[mirror_frr.git] / bgpd / bgp_pbr.h

/*
 * BGP pbr
 * Copyright (C) 6WIND
 *
 * FRR is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2, or (at your option) any
 * later version.
 *
 * FRR is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; see the file COPYING; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
 */
#ifndef __BGP_PBR_H__
#define __BGP_PBR_H__

#include "nexthop.h"
#include "zclient.h"

/* flowspec case: 0 to 3 actions maximum:
 * 1 redirect
 * 1 set dscp
 * 1 set traffic rate
 */
#define ACTIONS_MAX_NUM 4
enum bgp_pbr_action_enum {
	ACTION_TRAFFICRATE = 1,
	ACTION_TRAFFIC_ACTION = 2,
	ACTION_REDIRECT = 3,
	ACTION_MARKING = 4,
	ACTION_REDIRECT_IP = 5
};

#define TRAFFIC_ACTION_SAMPLE     (1 << 0)
#define TRAFFIC_ACTION_TERMINATE  (1 << 1)
#define TRAFFIC_ACTION_DISTRIBUTE (1 << 2)

#define OPERATOR_COMPARE_LESS_THAN    (1<<1)
#define OPERATOR_COMPARE_GREATER_THAN (1<<2)
#define OPERATOR_COMPARE_EQUAL_TO     (1<<3)
#define OPERATOR_COMPARE_EXACT_MATCH  (1<<4)

#define OPERATOR_UNARY_OR    (1<<1)
#define OPERATOR_UNARY_AND   (1<<2)

/* struct used to store values [0;65535]
 * this can be used for port number of protocol
 */
#define BGP_PBR_MATCH_VAL_MAX 5

struct bgp_pbr_match_val {
	uint16_t value;
	uint8_t compare_operator;
	uint8_t unary_operator;
} bgp_pbr_value_t;

#define FRAGMENT_DONT  1
#define FRAGMENT_IS    2
#define FRAGMENT_FIRST 4
#define FRAGMENT_LAST  8

struct bgp_pbr_fragment_val {
	uint8_t bitmask;
};

struct bgp_pbr_entry_action {
	/* used to store enum bgp_pbr_action_enum enumerate */
	uint8_t action;
	union {
		union {
			uint8_t rate_info[4]; /* IEEE.754.1985 */
			float rate;
		} r __attribute__((aligned(8)));
		struct _pbr_action {
			uint8_t do_sample;
			uint8_t filter;
		} za;
		vrf_id_t redirect_vrf;
		struct _pbr_redirect_ip {
			struct in_addr redirect_ip_v4;
			uint8_t duplicate;
		} zr;
		uint8_t marking_dscp;
	} u __attribute__((aligned(8)));
};

/* BGP Policy Route structure */
struct bgp_pbr_entry_main {
	uint8_t type;
	uint16_t instance;

	uint32_t flags;

	uint8_t message;

	/*
	 * This is an enum but we are going to treat it as a uint8_t
	 * for purpose of encoding/decoding
	 */
	afi_t afi;
	safi_t safi;

#define PREFIX_SRC_PRESENT (1 << 0)
#define PREFIX_DST_PRESENT (1 << 1)
#define FRAGMENT_PRESENT   (1 << 2)
	uint8_t match_bitmask;

	uint8_t match_src_port_num;
	uint8_t match_dst_port_num;
	uint8_t match_port_num;
	uint8_t match_protocol_num;
	uint8_t match_icmp_type_num;
	uint8_t match_icmp_code_num;
	uint8_t match_packet_length_num;
	uint8_t match_dscp_num;
	uint8_t match_tcpflags_num;

	struct prefix src_prefix;
	struct prefix dst_prefix;

#define PROTOCOL_UDP 17
#define PROTOCOL_TCP 6
#define PROTOCOL_ICMP 1
	struct bgp_pbr_match_val protocol[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val src_port[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val dst_port[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val port[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val icmp_type[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val icmp_code[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val packet_length[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val dscp[BGP_PBR_MATCH_VAL_MAX];

	struct bgp_pbr_match_val tcpflags[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_fragment_val fragment;

	uint16_t action_num;
	struct bgp_pbr_entry_action actions[ACTIONS_MAX_NUM];

	uint8_t distance;

	uint32_t metric;

	route_tag_t tag;

	uint32_t mtu;

	vrf_id_t vrf_id;
};

struct bgp_pbr_interface {
	RB_ENTRY(bgp_pbr_interface) id_entry;
	char name[INTERFACE_NAMSIZ];
};

RB_HEAD(bgp_pbr_interface_head, bgp_pbr_interface);
RB_PROTOTYPE(bgp_pbr_interface_head, bgp_pbr_interface, id_entry,
	     bgp_pbr_interface_compare);

extern int bgp_pbr_interface_compare(const struct bgp_pbr_interface *a,
				     const struct bgp_pbr_interface *b);

struct bgp_pbr_config {
	struct bgp_pbr_interface_head ifaces_by_name_ipv4;
	bool pbr_interface_any_ipv4;
};

extern struct bgp_pbr_config *bgp_pbr_cfg;

struct bgp_pbr_match {
	char ipset_name[ZEBRA_IPSET_NAME_SIZE];

	/* mapped on enum ipset_type
	 */
	uint32_t type;

	uint32_t flags;

	uint16_t pkt_len_min;
	uint16_t pkt_len_max;
	uint16_t tcp_flags;
	uint16_t tcp_mask_flags;
	uint8_t dscp_value;

	vrf_id_t vrf_id;

	/* unique identifier for ipset create transaction
	 */
	uint32_t unique;

	/* unique identifier for iptable add transaction
	 */
	uint32_t unique2;

	bool installed;
	bool install_in_progress;

	bool installed_in_iptable;
	bool install_iptable_in_progress;

	struct hash *entry_hash;

	struct bgp_pbr_action *action;

};

struct bgp_pbr_match_entry {
	struct bgp_pbr_match *backpointer;

	uint32_t unique;

	struct prefix src;
	struct prefix dst;

	uint16_t src_port_min;
	uint16_t src_port_max;
	uint16_t dst_port_min;
	uint16_t dst_port_max;
	uint8_t proto;

	void *bgp_info;

	bool installed;
	bool install_in_progress;
};

struct bgp_pbr_action {

	/*
	 * The Unique identifier of this specific pbrms
	 */
	uint32_t unique;

	uint32_t fwmark;

	uint32_t table_id;

	float rate;

	/*
	 * nexthop information, or drop information
	 * contains src vrf_id and nh contains dest vrf_id
	 */
	vrf_id_t vrf_id;
	struct nexthop nh;

	bool installed;
	bool install_in_progress;
	uint32_t refcnt;
	struct bgp *bgp;
};

extern struct bgp_pbr_action *bgp_pbr_action_rule_lookup(vrf_id_t vrf_id,
							 uint32_t unique);

extern struct bgp_pbr_match *bgp_pbr_match_ipset_lookup(vrf_id_t vrf_id,
							uint32_t unique);

extern struct bgp_pbr_match_entry *bgp_pbr_match_ipset_entry_lookup(
					    vrf_id_t vrf_id, char *name,
					    uint32_t unique);
extern struct bgp_pbr_match *bgp_pbr_match_iptable_lookup(vrf_id_t vrf_id,
							  uint32_t unique);

extern void bgp_pbr_cleanup(struct bgp *bgp);
extern void bgp_pbr_init(struct bgp *bgp);

extern uint32_t bgp_pbr_action_hash_key(void *arg);
extern int bgp_pbr_action_hash_equal(const void *arg1,
				     const void *arg2);
extern uint32_t bgp_pbr_match_entry_hash_key(void *arg);
extern int bgp_pbr_match_entry_hash_equal(const void *arg1,
					  const void *arg2);
extern uint32_t bgp_pbr_match_hash_key(void *arg);
extern int bgp_pbr_match_hash_equal(const void *arg1,
				    const void *arg2);

void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api);

struct bgp_node;
struct bgp_info;
extern void bgp_pbr_update_entry(struct bgp *bgp, struct prefix *p,
				 struct bgp_info *new_select,
				afi_t afi, safi_t safi,
				bool nlri_update);

/* bgp pbr utilities */
extern struct bgp_pbr_interface *pbr_interface_lookup(const char *name);
extern void bgp_pbr_reset(struct bgp *bgp, afi_t afi);
extern struct bgp_pbr_interface *bgp_pbr_interface_lookup(const char *name,
				   struct bgp_pbr_interface_head *head);

#endif /* __BGP_PBR_H__ */
Commit	Line	Data
bbe6ffd6 PG	1	/*
	2	* BGP pbr
	3	* Copyright (C) 6WIND
	4	*
	5	* FRR is free software; you can redistribute it and/or modify it
	6	* under the terms of the GNU General Public License as published by the
	7	* Free Software Foundation; either version 2, or (at your option) any
	8	* later version.
	9	*
	10	* FRR is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	* General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License along
	16	* with this program; see the file COPYING; if not, write to the Free Software
	17	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	18	*/
	19	#ifndef __BGP_PBR_H__
	20	#define __BGP_PBR_H__
	21
	22	#include "nexthop.h"
	23	#include "zclient.h"
	24
b46b6f1a PG	25	/* flowspec case: 0 to 3 actions maximum:
	26	* 1 redirect
	27	* 1 set dscp
	28	* 1 set traffic rate
	29	*/
	30	#define ACTIONS_MAX_NUM 4
	31	enum bgp_pbr_action_enum {
	32	ACTION_TRAFFICRATE = 1,
	33	ACTION_TRAFFIC_ACTION = 2,
	34	ACTION_REDIRECT = 3,
	35	ACTION_MARKING = 4,
	36	ACTION_REDIRECT_IP = 5
	37	};
	38
	39	#define TRAFFIC_ACTION_SAMPLE (1 << 0)
	40	#define TRAFFIC_ACTION_TERMINATE (1 << 1)
	41	#define TRAFFIC_ACTION_DISTRIBUTE (1 << 2)
	42
	43	#define OPERATOR_COMPARE_LESS_THAN (1<<1)
	44	#define OPERATOR_COMPARE_GREATER_THAN (1<<2)
	45	#define OPERATOR_COMPARE_EQUAL_TO (1<<3)
	46	#define OPERATOR_COMPARE_EXACT_MATCH (1<<4)
	47
	48	#define OPERATOR_UNARY_OR (1<<1)
	49	#define OPERATOR_UNARY_AND (1<<2)
	50
	51	/* struct used to store values [0;65535]
	52	* this can be used for port number of protocol
	53	*/
	54	#define BGP_PBR_MATCH_VAL_MAX 5
	55
	56	struct bgp_pbr_match_val {
	57	uint16_t value;
	58	uint8_t compare_operator;
	59	uint8_t unary_operator;
	60	} bgp_pbr_value_t;
	61
	62	#define FRAGMENT_DONT 1
	63	#define FRAGMENT_IS 2
	64	#define FRAGMENT_FIRST 4
	65	#define FRAGMENT_LAST 8
	66
	67	struct bgp_pbr_fragment_val {
	68	uint8_t bitmask;
	69	};
	70
	71	struct bgp_pbr_entry_action {
	72	/* used to store enum bgp_pbr_action_enum enumerate */
	73	uint8_t action;
	74	union {
	75	union {
	76	uint8_t rate_info[4]; /* IEEE.754.1985 */
	77	float rate;
	78	} r __attribute__((aligned(8)));
	79	struct _pbr_action {
	80	uint8_t do_sample;
	81	uint8_t filter;
	82	} za;
	83	vrf_id_t redirect_vrf;
	84	struct _pbr_redirect_ip {
	85	struct in_addr redirect_ip_v4;
	86	uint8_t duplicate;
	87	} zr;
	88	uint8_t marking_dscp;
89	} u __attribute__((aligned(8)));
90	};
91
92	/* BGP Policy Route structure */
93	struct bgp_pbr_entry_main {
94	uint8_t type;
95	uint16_t instance;
96
97	uint32_t flags;
98
99	uint8_t message;
100
101	/*
102	* This is an enum but we are going to treat it as a uint8_t
103	* for purpose of encoding/decoding
104	*/
105	afi_t afi;
106	safi_t safi;
107
108	#define PREFIX_SRC_PRESENT (1 << 0)
109	#define PREFIX_DST_PRESENT (1 << 1)
110	#define FRAGMENT_PRESENT (1 << 2)
111	uint8_t match_bitmask;
112
113	uint8_t match_src_port_num;
114	uint8_t match_dst_port_num;
115	uint8_t match_port_num;
116	uint8_t match_protocol_num;
117	uint8_t match_icmp_type_num;
118	uint8_t match_icmp_code_num;
119	uint8_t match_packet_length_num;
120	uint8_t match_dscp_num;
121	uint8_t match_tcpflags_num;
122
123	struct prefix src_prefix;
124	struct prefix dst_prefix;
125
1de7dfff PG	126	#define PROTOCOL_UDP 17
1de7dfff PG	127	#define PROTOCOL_TCP 6
932404b7	128	#define PROTOCOL_ICMP 1
b46b6f1a PG	129	struct bgp_pbr_match_val protocol[BGP_PBR_MATCH_VAL_MAX];
	130	struct bgp_pbr_match_val src_port[BGP_PBR_MATCH_VAL_MAX];
	131	struct bgp_pbr_match_val dst_port[BGP_PBR_MATCH_VAL_MAX];
	132	struct bgp_pbr_match_val port[BGP_PBR_MATCH_VAL_MAX];
	133	struct bgp_pbr_match_val icmp_type[BGP_PBR_MATCH_VAL_MAX];
	134	struct bgp_pbr_match_val icmp_code[BGP_PBR_MATCH_VAL_MAX];
	135	struct bgp_pbr_match_val packet_length[BGP_PBR_MATCH_VAL_MAX];
	136	struct bgp_pbr_match_val dscp[BGP_PBR_MATCH_VAL_MAX];
2da7d62e	137
b46b6f1a PG	138	struct bgp_pbr_match_val tcpflags[BGP_PBR_MATCH_VAL_MAX];
	139	struct bgp_pbr_fragment_val fragment;
	140
	141	uint16_t action_num;
	142	struct bgp_pbr_entry_action actions[ACTIONS_MAX_NUM];
	143
	144	uint8_t distance;
	145
	146	uint32_t metric;
	147
	148	route_tag_t tag;
	149
	150	uint32_t mtu;
	151
	152	vrf_id_t vrf_id;
	153	};
	154
4762c213 PG	155	struct bgp_pbr_interface {
	156	RB_ENTRY(bgp_pbr_interface) id_entry;
	157	char name[INTERFACE_NAMSIZ];
	158	};
	159
	160	RB_HEAD(bgp_pbr_interface_head, bgp_pbr_interface);
	161	RB_PROTOTYPE(bgp_pbr_interface_head, bgp_pbr_interface, id_entry,
	162	bgp_pbr_interface_compare);
	163
	164	extern int bgp_pbr_interface_compare(const struct bgp_pbr_interface *a,
	165	const struct bgp_pbr_interface *b);
	166
	167	struct bgp_pbr_config {
	168	struct bgp_pbr_interface_head ifaces_by_name_ipv4;
	169	bool pbr_interface_any_ipv4;
	170	};
	171
	172	extern struct bgp_pbr_config *bgp_pbr_cfg;
	173
bbe6ffd6 PG	174	struct bgp_pbr_match {
	175	char ipset_name[ZEBRA_IPSET_NAME_SIZE];
	176
	177	/* mapped on enum ipset_type
	178	*/
	179	uint32_t type;
	180
f3d32faa PG	181	uint32_t flags;
f3d32faa PG	182
83360720 PG	183	uint16_t pkt_len_min;
83360720 PG	184	uint16_t pkt_len_max;
2da7d62e PG	185	uint16_t tcp_flags;
2da7d62e PG	186	uint16_t tcp_mask_flags;
4977bd6c	187	uint8_t dscp_value;
83360720	188
f3d32faa PG	189	vrf_id_t vrf_id;
	190
	191	/* unique identifier for ipset create transaction
	192	*/
bbe6ffd6 PG	193	uint32_t unique;
bbe6ffd6 PG	194
f3d32faa PG	195	/* unique identifier for iptable add transaction
	196	*/
	197	uint32_t unique2;
	198
bbe6ffd6	199	bool installed;
30d50e6d	200	bool install_in_progress;
f3d32faa PG	201
	202	bool installed_in_iptable;
	203	bool install_iptable_in_progress;
	204
	205	struct hash *entry_hash;
	206
	207	struct bgp_pbr_action *action;
	208
bbe6ffd6 PG	209	};
	210
	211	struct bgp_pbr_match_entry {
	212	struct bgp_pbr_match *backpointer;
	213
	214	uint32_t unique;
	215
	216	struct prefix src;
	217	struct prefix dst;
	218
f730e566 PG	219	uint16_t src_port_min;
	220	uint16_t src_port_max;
	221	uint16_t dst_port_min;
	222	uint16_t dst_port_max;
	223	uint8_t proto;
	224
b588b642 PG	225	void *bgp_info;
b588b642 PG	226
bbe6ffd6 PG	227	bool installed;
	228	bool install_in_progress;
	229	};
	230
	231	struct bgp_pbr_action {
	232
	233	/*
	234	* The Unique identifier of this specific pbrms
	235	*/
	236	uint32_t unique;
	237
	238	uint32_t fwmark;
	239
	240	uint32_t table_id;
	241
f3d32faa PG	242	float rate;
f3d32faa PG	243
bbe6ffd6 PG	244	/*
	245	* nexthop information, or drop information
	246	* contains src vrf_id and nh contains dest vrf_id
	247	*/
	248	vrf_id_t vrf_id;
	249	struct nexthop nh;
	250
	251	bool installed;
	252	bool install_in_progress;
a6b07429 PG	253	uint32_t refcnt;
a6b07429 PG	254	struct bgp *bgp;
bbe6ffd6 PG	255	};
bbe6ffd6 PG	256
70eabd12 PG	257	extern struct bgp_pbr_action *bgp_pbr_action_rule_lookup(vrf_id_t vrf_id,
70eabd12 PG	258	uint32_t unique);
bbe6ffd6 PG	259
	260	extern struct bgp_pbr_match *bgp_pbr_match_ipset_lookup(vrf_id_t vrf_id,
	261	uint32_t unique);
	262
	263	extern struct bgp_pbr_match_entry *bgp_pbr_match_ipset_entry_lookup(
	264	vrf_id_t vrf_id, char *name,
	265	uint32_t unique);
1815c6fc PG	266	extern struct bgp_pbr_match *bgp_pbr_match_iptable_lookup(vrf_id_t vrf_id,
1815c6fc PG	267	uint32_t unique);
f3d32faa	268
a6b07429	269	extern void bgp_pbr_cleanup(struct bgp *bgp);
f3d32faa PG	270	extern void bgp_pbr_init(struct bgp *bgp);
	271
	272	extern uint32_t bgp_pbr_action_hash_key(void *arg);
	273	extern int bgp_pbr_action_hash_equal(const void *arg1,
	274	const void *arg2);
	275	extern uint32_t bgp_pbr_match_entry_hash_key(void *arg);
	276	extern int bgp_pbr_match_entry_hash_equal(const void *arg1,
	277	const void *arg2);
	278	extern uint32_t bgp_pbr_match_hash_key(void *arg);
	279	extern int bgp_pbr_match_hash_equal(const void *arg1,
	280	const void *arg2);
	281
b46b6f1a PG	282	void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api);
b46b6f1a PG	283
45918cfb PG	284	struct bgp_node;
	285	struct bgp_info;
	286	extern void bgp_pbr_update_entry(struct bgp bgp, struct prefix p,
	287	struct bgp_info *new_select,
	288	afi_t afi, safi_t safi,
	289	bool nlri_update);
	290
4762c213 PG	291	/* bgp pbr utilities */
	292	extern struct bgp_pbr_interface pbr_interface_lookup(const char name);
	293	extern void bgp_pbr_reset(struct bgp *bgp, afi_t afi);
	294	extern struct bgp_pbr_interface bgp_pbr_interface_lookup(const char name,
	295	struct bgp_pbr_interface_head *head);
	296
bbe6ffd6	297	#endif /* __BGP_PBR_H__ */