1. feat_bitmap
Bitmap for managing feature invocation.
1.1. Introduction
This is drop node for feature bitmaps.
For features that just do a drop, or are not yet implemented. Initial feature dispatch nodes don’t need to set b0->error in case of a possible drop because that will be done here. The next node is always error-drop.
1.2. Interface
Initial function is feat_bitmap_drop_init().
2. l2_api
Layer 2 forwarding api
2.1. Introduction
This module is not a node, and this module provides external L2 API.
2.2. Interface
Support below L2 API:
#define foreach_vpe_api_msg \
_(L2_XCONNECT_DUMP, l2_xconnect_dump) \
_(L2_FIB_CLEAR_TABLE, l2_fib_clear_table) \
_(L2_FIB_TABLE_DUMP, l2_fib_table_dump) \
_(L2FIB_FLUSH_ALL, l2fib_flush_all) \
_(L2FIB_FLUSH_INT, l2fib_flush_int) \
_(L2FIB_FLUSH_BD, l2fib_flush_bd) \
_(L2FIB_ADD_DEL, l2fib_add_del) \
_(WANT_L2_MACS_EVENTS, want_l2_macs_events) \
_(L2_FLAGS, l2_flags) \
_(SW_INTERFACE_SET_L2_XCONNECT, sw_interface_set_l2_xconnect) \
_(SW_INTERFACE_SET_L2_BRIDGE, sw_interface_set_l2_bridge) \
_(L2_PATCH_ADD_DEL, l2_patch_add_del) \
_(L2_INTERFACE_EFP_FILTER, l2_interface_efp_filter) \
_(BD_IP_MAC_ADD_DEL, bd_ip_mac_add_del) \
_(BD_IP_MAC_FLUSH, bd_ip_mac_flush) \
_(BD_IP_MAC_DUMP, bd_ip_mac_dump) \
_(BRIDGE_DOMAIN_ADD_DEL, bridge_domain_add_del) \
_(BRIDGE_DOMAIN_DUMP, bridge_domain_dump) \
_(BRIDGE_FLAGS, bridge_flags) \
_(L2_INTERFACE_VLAN_TAG_REWRITE, l2_interface_vlan_tag_rewrite) \
_(L2_INTERFACE_PBB_TAG_REWRITE, l2_interface_pbb_tag_rewrite) \
_(BRIDGE_DOMAIN_SET_MAC_AGE, bridge_domain_set_mac_age) \
_(SW_INTERFACE_SET_VPATH, sw_interface_set_vpath) \
_(BVI_CREATE, bvi_create) \
_(BVI_DELETE, bvi_delete)
Initial function is l2_api_hookup(), and this function is used to add vpe’s API message handlers to the table.
3. l2_bd
layer 2 bridge domain.
3.1. Introduction
This module is not a node, and this module is used to manages Layer 2 bridge domains.
3.2. Interface
Initial function is l2bd_init(), and this function creates a dummy bd with bd_id of 0 and bd_index of 0 with feature set to packet drop only. Thus, packets received from any L2 interface with uninitialized bd_index of 0 can be dropped safely.
3.3. Command
set bridge-domain learn <bridge-domain-id> [disable]
set bridge-domain forward <bridge-domain-id> [disable]
set bridge-domain flood <bridge-domain-id> [disable]
set bridge-domain uu-flood <bridge-domain-id> [disable]
set bridge-domain mac-age <bridge-domain-id> <mins>
set bridge-domain arp term <bridge-domain-id> [disable]
set bridge-domain arp entry <bridge-domain-id> [<ip-addr> <mac-addr> [del] | del-all]
show bridge-domain [bridge-domain-id [detail|int|arp|bd-tag]]
create bridge-domain <bridge-domain-id>
[learn <0|1>] [forward <0|1>] [uu-flood <0|1>] [flood <0|1>] [arp-term <0|1>]
[mac-age <nn>] [bd-tag <tag>] [del]
3.4. Detail
- Why need hash map for bd_id -> bd_index?
The bd_index is from bitmap, and allocate db_configs dynamically, consume less memory.
- Mac age processing.
Please refer to bd_set_mac_age().
If there’s at least one bd need mac age, use signal event to notify l2fib_mac_age_scanner_process_node to start mac age processing.
If there’s no bd need mac age, notify l2fib_mac_age_scanner_process_node to stop mac age processing.
vlib_process_signal_event_data() must be used in main thread.
4. l2_bvi_node
Layer 2 Bridged Virtual Interface.
4.1. Introduction
This module is not a node, and this module provides bvi_device_class interface to send packets to l2-input.
5. l2_bvi
Layer 2 Bridged Virtual Interface.
5.1. Introduction
This module is not a node, and this module defines bvi_device_class and provides related commands.
5.2. Command
bvi create [mac <mac-addr>] [instance <instance>]
bvi delete <interface>
6. l2_efp_filter
Layer 2 egress EFP Filter processing.
6.1. Introduction
It is possible to transmit a packet out a subinterface with VLAN tags that are not compatible with that subinterface. In other words, if that packet arrived on the output port, it would not be classified as coming from the output subinterface. This can happen in various ways: through misconfiguration, by putting subinterfaces with different VLAN encaps in the same bridge-domain, etc. The EFP Filter Check detects such packets and drops them. It consists of two checks, one that verifies the packet prior to output VLAN tag rewrite and one that verifies the packet after VLAN tag rewrite.
6.2. Interface
Initial function is l2_efp_filter_init().
6.3. Command
set interface l2 efp-filter <interface> [disable]
7. l2_fib
Layer 2 forwarding table (aka mac table).
7.1. Introduction
The MAC Address forwarding table for bridge-domains is called the l2fib. Entries are added automatically as part of mac learning, but MAC Addresses entries can also be added manually.
This module uses l2fib_mac_age_scanner_process() to scan mac table for aging.
7.2. Interface
VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION, if interface is down, need to flush mac.
Initial function is l2fib_init(), and this function creates the hash table.
7.3. Command
show l2fib [all] | [bd_id <nn> | bd_index <nn>] [learn | add] | [raw]
clear l2fib
l2fib add <mac> <bridge-domain-id> filter | <intf> [static | bvi]
test l2fib [add|del|check] mac <base-addr> count <nn>
l2fib del <mac> <bridge-domain-id> []
l2fib flush-mac all
l2fib flush-mac interface <if-name>
l2fib flush-mac bridge-domain <bd-id>
7.4. Detail
l2fib uses bihash (bounded-index extensible hashing) for MAC table. Bihash support multi-thread add/del operation, and it does not require reader locking.
User will add or delete static MAC entry with command, and will flush MAC entry with command. l2fib_mac_age_scanner_process() will remove aged MAC entry.
Static MAC can’t be aged or flushed.
7.4.1. Data structure
MAC table is at l2fib_main_t.
typedef struct
{
/* hash table */
BVT (clib_bihash) mac_table;
/* per swif vector of sequence number for interface based flush of MACs */
u8 *swif_seq_num;
/* last event or ager scan duration */
f64 evt_scan_duration;
f64 age_scan_duration;
/* delay between event scans, default to 100 msec */
f64 event_scan_delay;
/* max macs in event message, default to 100 entries */
u32 max_macs_in_event;
/* convenience variables */
vlib_main_t *vlib_main;
vnet_main_t *vnet_main;
} l2fib_main_t;
If client_pid is configured, this node will send MAC event to registered client.
typedef struct
{
/* Hash table */
BVT (clib_bihash) * mac_table;
/* number of dynamically learned mac entries */
u32 global_learn_count;
/* maximum number of dynamically learned mac entries */
u32 global_learn_limit;
/* client waiting for L2 MAC events for learned and aged MACs */
u32 client_pid;
u32 client_index;
/* Next nodes for each feature */
u32 feat_next_node_index[32];
/* convenience variables */
vlib_main_t *vlib_main;
vnet_main_t *vnet_main;
} l2learn_main_t;
MAC entry flags are:
/**
* Flags associated with an L2 Fib Entry
* - static mac, no MAC move
* - not subject to age
* - mac is for a bridged virtual interface
* - drop packets to/from this mac
* - MAC learned to be sent in L2 MAC event
* -MAC learned is a MAC move
*/
#define foreach_l2fib_entry_result_attr \
_(STATIC, 0, "static") \
_(AGE_NOT, 1, "age-not") \
_(BVI, 2, "bvi") \
_(FILTER, 3, "filter") \
_(LRN_EVT, 4, "learn-event") \
_(LRN_MOV, 5, "learn-move")
7.4.2. Function
-
l2fib_mac_age_scanner_process()
The loop waits for timeout and event, and it uses l2fib_scan() to iterate MAC table for MAC aging and MAC event.
- L2_MAC_AGE_PROCESS_EVENT_START, configure bridge domain and flush mac will trigger this event. This event will also start timer.
- L2_MAC_AGE_PROCESS_EVENT_STOP, configure bridge domain will trigger this event. This event will also stop timer.
- L2_MAC_AGE_PROCESS_EVENT_ONE_PASS, flush mac will trigger this event.
- When client_pid is configured and timeout, this case is only used for MAC event.
-
l2fib_scan()
- MAC aging. This function uses clib_bihash_add_del to remove aged entry.
- MAC event. Send MAC event to registered client, including MAC_EVENT_ACTION_MOVE, MAC_EVENT_ACTION_ADD and MAC_EVENT_ACTION_DELETE.
8. l2_flood
Layer 2 flooding.
8.1. Introduction
Flooding uses the packet replication infrastructure to send a copy of the packet to each member interface. Logically the replication infrastructure expects two graph nodes: a prep node that initiates replication and sends the packet to the first destination, and a recycle node that is passed the packet after it has been transmitted.
To decrease the amount of code, l2 flooding implements both functions in the same graph node. This node can tell if is it being called as the “prep” or “recycle” using replication_is_recycled().
8.2. Interface
Initial function is l2flood_init().
8.3. Command
set interface l2 flood <interface> [disable]
9. l2_fwd
Layer 2 forwarding using l2fib.
9.1. Introduction
Code in this file handles forwarding Layer 2 packets. This file calls the FIB lookup, packet learning and the packet flooding as necessary. Packet is then sent to the next graph node.
9.2. Interface
Initial function is l2fwd_init().
9.3. Command
set interface l2 forward <interface> [disable]
10. l2_in_out_acl
Layer 2 input/output acl processing.
10.1. Introduction
There’re 2 nodes, one for in acl, and one for out acl.
10.2. Interface
Initial function is l2_in_out_acl_init().
11. l2_in_out_feat_arc
Layer 2 input/output acl processing.
11.1. Introduction
There are 6 feature arc:
- l2_in_ip4_arc
- l2_out_ip4_arc
- l2_out_ip6_arc
- l2_in_ip6_arc
- l2_out_nonip_arc
- l2_in_nonip_arc
There are 4 nodes:
- l2_in_feat_arc_node
- l2_out_feat_arc_node
- l2_in_feat_arc_end_node
- l2_out_feat_arc_end_node
There are 6 features:
- l2_in_ip4_arc_end
- l2_out_ip4_arc_end
- l2_in_ip6_arc_end
- l2_out_ip6_arc_end
- l2_in_nonip_arc_end
- l2_out_nonip_arc_end
11.2. Interface
Initial function is l2_in_out_feat_arc_init().
12. l2_input_classify
L2 input classifier.
12.1. Introduction
This is the l2 input classifier dispatch node.
12.2. Interface
Initial function is l2_input_classify_init(). Worker initial function is l2_input_classify_worker_init().
12.3. Command
set interface l2 input classify intfc <interface-name> [ip4-table <n>]
[ip6-table <n>] [other-table <n>]
13. l2_input_vtr
Layer 2 input vlan tag rewrite processing.
13.1. Interface
Initial function is l2_invtr_init().
14. l2_input
Layer 2 input packet processing.
14.1. Introduction
Interface Input Mode (Layer 2 Cross-Connect or Bridge / Layer 3).
This file contains the CLI Commands that modify the input mode of an interface. For interfaces in a Layer 2 cross-connect, all packets received on one interface will be transmitted to the other. For interfaces in a bridge-domain, packets will be forwarded to other interfaces in the same bridge-domain based on destination mac address. For interfaces in Layer 3 mode, the packets will be routed.
14.2. Interface
Initial function is l2_init() and l2input_init().
14.3. Command
show mode [<if-name1> <if-name2> ...]
set interface l3 <interface>
set interface l2 xconnect <interface> <peer interface>
set interface l2 bridge <interface> <bridge-domain-id> [bvi|uu-fwd] [shg]
15. l2_learn
Layer 2 learning using l2fib.
15.1. Introduction
Ethernet Bridge Learning.
Populate the mac table with entries mapping the packet’s source mac + bridge domain ID to the input sw_if_index.
Note that learning and forwarding are separate graph nodes. This means that for a set of packets, all learning is performed first, then all nodes are forwarded. The forwarding is done based on the end-state of the mac table, instead of the state after each packet. Thus the forwarding results could differ in certain cases (mac move tests), but this not expected to cause problems in real-world networks. It is much simpler to separate learning and forwarding into separate nodes.
15.2. Interface
Config function is l2learn_config().
Initial function is l2learn_init().
15.3. Command
set interface l2 learn <interface> [disable]
15.4. Detail
- MAC entry is not in MAC table, add it.
- MAC entry is moved to other port, update it.
- MAC entry is not up to date, update it.
- MAC entry is up to date, do nothing.
16. l2_output_classify
L2 output classifier.
16.1. Introduction
This is the l2 output classifier dispatch node.
16.2. Interface
worker initial function is l2_output_classify_worker_init().
Initial function is l2_output_classify_init().
16.3. Command
set interface l2 output classify intfc <<interface-name>> [ip4-table <n>]
[ip6-table <n>] [other-table <n>]
17. l2_output
Layer 2 output packet processing.
17.1. Introduction
There are 2 nodes:
- l2output_node
- l2output_bad_intf_node
17.2. Interface
Initial function is l2output_init().
18. l2_patch
18.1. Interface
Initial function is l2_patch_init().
18.2. Command
test l2patch rx <intfc> tx <intfc> [del]
Show l2 interface cross-connect entries
19. l2_rw
Layer 2 Rewrite.
19.1. Introduction
Layer 2-Rewrite node uses classify tables to match packets. Then, using the provisioned mask and value, modifies the packet header.
19.2. Interface
Initial function is l2_rw_init().
19.3. Command
set bridge-domain rewrite <bridge-domain> [disable]
show l2 rewrite entries
show l2 rewrite interfaces
set interface l2 rewrite <interface> [table <table index>] [miss-index <entry-index>]
l2 rewrite entry [index <index>] [mask <hex-mask>] [value <hex-value>] [skip <n_bytes>] [del]
20. l2_uu_fwd
Foward unknown unicast packets to BD’s configured interface.
21. l2_vtr
Layer 2 vlan tag rewrite configuration.
21.1. Introduction
Ethernet VLAN Tag Rewrite.
VLAN tag rewrite provides the ability to change the VLAN tags on a packet. Existing tags can be popped, new tags can be pushed, and existing tags can be swapped with new tags. The rewrite feature is attached to a subinterface as input and output operations. The input operation is explicitly configured. The output operation is the symmetric opposite and is automatically derived from the input operation.
21.2. Interface
Initial function is l2_vtr_init()
21.3. Command
set interface l2 tag-rewrite <interface> [disable | pop {1|2} | push {dot1q|dot1ad} <tag> <tag>]
set interface l2 pbb-tag-rewrite <interface> [disable | pop | push | translate_pbb_stag <outer_tag> dmac <address> smac <address> s_id <nn> [b_vlanid <nn>]]
22. l2_xcrw
22.1. Introduction
General L2 / L3 cross-connect, used to set up “L2 interface <–> your-favorite-tunnel-encap” tunnels.
We set up a typical L2 cross-connect or (future) bridge to hook L2 interface(s) up to the L3 stack in arbitrary ways.
Each l2_xcrw adjacency specifies 3 things:
-
The next graph node (presumably in the L3 stack) to process the (L2 -> L3) packet
-
A new value for vnet_buffer(b)->sw_if_index[VLIB_TX] (i.e. a lookup FIB index),
-
A rewrite string to apply.
Example: to cross-connect an L2 interface or (future) bridge to an mpls-o-gre tunnel, set up the L2 rewrite string as shown in mpls_gre_rewrite, and use “mpls-post-rewrite” to fix the GRE IP header checksum and length fields.
And this module defines a device class, xcrw_device_class.
22.2. Interface
Initial function is l2_xcrw_init().
22.3. Command
set interface l2 xcrw <interface> next <node-name>
[del] [tx-fib-id <id>] [ipv6] rw <hex-bytes>
show l2xcrw