]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | ; BSD LICENSE |
2 | ; | |
3 | ; Copyright(c) 2016 Intel Corporation. All rights reserved. | |
4 | ; All rights reserved. | |
5 | ; | |
6 | ; Redistribution and use in source and binary forms, with or without | |
7 | ; modification, are permitted provided that the following conditions | |
8 | ; are met: | |
9 | ; | |
10 | ; * Redistributions of source code must retain the above copyright | |
11 | ; notice, this list of conditions and the following disclaimer. | |
12 | ; * Redistributions in binary form must reproduce the above copyright | |
13 | ; notice, this list of conditions and the following disclaimer in | |
14 | ; the documentation and/or other materials provided with the | |
15 | ; distribution. | |
16 | ; * Neither the name of Intel Corporation nor the names of its | |
17 | ; contributors may be used to endorse or promote products derived | |
18 | ; from this software without specific prior written permission. | |
19 | ; | |
20 | ; THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
21 | ; "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
22 | ; LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
23 | ; A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
24 | ; OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
25 | ; SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
26 | ; LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
27 | ; DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
28 | ; THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
29 | ; (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
30 | ; OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
31 | ||
32 | ; The diagram below shows how additional protocol components can be plugged into | |
33 | ; the IP layer implemented by the ip_pipeline application. Pick your favorite | |
34 | ; open source components for dynamic ARP, ICMP, UDP or TCP termination, etc and | |
35 | ; connect them through SWQs to the IP infrastructure. | |
36 | ; | |
37 | ; The input packets with local destination are sent to the UDP/TCP applications | |
38 | ; while the input packets with remote destination are routed back to the | |
39 | ; network. Additional features can easily be added to this setup: | |
40 | ; * IP Reassembly: add SWQs with IP reassembly enabled (typically required for | |
41 | ; the input traffic with local destination); | |
42 | ; * IP Fragmentation: add SWQs with IP fragmentation enabled (typically | |
43 | ; required to enforce the MTU for the routed output traffic); | |
44 | ; * Traffic Metering: add Flow Action pipeline instances (e.g. for metering the | |
45 | ; TCP connections or ICMP input traffic); | |
46 | ; * Traffic Management: add TMs for the required output LINKs; | |
47 | ; * Protocol encapsulations (QinQ, MPLS) for the output packets: part of the | |
48 | ; routing pipeline configuration. | |
49 | ; | |
50 | ; _________ _________ | |
51 | ; | | | | | |
52 | ; | UDP | | TCP | | |
53 | ; | App | | App | | |
54 | ; |_________| |_________| | |
55 | ; ^ | ^ | | |
56 | ; __|___V__ __|___V__ | |
57 | ; | | SWQ0 (UDP TX) | | SWQ1 (TCP TX) | |
58 | ; | UDP |-------+ | TCP |------------+ | |
59 | ; | | | | | | | |
60 | ; |_________| | |_________| | | |
61 | ; ^ | ^ | | |
62 | ; | SWQ2 | | SWQ3 | | |
63 | ; | (UDP RX) | | (TCP RX) | | |
64 | ; ____|____ | ____|____ | | |
65 | ; | | | | | | | |
66 | ; RXQ<0..3>.1 ------>|Firewall +--->| | +------>| Flow +--->| | | |
67 | ; (UDP local dest) | (P2) | SINK0 | | | (P3) | SINK1 | | |
68 | ; |_________| (Deny)| | |_________| (RST) | | |
69 | ; RXQ<0..3>.2 -------------------------|-----+ | | |
70 | ; (TCP local dest) | | | |
71 | ; | +------------------------------+ | |
72 | ; | | | |
73 | ; _V_____V_ | |
74 | ; | | | |
75 | ; | Routing | TXQ<0..3>.0 | |
76 | ; RXQ<0..3>.0 ---------------------->| & ARP +-----------------------------> | |
77 | ; (IP remote dest) | (P1) | | |
78 | ; |_________| | |
79 | ; | ^ | | |
80 | ; SWQ4 +-------------+ | | SWQ5 (ARP miss) | |
81 | ; (Route miss) | | +------------+ | |
82 | ; | +-------------+ | | |
83 | ; ___V__|__ SWQ6 ____V____ | |
84 | ; | | (ICMP TX) | | TXQ<0..3>.1 | |
85 | ; RXQ<0..3>.3 ------>| ICMP | +------>| Dyn ARP +-------------> | |
86 | ; (IP local dest) | | | | | | |
87 | ; |_________| | |_________| | |
88 | ; RXQ<0..3>.4 -------------------------------+ | |
89 | ; (ARP) | |
90 | ; | |
91 | ; This configuration file implements the diagram presented below, where the | |
92 | ; dynamic ARP, ICMP, UDP and TCP components have been stubbed out and replaced | |
93 | ; with loop-back and packet drop devices. | |
94 | ; | |
95 | ; _________ _________ | |
96 | ; | | SWQ0 (UDP TX) | | SWQ1 (TCP TX) | |
97 | ; |Loobpack |-------+ |Loopback |------------+ | |
98 | ; | (P4) | | | (P5) | | | |
99 | ; |_________| | |_________| | | |
100 | ; ^ | ^ | | |
101 | ; | SWQ2 | | SWQ3 | | |
102 | ; | (UDP RX) | | (TCP RX) | | |
103 | ; ____|____ | ____|____ | | |
104 | ; | | | | | | | |
105 | ; RXQ<0..3>.1 ------>|Firewall +--->| | +------>| Flow +--->| | | |
106 | ; (UDP local dest) | (P2) | SINK0 | | | (P3) | SINK1 | | |
107 | ; |_________| (Deny)| | |_________| (RST) | | |
108 | ; RXQ<0..3>.2 -------------------------|-----+ | | |
109 | ; (TCP local dest) | | | |
110 | ; | +------------------------------+ | |
111 | ; | | | |
112 | ; _V_____V_ | |
113 | ; | | | |
114 | ; | Routing | TXQ<0..3>.0 | |
115 | ; RXQ<0..3>.0 ---------------------->| & ARP +-----------------------------> | |
116 | ; (IP remote dest) | (P1) | | |
117 | ; |_________| | |
118 | ; | | | |
119 | ; SINK2 |<---+ +--->| SINK3 | |
120 | ; (Route miss) (ARP miss) | |
121 | ; | |
122 | ; _________ _________ | |
123 | ; | | | | | |
124 | ; RXQ<0..3>.3 ------>| Drop +--->| SINK<4..7> +------>| Drop +--->| SINK<8..11> | |
125 | ; (IP local dest) | (P6) | (IP local dest) | | (P7) | (ARP) | |
126 | ; |_________| | |_________| | |
127 | ; RXQ<0..3>.4 ------------------------------------+ | |
128 | ; (ARP) | |
129 | ; | |
130 | ; | |
131 | ; Input packet: Ethernet/IPv4 or Ethernet/ARP | |
132 | ; Output packet: Ethernet/IPv4 or Ethernet/ARP | |
133 | ; | |
134 | ; Packet buffer layout (for input IPv4 packets): | |
135 | ; # Field Name Offset (Bytes) Size (Bytes) | |
136 | ; 0 Mbuf 0 128 | |
137 | ; 1 Headroom 128 128 | |
138 | ; 2 Ethernet header 256 14 | |
139 | ; 3 IPv4 header 270 20 | |
140 | ; 4 ICMP/UDP/TCP header 290 8/8/20 | |
141 | ||
142 | [EAL] | |
143 | log_level = 0 | |
144 | ||
145 | [LINK0] | |
146 | udp_local_q = 1 | |
147 | tcp_local_q = 2 | |
148 | ip_local_q = 3 | |
149 | arp_q = 4 | |
150 | ||
151 | [LINK1] | |
152 | udp_local_q = 1 | |
153 | tcp_local_q = 2 | |
154 | ip_local_q = 3 | |
155 | arp_q = 4 | |
156 | ||
157 | [LINK2] | |
158 | udp_local_q = 1 | |
159 | tcp_local_q = 2 | |
160 | ip_local_q = 3 | |
161 | arp_q = 4 | |
162 | ||
163 | [LINK3] | |
164 | udp_local_q = 1 | |
165 | tcp_local_q = 2 | |
166 | ip_local_q = 3 | |
167 | arp_q = 4 | |
168 | ||
169 | [PIPELINE0] | |
170 | type = MASTER | |
171 | core = 0 | |
172 | ||
173 | [PIPELINE1] | |
174 | type = ROUTING | |
175 | core = 1 | |
176 | pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0 SWQ0 SWQ1 | |
177 | pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 SINK2 SINK3 | |
178 | port_local_dest = 4 ; SINK2 (Drop) | |
179 | n_arp_entries = 1000 | |
180 | ip_hdr_offset = 270 | |
181 | arp_key_offset = 128 | |
182 | ||
183 | [PIPELINE2] | |
184 | type = FIREWALL | |
185 | core = 1 | |
186 | pktq_in = RXQ0.1 RXQ1.1 RXQ2.1 RXQ3.1 | |
187 | pktq_out = SWQ2 SINK0 | |
188 | n_rules = 4096 | |
189 | ||
190 | [PIPELINE3] | |
191 | type = FLOW_CLASSIFICATION | |
192 | core = 1 | |
193 | pktq_in = RXQ0.2 RXQ1.2 RXQ2.2 RXQ3.2 | |
194 | pktq_out = SWQ3 SINK1 | |
195 | n_flows = 65536 | |
196 | key_size = 16 ; IPv4 5-tuple key size | |
197 | key_offset = 278 ; IPv4 5-tuple key offset | |
198 | key_mask = 00FF0000FFFFFFFFFFFFFFFFFFFFFFFF ; IPv4 5-tuple key mask | |
199 | flowid_offset = 128 ; Flow ID effectively acts as TCP socket ID | |
200 | ||
201 | [PIPELINE4] | |
202 | type = PASS-THROUGH ; Loop-back (UDP place-holder) | |
203 | core = 1 | |
204 | pktq_in = SWQ2 | |
205 | pktq_out = SWQ0 | |
206 | swap = 282 286 ; IPSRC <-> IPDST | |
207 | swap = 290 292 ; PORTSRC <-> PORTDST | |
208 | ||
209 | [PIPELINE5] | |
210 | type = PASS-THROUGH ; Loop-back (TCP place-holder) | |
211 | core = 1 | |
212 | pktq_in = SWQ3 | |
213 | pktq_out = SWQ1 | |
214 | swap = 282 286 ; IPSRC <-> IPDST | |
215 | swap = 290 292 ; PORTSRC <-> PORTDST | |
216 | ||
217 | [PIPELINE6] | |
218 | type = PASS-THROUGH ; Drop (ICMP place-holder) | |
219 | core = 1 | |
220 | pktq_in = RXQ0.3 RXQ1.3 RXQ2.3 RXQ3.3 | |
221 | pktq_out = SINK4 SINK5 SINK6 SINK7 | |
222 | ||
223 | [PIPELINE7] | |
224 | type = PASS-THROUGH ; Drop (Dynamic ARP place-holder) | |
225 | core = 1 | |
226 | pktq_in = RXQ0.4 RXQ1.4 RXQ2.4 RXQ3.4 | |
227 | pktq_out = SINK8 SINK9 SINK10 SINK11 |