbr_rule_lookup(vrf_id_t vrf_id, |
| 258 | uint32_t unique); | |
| 259 | ||
| 70eabd12 PG |
260 | extern struct bgp_pbr_action *bgp_pbr_action_rule_lookup(vrf_id_t vrf_id, |
| 261 | uint32_t unique); | |
| bbe6ffd6 PG |
262 | |
| 263 | extern struct bgp_pbr_match *bgp_pbr_match_ipset_lookup(vrf_id_t vrf_id, | |
| 264 | uint32_t unique); | |
| 265 | ||
| 266 | extern struct bgp_pbr_match_entry *bgp_pbr_match_ipset_entry_lookup( | |
| 267 | vrf_id_t vrf_id, char *name, | |
| 268 | uint32_t unique); | |
| 1815c6fc PG |
269 | extern struct bgp_pbr_match *bgp_pbr_match_iptable_lookup(vrf_id_t vrf_id, |
| 270 | uint32_t unique); | |
| f3d32faa | 271 | |
| a6b07429 | 272 | extern void bgp_pbr_cleanup(struct bgp *bgp); |
| f3d32faa PG |
273 | extern void bgp_pbr_init(struct bgp *bgp); |
| 274 | ||
| d8b87afe | 275 | extern uint32_t bgp_pbr_rule_hash_key(const void *arg); |
| 27e376d4 PG |
276 | extern bool bgp_pbr_rule_hash_equal(const void *arg1, |
| 277 | const void *arg2); | |
| d8b87afe | 278 | extern uint32_t bgp_pbr_action_hash_key(const void *arg); |
| 74df8d6d | 279 | extern bool bgp_pbr_action_hash_equal(const void *arg1, |
| f3d32faa | 280 | const void *arg2); |
| d8b87afe | 281 | extern uint32_t bgp_pbr_match_entry_hash_key(const void *arg); |
| 74df8d6d | 282 | extern bool bgp_pbr_match_entry_hash_equal(const void *arg1, |
| f3d32faa | 283 | const void *arg2); |
| d8b87afe | 284 | extern uint32_t bgp_pbr_match_hash_key(const void *arg); |
| 74df8d6d | 285 | extern bool bgp_pbr_match_hash_equal(const void *arg1, |
| f3d32faa PG |
286 | const void *arg2); |
| 287 | ||
| b46b6f1a PG |
288 | void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api); |
| 289 | ||
| 4b7e6066 | 290 | struct bgp_path_info; |
| 5a1ae2c2 | 291 | extern void bgp_pbr_update_entry(struct bgp *bgp, const struct prefix *p, |
| 4b7e6066 DS |
292 | struct bgp_path_info *new_select, afi_t afi, |
| 293 | safi_t safi, bool nlri_update); | |
| 45918cfb | 294 | |
| 4762c213 PG |
295 | /* bgp pbr utilities */ |
| 296 | extern struct bgp_pbr_interface *pbr_interface_lookup(const char *name); | |
| 297 | extern void bgp_pbr_reset(struct bgp *bgp, afi_t afi); | |
| 298 | extern struct bgp_pbr_interface *bgp_pbr_interface_lookup(const char *name, | |
| 299 | struct bgp_pbr_interface_head *head); | |
| 300 | ||
| 5a1ae2c2 | 301 | extern int bgp_pbr_build_and_validate_entry(const struct prefix *p, |
| 0378bcaa PG |
302 | struct bgp_path_info *path, |
| 303 | struct bgp_pbr_entry_main *api); | |
| bbe6ffd6 | 304 | #endif /* __BGP_PBR_H__ */ |