[mirror_frr.git] / bgpd / bgp_pbr.h

/*
 * BGP pbr
 * Copyright (C) 6WIND
 *
 * FRR is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2, or (at your option) any
 * later version.
 *
 * FRR is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; see the file COPYING; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
 */
#ifndef __BGP_PBR_H__
#define __BGP_PBR_H__

#include "nexthop.h"
#include "zclient.h"

/* flowspec case: 0 to 3 actions maximum:
 * 1 redirect
 * 1 set dscp
 * 1 set traffic rate
 */
#define ACTIONS_MAX_NUM 4
enum bgp_pbr_action_enum {
	ACTION_TRAFFICRATE = 1,
	ACTION_TRAFFIC_ACTION = 2,
	ACTION_REDIRECT = 3,
	ACTION_MARKING = 4,
	ACTION_REDIRECT_IP = 5
};

#define TRAFFIC_ACTION_SAMPLE     (1 << 0)
#define TRAFFIC_ACTION_TERMINATE  (1 << 1)
#define TRAFFIC_ACTION_DISTRIBUTE (1 << 2)

#define OPERATOR_COMPARE_LESS_THAN    (1<<1)
#define OPERATOR_COMPARE_GREATER_THAN (1<<2)
#define OPERATOR_COMPARE_EQUAL_TO     (1<<3)
#define OPERATOR_COMPARE_EXACT_MATCH  (1<<4)

#define OPERATOR_UNARY_OR    (1<<1)
#define OPERATOR_UNARY_AND   (1<<2)

/* struct used to store values [0;65535]
 * this can be used for port number of protocol
 */
#define BGP_PBR_MATCH_VAL_MAX 5

struct bgp_pbr_match_val {
	uint16_t value;
	uint8_t compare_operator;
	uint8_t unary_operator;
} bgp_pbr_value_t;

#define FRAGMENT_DONT  1
#define FRAGMENT_IS    2
#define FRAGMENT_FIRST 4
#define FRAGMENT_LAST  8

struct bgp_pbr_fragment_val {
	uint8_t bitmask;
};

struct bgp_pbr_entry_action {
	/* used to store enum bgp_pbr_action_enum enumerate */
	uint8_t action;
	union {
		union {
			uint8_t rate_info[4]; /* IEEE.754.1985 */
			float rate;
		} r __attribute__((aligned(8)));
		struct _pbr_action {
			uint8_t do_sample;
			uint8_t filter;
		} za;
		vrf_id_t redirect_vrf;
		struct _pbr_redirect_ip {
			struct in_addr redirect_ip_v4;
			uint8_t duplicate;
		} zr;
		uint8_t marking_dscp;
	} u __attribute__((aligned(8)));
};

/* BGP Policy Route structure */
struct bgp_pbr_entry_main {
	uint8_t type;
	uint16_t instance;

	uint32_t flags;

	uint8_t message;

	/*
	 * This is an enum but we are going to treat it as a uint8_t
	 * for purpose of encoding/decoding
	 */
	afi_t afi;
	safi_t safi;

#define PREFIX_SRC_PRESENT (1 << 0)
#define PREFIX_DST_PRESENT (1 << 1)
#define FRAGMENT_PRESENT   (1 << 2)
	uint8_t match_bitmask;

	uint8_t match_src_port_num;
	uint8_t match_dst_port_num;
	uint8_t match_port_num;
	uint8_t match_protocol_num;
	uint8_t match_icmp_type_num;
	uint8_t match_icmp_code_num;
	uint8_t match_packet_length_num;
	uint8_t match_dscp_num;
	uint8_t match_tcpflags_num;

	struct prefix src_prefix;
	struct prefix dst_prefix;

	struct bgp_pbr_match_val protocol[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val src_port[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val dst_port[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val port[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val icmp_type[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val icmp_code[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val packet_length[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val dscp[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_match_val tcpflags[BGP_PBR_MATCH_VAL_MAX];
	struct bgp_pbr_fragment_val fragment;

	uint16_t action_num;
	struct bgp_pbr_entry_action actions[ACTIONS_MAX_NUM];

	uint8_t distance;

	uint32_t metric;

	route_tag_t tag;

	uint32_t mtu;

	vrf_id_t vrf_id;
};

struct bgp_pbr_match {
	char ipset_name[ZEBRA_IPSET_NAME_SIZE];

	/* mapped on enum ipset_type
	 */
	uint32_t type;

#define MATCH_IP_SRC_SET		(1 << 0)
#define MATCH_IP_DST_SET		(1 << 1)
	uint32_t flags;

	vrf_id_t vrf_id;

	/* unique identifier for ipset create transaction
	 */
	uint32_t unique;

	/* unique identifier for iptable add transaction
	 */
	uint32_t unique2;

	bool installed;
	bool install_in_progress;

	bool installed_in_iptable;
	bool install_iptable_in_progress;

	struct hash *entry_hash;

	struct bgp_pbr_action *action;

};

struct bgp_pbr_match_entry {
	struct bgp_pbr_match *backpointer;

	uint32_t unique;

	struct prefix src;
	struct prefix dst;

	bool installed;
	bool install_in_progress;
};

struct bgp_pbr_action {

	/*
	 * The Unique identifier of this specific pbrms
	 */
	uint32_t unique;

	uint32_t fwmark;

	uint32_t table_id;

	float rate;

	/*
	 * nexthop information, or drop information
	 * contains src vrf_id and nh contains dest vrf_id
	 */
	vrf_id_t vrf_id;
	struct nexthop nh;

	bool installed;
	bool install_in_progress;

};

extern struct bgp_pbr_action *bgp_pbr_action_rule_lookup(uint32_t unique);

extern struct bgp_pbr_match *bgp_pbr_match_ipset_lookup(vrf_id_t vrf_id,
							uint32_t unique);

extern struct bgp_pbr_match_entry *bgp_pbr_match_ipset_entry_lookup(
					    vrf_id_t vrf_id, char *name,
					    uint32_t unique);

extern void bgp_pbr_init(struct bgp *bgp);

extern uint32_t bgp_pbr_action_hash_key(void *arg);
extern int bgp_pbr_action_hash_equal(const void *arg1,
				     const void *arg2);
extern uint32_t bgp_pbr_match_entry_hash_key(void *arg);
extern int bgp_pbr_match_entry_hash_equal(const void *arg1,
					  const void *arg2);
extern uint32_t bgp_pbr_match_hash_key(void *arg);
extern int bgp_pbr_match_hash_equal(const void *arg1,
				    const void *arg2);

void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api);

#endif /* __BGP_PBR_H__ */
Commit	Line	Data
bbe6ffd6 PG	1	/*
	2	* BGP pbr
	3	* Copyright (C) 6WIND
	4	*
	5	* FRR is free software; you can redistribute it and/or modify it
	6	* under the terms of the GNU General Public License as published by the
	7	* Free Software Foundation; either version 2, or (at your option) any
	8	* later version.
	9	*
	10	* FRR is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	* General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License along
	16	* with this program; see the file COPYING; if not, write to the Free Software
	17	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	18	*/
	19	#ifndef __BGP_PBR_H__
	20	#define __BGP_PBR_H__
	21
	22	#include "nexthop.h"
	23	#include "zclient.h"
	24
b46b6f1a PG	25	/* flowspec case: 0 to 3 actions maximum:
	26	* 1 redirect
	27	* 1 set dscp
	28	* 1 set traffic rate
	29	*/
	30	#define ACTIONS_MAX_NUM 4
	31	enum bgp_pbr_action_enum {
	32	ACTION_TRAFFICRATE = 1,
	33	ACTION_TRAFFIC_ACTION = 2,
	34	ACTION_REDIRECT = 3,
	35	ACTION_MARKING = 4,
	36	ACTION_REDIRECT_IP = 5
	37	};
	38
	39	#define TRAFFIC_ACTION_SAMPLE (1 << 0)
	40	#define TRAFFIC_ACTION_TERMINATE (1 << 1)
	41	#define TRAFFIC_ACTION_DISTRIBUTE (1 << 2)
	42
	43	#define OPERATOR_COMPARE_LESS_THAN (1<<1)
	44	#define OPERATOR_COMPARE_GREATER_THAN (1<<2)
	45	#define OPERATOR_COMPARE_EQUAL_TO (1<<3)
	46	#define OPERATOR_COMPARE_EXACT_MATCH (1<<4)
	47
	48	#define OPERATOR_UNARY_OR (1<<1)
	49	#define OPERATOR_UNARY_AND (1<<2)
	50
	51	/* struct used to store values [0;65535]
	52	* this can be used for port number of protocol
	53	*/
	54	#define BGP_PBR_MATCH_VAL_MAX 5
	55
	56	struct bgp_pbr_match_val {
	57	uint16_t value;
	58	uint8_t compare_operator;
	59	uint8_t unary_operator;
	60	} bgp_pbr_value_t;
	61
	62	#define FRAGMENT_DONT 1
	63	#define FRAGMENT_IS 2
	64	#define FRAGMENT_FIRST 4
	65	#define FRAGMENT_LAST 8
	66
	67	struct bgp_pbr_fragment_val {
	68	uint8_t bitmask;
	69	};
	70
	71	struct bgp_pbr_entry_action {
	72	/* used to store enum bgp_pbr_action_enum enumerate */
	73	uint8_t action;
	74	union {
	75	union {
	76	uint8_t rate_info[4]; /* IEEE.754.1985 */
	77	float rate;
	78	} r __attribute__((aligned(8)));
	79	struct _pbr_action {
	80	uint8_t do_sample;
	81	uint8_t filter;
	82	} za;
	83	vrf_id_t redirect_vrf;
	84	struct _pbr_redirect_ip {
	85	struct in_addr redirect_ip_v4;
	86	uint8_t duplicate;
	87	} zr;
	88	uint8_t marking_dscp;
89	} u __attribute__((aligned(8)));
90	};
91
92	/* BGP Policy Route structure */
93	struct bgp_pbr_entry_main {
94	uint8_t type;
95	uint16_t instance;
96
97	uint32_t flags;
98
99	uint8_t message;
100
101	/*
102	* This is an enum but we are going to treat it as a uint8_t
103	* for purpose of encoding/decoding
104	*/
105	afi_t afi;
106	safi_t safi;
107
108	#define PREFIX_SRC_PRESENT (1 << 0)
109	#define PREFIX_DST_PRESENT (1 << 1)
110	#define FRAGMENT_PRESENT (1 << 2)
111	uint8_t match_bitmask;
112
113	uint8_t match_src_port_num;
114	uint8_t match_dst_port_num;
115	uint8_t match_port_num;
116	uint8_t match_protocol_num;
117	uint8_t match_icmp_type_num;
118	uint8_t match_icmp_code_num;
119	uint8_t match_packet_length_num;
120	uint8_t match_dscp_num;
121	uint8_t match_tcpflags_num;
122
123	struct prefix src_prefix;
124	struct prefix dst_prefix;
125
126	struct bgp_pbr_match_val protocol[BGP_PBR_MATCH_VAL_MAX];
127	struct bgp_pbr_match_val src_port[BGP_PBR_MATCH_VAL_MAX];
128	struct bgp_pbr_match_val dst_port[BGP_PBR_MATCH_VAL_MAX];
129	struct bgp_pbr_match_val port[BGP_PBR_MATCH_VAL_MAX];
130	struct bgp_pbr_match_val icmp_type[BGP_PBR_MATCH_VAL_MAX];
131	struct bgp_pbr_match_val icmp_code[BGP_PBR_MATCH_VAL_MAX];
132	struct bgp_pbr_match_val packet_length[BGP_PBR_MATCH_VAL_MAX];
133	struct bgp_pbr_match_val dscp[BGP_PBR_MATCH_VAL_MAX];
134	struct bgp_pbr_match_val tcpflags[BGP_PBR_MATCH_VAL_MAX];
135	struct bgp_pbr_fragment_val fragment;
136
137	uint16_t action_num;
138	struct bgp_pbr_entry_action actions[ACTIONS_MAX_NUM];
139
140	uint8_t distance;
141
142	uint32_t metric;
143
144	route_tag_t tag;
145
146	uint32_t mtu;
147
148	vrf_id_t vrf_id;
149	};
150
bbe6ffd6 PG	151	struct bgp_pbr_match {
	152	char ipset_name[ZEBRA_IPSET_NAME_SIZE];
	153
	154	/* mapped on enum ipset_type
	155	*/
	156	uint32_t type;
	157
b46b6f1a PG	158	#define MATCH_IP_SRC_SET (1 << 0)
b46b6f1a PG	159	#define MATCH_IP_DST_SET (1 << 1)
f3d32faa PG	160	uint32_t flags;
	161
	162	vrf_id_t vrf_id;
	163
	164	/* unique identifier for ipset create transaction
	165	*/
bbe6ffd6 PG	166	uint32_t unique;
bbe6ffd6 PG	167
f3d32faa PG	168	/* unique identifier for iptable add transaction
	169	*/
	170	uint32_t unique2;
	171
bbe6ffd6	172	bool installed;
30d50e6d	173	bool install_in_progress;
f3d32faa PG	174
	175	bool installed_in_iptable;
	176	bool install_iptable_in_progress;
	177
	178	struct hash *entry_hash;
	179
	180	struct bgp_pbr_action *action;
	181
bbe6ffd6 PG	182	};
	183
	184	struct bgp_pbr_match_entry {
	185	struct bgp_pbr_match *backpointer;
	186
	187	uint32_t unique;
	188
	189	struct prefix src;
	190	struct prefix dst;
	191
	192	bool installed;
	193	bool install_in_progress;
	194	};
	195
	196	struct bgp_pbr_action {
	197
	198	/*
	199	* The Unique identifier of this specific pbrms
	200	*/
	201	uint32_t unique;
	202
	203	uint32_t fwmark;
	204
	205	uint32_t table_id;
	206
f3d32faa PG	207	float rate;
f3d32faa PG	208
bbe6ffd6 PG	209	/*
	210	* nexthop information, or drop information
	211	* contains src vrf_id and nh contains dest vrf_id
	212	*/
	213	vrf_id_t vrf_id;
	214	struct nexthop nh;
	215
	216	bool installed;
	217	bool install_in_progress;
	218
bbe6ffd6 PG	219	};
	220
	221	extern struct bgp_pbr_action *bgp_pbr_action_rule_lookup(uint32_t unique);
	222
	223	extern struct bgp_pbr_match *bgp_pbr_match_ipset_lookup(vrf_id_t vrf_id,
	224	uint32_t unique);
	225
	226	extern struct bgp_pbr_match_entry *bgp_pbr_match_ipset_entry_lookup(
	227	vrf_id_t vrf_id, char *name,
	228	uint32_t unique);
f3d32faa PG	229
	230	extern void bgp_pbr_init(struct bgp *bgp);
	231
	232	extern uint32_t bgp_pbr_action_hash_key(void *arg);
	233	extern int bgp_pbr_action_hash_equal(const void *arg1,
	234	const void *arg2);
	235	extern uint32_t bgp_pbr_match_entry_hash_key(void *arg);
	236	extern int bgp_pbr_match_entry_hash_equal(const void *arg1,
	237	const void *arg2);
	238	extern uint32_t bgp_pbr_match_hash_key(void *arg);
	239	extern int bgp_pbr_match_hash_equal(const void *arg1,
	240	const void *arg2);
	241
b46b6f1a PG	242	void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api);
b46b6f1a PG	243
bbe6ffd6	244	#endif /* __BGP_PBR_H__ */