#include "pbr_zebra.h"
#include "pbr_memory.h"
#include "pbr_debug.h"
+#include "pbr_vrf.h"
DEFINE_MTYPE_STATIC(PBRD, PBR_MAP, "PBR Map")
DEFINE_MTYPE_STATIC(PBRD, PBR_MAP_SEQNO, "PBR Map Sequence")
static uint32_t pbr_map_sequence_unique;
+static bool pbr_map_check_valid_internal(struct pbr_map *pbrm);
static inline int pbr_map_compare(const struct pbr_map *pbrmap1,
const struct pbr_map *pbrmap2);
}
}
-static const char *pbr_map_reason_str[] = {
+static bool pbrms_is_installed(const struct pbr_map_sequence *pbrms,
+ const struct pbr_map_interface *pmi)
+{
+ uint64_t is_installed = (uint64_t)1 << pmi->install_bit;
+
+ is_installed &= pbrms->installed;
+
+ if (is_installed)
+ return true;
+
+ return false;
+}
+
+/* If any sequence is installed on the interface, assume installed */
+static bool
+pbr_map_interface_is_installed(const struct pbr_map *pbrm,
+ const struct pbr_map_interface *check_pmi)
+{
+
+ struct pbr_map_sequence *pbrms;
+ struct pbr_map_interface *pmi;
+ struct listnode *node, *inode;
+
+ for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms))
+ for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi))
+ if (pmi == check_pmi && pbrms_is_installed(pbrms, pmi))
+ return true;
+
+ return false;
+}
+
+static bool pbr_map_interface_is_valid(const struct pbr_map_interface *pmi)
+{
+ /* Don't install rules without a real ifindex on the incoming interface.
+ *
+ * This can happen when we have config for an interface that does not
+ * exist or when an interface is changing vrfs.
+ */
+ if (pmi->ifp && pmi->ifp->ifindex != IFINDEX_INTERNAL)
+ return true;
+
+ return false;
+}
+
+static void pbr_map_pbrms_update_common(struct pbr_map_sequence *pbrms,
+ bool install, bool changed)
+{
+ struct pbr_map *pbrm;
+ struct listnode *node;
+ struct pbr_map_interface *pmi;
+
+ pbrm = pbrms->parent;
+
+ if (pbrms->nhs_installed && pbrm->incoming->count) {
+ for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, node, pmi)) {
+ if (!pmi->ifp)
+ continue;
+
+ if (install && !pbr_map_interface_is_valid(pmi))
+ continue;
+
+ pbr_send_pbr_map(pbrms, pmi, install, changed);
+ }
+ }
+}
+
+static void pbr_map_pbrms_install(struct pbr_map_sequence *pbrms, bool changed)
+{
+ pbr_map_pbrms_update_common(pbrms, true, changed);
+}
+
+static void pbr_map_pbrms_uninstall(struct pbr_map_sequence *pbrms)
+{
+ pbr_map_pbrms_update_common(pbrms, false, false);
+}
+
+static const char *const pbr_map_reason_str[] = {
"Invalid NH-group", "Invalid NH", "No Nexthops",
- "Both NH and NH-Group", "Invalid Src or Dst", "Deleting Sequence",
+ "Both NH and NH-Group", "Invalid Src or Dst", "Invalid VRF",
+ "Deleting Sequence",
};
void pbr_map_reason_string(unsigned int reason, char *buf, int size)
void pbr_map_final_interface_deletion(struct pbr_map *pbrm,
struct pbr_map_interface *pmi)
{
- if (pmi->delete == true) {
+ if (pmi->delete && !pbr_map_interface_is_installed(pbrm, pmi)) {
listnode_delete(pbrm->incoming, pmi);
pmi->pbrm = NULL;
pbr_map_install(pbrm);
}
+static int
+pbr_map_policy_interface_update_common(const struct interface *ifp,
+ struct pbr_interface **pbr_ifp,
+ struct pbr_map **pbrm)
+{
+ if (!ifp->info) {
+ DEBUGD(&pbr_dbg_map, "%s: %s has no pbr_interface info",
+ __func__, ifp->name);
+ return -1;
+ }
+
+ *pbr_ifp = ifp->info;
+
+ *pbrm = pbrm_find((*pbr_ifp)->mapname);
+
+ if (!*pbrm) {
+ DEBUGD(&pbr_dbg_map, "%s: applied PBR-MAP(%s) does not exist?",
+ __func__, (*pbr_ifp)->mapname);
+ return -1;
+ }
+
+ return 0;
+}
+
+void pbr_map_policy_interface_update(const struct interface *ifp, bool state_up)
+{
+ struct pbr_interface *pbr_ifp;
+ struct pbr_map_sequence *pbrms;
+ struct pbr_map *pbrm;
+ struct listnode *node, *inode;
+ struct pbr_map_interface *pmi;
+
+ if (pbr_map_policy_interface_update_common(ifp, &pbr_ifp, &pbrm))
+ return;
+
+ DEBUGD(&pbr_dbg_map, "%s: %s %s rules on interface %s", __func__,
+ pbr_ifp->mapname, (state_up ? "installing" : "removing"),
+ ifp->name);
+
+ /*
+ * Walk the list and install/remove maps on the interface.
+ */
+ for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms))
+ for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi))
+ if (pmi->ifp == ifp && pbr_map_interface_is_valid(pmi))
+ pbr_send_pbr_map(pbrms, pmi, state_up, false);
+}
+
+static void pbrms_vrf_update(struct pbr_map_sequence *pbrms,
+ const struct pbr_vrf *pbr_vrf)
+{
+ const char *vrf_name = pbr_vrf_name(pbr_vrf);
+
+ if (pbrms->vrf_lookup
+ && (strncmp(vrf_name, pbrms->vrf_name, sizeof(pbrms->vrf_name))
+ == 0)) {
+ DEBUGD(&pbr_dbg_map, "\tSeq %u uses vrf %s (%u), updating map",
+ pbrms->seqno, vrf_name, pbr_vrf_id(pbr_vrf));
+
+ pbr_map_check(pbrms, false);
+ }
+}
+
+/* Vrf enabled/disabled */
+void pbr_map_vrf_update(const struct pbr_vrf *pbr_vrf)
+{
+ struct pbr_map *pbrm;
+ struct pbr_map_sequence *pbrms;
+ struct listnode *node;
+
+ if (!pbr_vrf)
+ return;
+
+ bool enabled = pbr_vrf_is_enabled(pbr_vrf);
+
+ DEBUGD(&pbr_dbg_map, "%s: %s (%u) %s, updating pbr maps", __func__,
+ pbr_vrf_name(pbr_vrf), pbr_vrf_id(pbr_vrf),
+ enabled ? "enabled" : "disabled");
+
+ RB_FOREACH (pbrm, pbr_map_entry_head, &pbr_maps) {
+ DEBUGD(&pbr_dbg_map, "%s: Looking at %s", __func__, pbrm->name);
+ for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms))
+ pbrms_vrf_update(pbrms, pbr_vrf);
+ }
+}
+
void pbr_map_write_interfaces(struct vty *vty, struct interface *ifp)
{
struct pbr_interface *pbr_ifp = ifp->info;
pbrm = pbrms->parent;
for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi))
- pbr_send_pbr_map(pbrms, pmi, false);
+ pbr_send_pbr_map(pbrms, pmi, false, false);
if (pbrms->nhg)
pbr_nht_delete_individual_nexthop(pbrms);
}
}
-void pbr_map_delete_nexthop_group(struct pbr_map_sequence *pbrms)
+static void pbr_map_delete_common(struct pbr_map_sequence *pbrms)
{
struct pbr_map *pbrm = pbrms->parent;
- struct listnode *node;
- struct pbr_map_interface *pmi;
- if (pbrm->valid && pbrms->nhs_installed && pbrm->incoming->count) {
- for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, node, pmi))
- pbr_send_pbr_map(pbrms, pmi, false);
- }
+ pbr_map_pbrms_uninstall(pbrms);
pbrm->valid = false;
pbrms->nhs_installed = false;
pbrms->reason |= PBR_MAP_INVALID_NO_NEXTHOPS;
- pbrms->nhgrp_name = NULL;
+ XFREE(MTYPE_TMP, pbrms->nhgrp_name);
+}
+
+void pbr_map_delete_nexthops(struct pbr_map_sequence *pbrms)
+{
+ pbr_map_delete_common(pbrms);
+}
+
+void pbr_map_delete_vrf(struct pbr_map_sequence *pbrms)
+{
+ pbr_map_delete_common(pbrms);
}
struct pbr_map_sequence *pbrms_lookup_unique(uint32_t unique, ifindex_t ifindex,
for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, snode,
pbrms)) {
DEBUGD(&pbr_dbg_map, "%s: Comparing %u to %u",
- __PRETTY_FUNCTION__, pbrms->unique,
- unique);
+ __func__, pbrms->unique, unique);
if (pbrms->unique == unique)
return pbrms;
}
pbrms->reason =
PBR_MAP_INVALID_EMPTY |
PBR_MAP_INVALID_NO_NEXTHOPS;
+ pbrms->vrf_name[0] = '\0';
QOBJ_REG(pbrms, pbr_map_sequence);
listnode_add_sort(pbrm->seqnumbers, pbrms);
static void
pbr_map_sequence_check_nexthops_valid(struct pbr_map_sequence *pbrms)
{
+ /* Check if any are present first */
+ if (!pbrms->vrf_unchanged && !pbrms->vrf_lookup && !pbrms->nhg
+ && !pbrms->nhgrp_name) {
+ pbrms->reason |= PBR_MAP_INVALID_NO_NEXTHOPS;
+ return;
+ }
+
+ /*
+ * Check validness of vrf.
+ */
+
+ /* This one can be considered always valid */
+ if (pbrms->vrf_unchanged)
+ pbrms->nhs_installed = true;
+
+ if (pbrms->vrf_lookup) {
+ struct pbr_vrf *pbr_vrf =
+ pbr_vrf_lookup_by_name(pbrms->vrf_name);
+
+ if (pbr_vrf && pbr_vrf_is_valid(pbr_vrf))
+ pbrms->nhs_installed = true;
+ else
+ pbrms->reason |= PBR_MAP_INVALID_VRF;
+ }
+
/*
* Check validness of the nexthop or nexthop-group
*/
- if (!pbrms->nhg && !pbrms->nhgrp_name)
- pbrms->reason |= PBR_MAP_INVALID_NO_NEXTHOPS;
+ /* Only nexthop or nexthop group allowed */
if (pbrms->nhg && pbrms->nhgrp_name)
pbrms->reason |= PBR_MAP_INVALID_BOTH_NHANDGRP;
pbrm = pbrm_find(name);
if (!pbrm) {
DEBUGD(&pbr_dbg_map,
- "%s: Specified PBR-MAP(%s) does not exist?",
- __PRETTY_FUNCTION__, name);
+ "%s: Specified PBR-MAP(%s) does not exist?", __func__,
+ name);
return false;
}
struct listnode *node;
RB_FOREACH (pbrm, pbr_map_entry_head, &pbr_maps) {
- DEBUGD(&pbr_dbg_map, "%s: Looking at %s", __PRETTY_FUNCTION__,
- pbrm->name);
+ DEBUGD(&pbr_dbg_map, "%s: Looking at %s", __func__, pbrm->name);
for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms)) {
DEBUGD(&pbr_dbg_map, "\tNH Grp name: %s",
pbrms->nhgrp_name ?
&& (strcmp(nh_group, pbrms->nhgrp_name) == 0)) {
pbrms->nhs_installed = true;
- pbr_map_check(pbrms);
+ pbr_map_check(pbrms, false);
}
if (pbrms->nhg
== 0)) {
pbrms->nhs_installed = true;
- pbr_map_check(pbrms);
+ pbr_map_check(pbrms, false);
}
}
}
struct listnode *node, *inode;
struct pbr_map_interface *pmi;
- DEBUGD(&pbr_dbg_map, "%s: for %s", __PRETTY_FUNCTION__, name);
+ DEBUGD(&pbr_dbg_map, "%s: for %s", __func__, name);
pbrm = pbrm_find(name);
if (!pbrm)
return;
for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms)) {
DEBUGD(&pbr_dbg_map,
- "%s: Looking at what to install %s(%u) %d %d",
- __PRETTY_FUNCTION__, name, pbrms->seqno, pbrm->valid,
- pbrms->nhs_installed);
+ "%s: Looking at what to install %s(%u) %d %d", __func__,
+ name, pbrms->seqno, pbrm->valid, pbrms->nhs_installed);
- if (pbrm->valid && pbrms->nhs_installed && pbrm->incoming->count) {
- DEBUGD(&pbr_dbg_map, "\tInstalling %s %u",
- pbrm->name, pbrms->seqno);
+ if (pbrm->valid && pbrms->nhs_installed
+ && pbrm->incoming->count) {
+ DEBUGD(&pbr_dbg_map, "\tInstalling %s %u", pbrm->name,
+ pbrms->seqno);
for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi))
- pbr_send_pbr_map(pbrms, pmi, true);
+ if (pbr_map_interface_is_valid(pmi))
+ pbr_send_pbr_map(pbrms, pmi, true,
+ false);
}
}
}
for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms))
- pbr_send_pbr_map(pbrms, pmi, false);
+ pbr_send_pbr_map(pbrms, pmi, false, false);
pmi->delete = true;
}
pbrm->incoming, inode,
pmi))
pbr_send_pbr_map(pbrms, pmi,
- false);
+ false, false);
}
}
}
}
-void pbr_map_check(struct pbr_map_sequence *pbrms)
+void pbr_map_check(struct pbr_map_sequence *pbrms, bool changed)
{
struct pbr_map *pbrm;
- struct listnode *inode;
- struct pbr_map_interface *pmi;
bool install;
pbrm = pbrms->parent;
- DEBUGD(&pbr_dbg_map, "%s: for %s(%u)", __PRETTY_FUNCTION__,
- pbrm->name, pbrms->seqno);
+ DEBUGD(&pbr_dbg_map, "%s: for %s(%u)", __func__, pbrm->name,
+ pbrms->seqno);
if (pbr_map_check_valid(pbrm->name))
DEBUGD(&pbr_dbg_map, "We are totally valid %s",
pbrm->name);
if (pbrms->reason == PBR_MAP_VALID_SEQUENCE_NUMBER) {
install = true;
DEBUGD(&pbr_dbg_map, "%s: Installing %s(%u) reason: %" PRIu64,
- __PRETTY_FUNCTION__, pbrm->name, pbrms->seqno,
- pbrms->reason);
+ __func__, pbrm->name, pbrms->seqno, pbrms->reason);
DEBUGD(&pbr_dbg_map,
"\tSending PBR_MAP_POLICY_INSTALL event");
} else {
install = false;
- DEBUGD(&pbr_dbg_map,
- "%s: Removing %s(%u) reason: %" PRIu64,
- __PRETTY_FUNCTION__, pbrm->name,
- pbrms->seqno, pbrms->reason);
+ DEBUGD(&pbr_dbg_map, "%s: Removing %s(%u) reason: %" PRIu64,
+ __func__, pbrm->name, pbrms->seqno, pbrms->reason);
}
- for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi)) {
- pbr_send_pbr_map(pbrms, pmi, install);
- }
+ if (install)
+ pbr_map_pbrms_install(pbrms, changed);
+ else
+ pbr_map_pbrms_uninstall(pbrms);
}
void pbr_map_install(struct pbr_map *pbrm)
{
- struct listnode *node, *inode;
struct pbr_map_sequence *pbrms;
- struct pbr_map_interface *pmi;
+ struct listnode *node;
if (!pbrm->incoming->count)
return;
for (ALL_LIST_ELEMENTS_RO(pbrm->seqnumbers, node, pbrms))
- for (ALL_LIST_ELEMENTS_RO(pbrm->incoming, inode, pmi))
- pbr_send_pbr_map(pbrms, pmi, true);
+ pbr_map_pbrms_install(pbrms, false);
}
void pbr_map_init(void)
projects / mirror_frr.git / blobdiff