ironcore-dev · guvenc · Nov 17, 2023 · Nov 15, 2023
@@ -52,16 +52,15 @@ struct dp_fwall_rule {
 	TAILQ_ENTRY(dp_fwall_rule) next_rule;
 };
 
-// forward-declaration due to 'struct dp_fwall_rule' being part of 'struct dp_grpc_responder'
+// forward-declaration due to 'struct dp_fwall_rule' being part of these structures
 struct dp_grpc_responder;
-// dtto for 'struct vm_entry' which is part of 'struct dp_port'
 struct dp_port;
 
 void dp_init_firewall_rules(struct dp_port *port);
 int dp_add_firewall_rule(const struct dp_fwall_rule *new_rule, struct dp_port *port);
 int dp_delete_firewall_rule(const char *rule_id, struct dp_port *port);
 struct dp_fwall_rule *dp_get_firewall_rule(const char *rule_id, const struct dp_port *port);
-enum dp_fwall_action dp_get_firewall_action(struct dp_flow *df, const struct dp_port *src_port, const struct dp_port *dst_port);
+enum dp_fwall_action dp_get_firewall_action(struct dp_flow *df, const struct dp_port *in_port, const struct dp_port *out_port);
 int dp_list_firewall_rules(const struct dp_port *port, struct dp_grpc_responder *responder);
 void dp_del_all_firewall_rules(struct dp_port *port);
 

@@ -154,7 +154,7 @@ void dp_free_flow(struct dp_ref *ref);
 void dp_free_network_nat_port(const struct flow_value *cntrack);
 void dp_remove_nat_flows(uint16_t port_id, int nat_type);  // TODO create proper enum!
 void dp_remove_neighnat_flows(uint32_t ipv4, uint32_t vni, uint16_t min_port, uint16_t max_port);
-void dp_remove_vm_flows(uint16_t port_id, uint32_t ipv4, uint32_t vni);
+void dp_remove_iface_flows(uint16_t port_id, uint32_t ipv4, uint32_t vni);
 
 hash_sig_t dp_get_conntrack_flow_hash_value(const struct flow_key *key);
 

@@ -0,0 +1,42 @@
+#ifndef __INCLUDE_DP_IFACE_H__
+#define __INCLUDE_DP_IFACE_H__
+
+#include "dp_port.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int dp_ifaces_init(int socket_id);
+void dp_ifaces_free(void);
+
+int dp_map_iface_id(const char iface_id[DP_IFACE_ID_MAX_LEN], struct dp_port *port);
+void dp_unmap_iface_id(const char iface_id[DP_IFACE_ID_MAX_LEN]);
+struct dp_port *dp_get_port_with_iface_id(const char iface_id[DP_IFACE_ID_MAX_LEN]);
+
+int dp_setup_iface(struct dp_port *port, int vni);
+void dp_delete_iface(struct dp_port *port);
+
+
+static __rte_always_inline
+bool dp_arp_cycle_needed(const struct dp_port *port)
+{
+	static struct rte_ether_addr nul_mac = {0};
+
+	return port->iface.ready
+		&& rte_is_same_ether_addr(&port->neigh_mac, &nul_mac);
+}
+
+static __rte_always_inline
+void dp_fill_ether_hdr(struct rte_ether_hdr *ether_hdr, const struct dp_port *port, uint16_t ether_type)
+{
+	rte_ether_addr_copy(&port->neigh_mac, &ether_hdr->dst_addr);
+	rte_ether_addr_copy(&port->own_mac, &ether_hdr->src_addr);
+	ether_hdr->ether_type = htons(ether_type);
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
@@ -36,9 +36,9 @@ struct lb_value {
 
 int dp_lb_init(int socket_id);
 void dp_lb_free(void);
-bool dp_is_ip_lb(uint32_t vm_ip, uint32_t vni);
-uint32_t dp_get_lb_ip(uint32_t vm_ip, uint32_t vni);
-uint8_t *dp_lb_get_backend_ip(uint32_t v_ip, uint32_t vni, rte_be16_t port, uint8_t proto);
+bool dp_is_ip_lb(uint32_t ol_ip, uint32_t vni);
+uint32_t dp_get_lb_ip(uint32_t ol_ip, uint32_t vni);
+uint8_t *dp_lb_get_backend_ip(uint32_t ol_ip, uint32_t vni, rte_be16_t port, uint8_t proto);
 bool dp_is_lb_enabled(void);
 int dp_del_lb_back_ip(const void *id_key, const uint8_t *back_ip);
 int dp_add_lb_back_ip(const void *id_key, const uint8_t *back_ip, uint8_t ip_size);

@@ -37,21 +37,21 @@ extern "C" {
 #define DP_LIST_EXT_ROUTES true
 #define DP_LIST_INT_ROUTES false
 
-struct vm_route {
+struct dp_iface_route {
 	int		vni;
 	uint8_t	nh_ipv6[16];
 };
 
-const struct dp_port *dp_get_ip4_dst_port(const struct dp_port *port,
+const struct dp_port *dp_get_ip4_out_port(const struct dp_port *in_port,
 										  int t_vni,
 										  const struct dp_flow *df,
-										  struct vm_route *route,
+										  struct dp_iface_route *route,
 										  uint32_t *route_key);
 
-const struct dp_port *dp_get_ip6_dst_port(const struct dp_port *port,
+const struct dp_port *dp_get_ip6_out_port(const struct dp_port *in_port,
 										  int t_vni,
 										  const struct rte_ipv6_hdr *ipv6_hdr,
-										  struct vm_route *route);
+										  struct dp_iface_route *route);
 
 uint32_t dp_get_gw_ip4(void);
 const uint8_t *dp_get_gw_ip6(void);

@@ -44,9 +44,9 @@ typedef struct network_nat_entry {
 
 struct snat_data {
 	uint32_t	vip_ip;
-	uint32_t	network_nat_ip;
-	uint16_t	network_nat_port_range[2];
-	uint8_t		ul_ip6[16]; /* VIP underlady */
+	uint32_t	nat_ip;
+	uint16_t	nat_port_range[2];
+	uint8_t		ul_vip_ip6[16]; /* VIP underlay */
 	uint8_t		ul_nat_ip6[16]; /* NAT Gateway underlay */
 	uint64_t	log_timestamp;
 };
@@ -56,9 +56,9 @@ struct dnat_data {
 };
 
 struct netnat_portmap_key {
-	uint32_t	vm_src_ip;
+	uint32_t	iface_src_ip;
 	uint32_t	vni;
-	uint16_t	vm_src_port;
+	uint16_t	iface_src_port;
 } __rte_packed;
 
 struct netnat_portmap_data {
@@ -83,9 +83,15 @@ struct nat_check_result {
 int dp_nat_init(int socket_id);
 void dp_nat_free(void);
 
-int dp_del_vm_snat_ip(uint32_t vm_ip, uint32_t vni);
-uint32_t dp_get_vm_snat_ip(uint32_t vm_ip, uint32_t vni);
-int dp_set_vm_snat_ip(uint32_t vm_ip, uint32_t s_ip, uint32_t vni, const uint8_t ul_ipv6[DP_VNF_IPV6_ADDR_SIZE]);
+uint32_t dp_get_iface_vip_ip(uint32_t iface_ip, uint32_t vni);
+int dp_set_iface_vip_ip(uint32_t iface_ip, uint32_t vip_ip, uint32_t vni,
+						const uint8_t ul_ipv6[DP_VNF_IPV6_ADDR_SIZE]);
+int dp_del_iface_vip_ip(uint32_t iface_ip, uint32_t vni);
+
+uint32_t dp_get_iface_nat_ip(uint32_t iface_ip, uint32_t vni);
+int dp_set_iface_nat_ip(uint32_t iface_ip, uint32_t nat_ip, uint32_t vni, uint16_t min_port, uint16_t max_port,
+						const uint8_t ul_ipv6[DP_VNF_IPV6_ADDR_SIZE]);
+int dp_del_iface_nat_ip(uint32_t iface_ip, uint32_t vni);
 
 int dp_del_dnat_ip(uint32_t d_ip, uint32_t vni);
 struct dnat_data *dp_get_dnat_data(uint32_t d_ip, uint32_t vni);
@@ -106,16 +112,13 @@ int dp_del_network_nat_entry(uint32_t nat_ipv4, const uint8_t nat_ipv6[DP_VNF_IP
 const uint8_t *dp_get_network_nat_underlay_ip(uint32_t nat_ipv4, const uint8_t nat_ipv6[DP_VNF_IPV6_ADDR_SIZE],
 											  uint32_t vni, uint16_t min_port, uint16_t max_port);
 
-uint32_t dp_get_vm_network_snat_ip(uint32_t vm_ip, uint32_t vni);
-int dp_set_vm_network_snat_ip(uint32_t vm_ip, uint32_t s_ip, uint32_t vni, uint16_t min_port, uint16_t max_port,
-							  const uint8_t ul_ipv6[DP_VNF_IPV6_ADDR_SIZE]);
-int dp_del_vm_network_snat_ip(uint32_t vm_ip, uint32_t vni);
 int dp_allocate_network_snat_port(struct snat_data *snat_data, struct dp_flow *df, uint32_t vni);
 const uint8_t *dp_lookup_network_nat_underlay_ip(struct dp_flow *df);
 int dp_remove_network_snat_port(const struct flow_value *cntrack);
+
 int dp_list_nat_local_entries(uint32_t nat_ip, struct dp_grpc_responder *responder);
 int dp_list_nat_neigh_entries(uint32_t nat_ip, struct dp_grpc_responder *responder);
-struct snat_data *dp_get_vm_snat_data(uint32_t vm_ip, uint32_t vni);
+struct snat_data *dp_get_iface_snat_data(uint32_t iface_ip, uint32_t vni);
 void dp_del_all_neigh_nat_entries_in_vni(uint32_t vni);
 
 

@@ -14,25 +14,24 @@
 extern "C" {
 #endif
 
-#define VM_IFACE_ID_MAX_LEN		64
+#define DP_IFACE_ID_MAX_LEN	64
 
-struct macip_entry {
-	struct rte_ether_addr	own_mac;
-	struct rte_ether_addr	neigh_mac;
+struct dp_iface_cfg {
 	uint32_t				own_ip;
 	uint32_t				neigh_ip;
-	uint8_t					depth;
+	uint8_t					ip_depth;
 	uint8_t					dhcp_ipv6[16];
-	uint8_t					vm_ipv6[16];
+	uint8_t					own_ipv6[16];
+	uint8_t					ip6_depth;
 	uint32_t				pxe_ip;
-	char					pxe_str[VM_MACHINE_PXE_MAX_LEN];
+	char					pxe_str[DP_IFACE_PXE_MAX_LEN];
 };
 
-struct vm_entry {
+struct dp_port_iface {
 	struct dp_fwall_head	fwall_head;
-	struct macip_entry		info;
+	struct dp_iface_cfg		cfg;
 	uint32_t				vni;
-	char					machineid[VM_IFACE_ID_MAX_LEN];
+	char					id[DP_IFACE_ID_MAX_LEN];
 	uint8_t					ul_ipv6[16];
 	bool					ready;
 };
@@ -48,7 +47,9 @@ struct dp_port {
 	char					dev_name[RTE_ETH_NAME_MAX_LEN];
 	uint8_t					peer_pf_hairpin_tx_rx_queue_offset;
 	uint16_t				peer_pf_port_id;
-	struct vm_entry			vm;
+	struct rte_ether_addr	own_mac;
+	struct rte_ether_addr	neigh_mac;
+	struct dp_port_iface	iface;
 	struct rte_flow			*default_jump_flow;
 	struct rte_flow			*default_capture_flow;
 	bool					captured;
@@ -78,24 +79,24 @@ int dp_stop_port(struct dp_port *port);
 static __rte_always_inline
 int dp_load_mac(struct dp_port *port)
 {
-	return rte_eth_macaddr_get(port->port_id, &port->vm.info.own_mac);
+	return rte_eth_macaddr_get(port->port_id, &port->own_mac);
 }
 
 static __rte_always_inline
-const uint8_t *dp_get_port_ul_ip6(const struct dp_port *port)
+const uint8_t *dp_get_port_ul_ipv6(const struct dp_port *port)
 {
-	return port->vm.ready ? port->vm.ul_ipv6 : dp_conf_get_underlay_ip();
+	return port->iface.ready ? port->iface.ul_ipv6 : dp_conf_get_underlay_ip();
 }
 
 static __rte_always_inline
-struct dp_port *dp_get_port(struct rte_mbuf *m)
+struct dp_port *dp_get_in_port(struct rte_mbuf *m)
 {
 	// m->port should've already been validated
 	return _dp_port_table[m->port];
 }
 
 static __rte_always_inline
-struct dp_port *dp_get_dst_port(struct dp_flow *df)
+struct dp_port *dp_get_out_port(struct dp_flow *df)
 {
 	// df->nxt_hop should've already been validated
 	return _dp_port_table[df->nxt_hop];

@@ -15,7 +15,7 @@ extern "C" {
 #include <rte_mbuf.h>
 
 #define DP_FIREWALL_ID_MAX_LEN	64
-#define VM_MACHINE_PXE_MAX_LEN	32
+#define DP_IFACE_PXE_MAX_LEN	32
 #define DP_LB_ID_MAX_LEN		64
 #define DP_LB_MAX_PORTS			16
 

@@ -106,7 +106,7 @@ int dp_virtsvc_get_pf_route(struct dp_virtsvc *virtsvc,
 							 uint16_t *pf_port_id,
 							 int *conn_idx);
 
-void dp_virtsvc_del_vm(uint16_t port_id);
+void dp_virtsvc_del_iface(uint16_t port_id);
 
 int dp_virtsvc_get_used_ports_telemetry(struct rte_tel_data *dict);
 

@@ -4,7 +4,7 @@
 #include <stdint.h>
 #include "dp_firewall.h"
 #include "dp_util.h"
-#include "dp_vm.h"
+#include "dp_iface.h"
 #include "monitoring/dp_monitoring.h"
 
 #ifdef __cplusplus
@@ -74,18 +74,18 @@ enum dpgrpc_capture_iface_type {
 };
 
 struct dpgrpc_iface {
-	char					iface_id[VM_IFACE_ID_MAX_LEN];
+	char					iface_id[DP_IFACE_ID_MAX_LEN];
 	uint32_t				ip4_addr;
 	uint8_t					ip6_addr[DP_VNF_IPV6_ADDR_SIZE];
 	uint32_t				vni;
 	uint32_t				ip4_pxe_addr;						// request (create) only
-	char					pxe_str[VM_MACHINE_PXE_MAX_LEN];	// request (create) only
+	char					pxe_str[DP_IFACE_PXE_MAX_LEN];	// request (create) only
 	char					pci_name[RTE_ETH_NAME_MAX_LEN];
 	uint8_t					ul_addr6[DP_VNF_IPV6_ADDR_SIZE];	// reply only
 };
 
 struct dpgrpc_iface_id {
-	char 					iface_id[VM_IFACE_ID_MAX_LEN];
+	char 					iface_id[DP_IFACE_ID_MAX_LEN];
 };
 
 struct dpgrpc_address {
@@ -100,7 +100,7 @@ struct dpgrpc_address {
 struct dpgrpc_prefix {
 	struct dpgrpc_address	addr;
 	uint32_t				length;
-	char					iface_id[VM_IFACE_ID_MAX_LEN];
+	char					iface_id[DP_IFACE_ID_MAX_LEN];
 };
 
 struct dpgrpc_route {
@@ -113,12 +113,12 @@ struct dpgrpc_route {
 
 struct dpgrpc_vip {
 	struct dpgrpc_address	addr;
-	char					iface_id[VM_IFACE_ID_MAX_LEN];
+	char					iface_id[DP_IFACE_ID_MAX_LEN];
 	uint8_t					ul_addr6[DP_VNF_IPV6_ADDR_SIZE];	// reply only
 };
 
 struct dpgrpc_nat {
-	char					iface_id[VM_IFACE_ID_MAX_LEN];		// local only
+	char					iface_id[DP_IFACE_ID_MAX_LEN];		// local only
 	struct dpgrpc_address	addr;
 	uint16_t				min_port;
 	uint16_t				max_port;
@@ -150,12 +150,12 @@ struct dpgrpc_lb_target {
 };
 
 struct dpgrpc_fwrule {
-	char					iface_id[VM_IFACE_ID_MAX_LEN];
+	char					iface_id[DP_IFACE_ID_MAX_LEN];
 	struct dp_fwall_rule	rule;
 };
 
 struct dpgrpc_fwrule_id {
-	char					iface_id[VM_IFACE_ID_MAX_LEN];
+	char					iface_id[DP_IFACE_ID_MAX_LEN];
 	char					rule_id[DP_FIREWALL_ID_MAX_LEN];
 };
 
@@ -173,7 +173,7 @@ struct dpgrpc_versions {
 struct dpgrpc_capture_interface {
 	enum dpgrpc_capture_iface_type	type;
 	union {
-		char	iface_id[VM_IFACE_ID_MAX_LEN];
+		char	iface_id[DP_IFACE_ID_MAX_LEN];
 		uint8_t pf_index;
 	} spec;
 };