def init_lrp_ingress_clause(options):
init_ecmp_clause(options)
# response ICMP packet if receiving ICMP request
lrp_pkt_response(LR, Priority, Match, Action, State) <= (
(Priority == 3) &
lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR,
UUID_LR, UUID_LR_CHASSIS, State) & (State != 0) &
match.icmp_proto(Match1) &
match.icmp_type(8, Match2) &
match.icmp_code(0, Match3) &
match.ip_dst(LRP[LRP_IP], Match4) &
(Match == Match1 + Match2 + Match3 + Match4) &
action.exchange(NXM_Reg(IP_SRC_IDX), NXM_Reg(IP_DST_IDX), Action1) &
action.load(0xff, NXM_Reg(IP_TTL_IDX), Action2) &
action.load(0, NXM_Reg(ICMP_TYPE_IDX), Action3) &
action.move(NXM_Reg(REG_SRC_IDX), NXM_Reg(REG_DST_IDX), Action4) &
action.load(1, NXM_Reg(REG_FLAG_IDX, FLAG_LOOPBACK_BIT_IDX,
FLAG_LOOPBACK_BIT_IDX), Action5) &
action.resubmit_next(Action6) &
(Action == Action1 + Action2 + Action3 + Action4 +
Action5 + Action6)
)
lrp_pkt_response(LR, Priority, Match, Action, State) <= (
(Priority == 0) &
lr_array(LR, UUID_LR, State) & (State != 0) &
match.ip_proto(Match) &
action.resubmit_next(Action))
lrp_drop_unexpect(LR, Priority, Match, Action, State) <= (
(Priority == 2) &
lr_array(LR, UUID_LR, State) & (State != 0) &
match.ip_proto(Match1) &
match.ip_ttl(1, Match2) &
(Match == Match1 + Match2) &
action.resubmit_table(TABLE_DROP_PACKET, Action)
)
lrp_drop_unexpect(LR, Priority, Match, Action, State) <= (
(Priority == 0) &
lr_array(LR, UUID_LR, State) & (State != 0) &
match.ip_proto(Match) &
action.dec_ttl(Action1) &
action.resubmit_next(Action2) &
(Action == Action1 + Action2)
)
lrp_ip_unsnat_stage1(LR, Priority, Match, Action, State) <= (
nat.lunsnat_xlate_stage1(LR, Priority, Match, Action, State))
lrp_ip_unsnat_stage2(LR, Priority, Match, Action, State) <= (
nat.lunsnat_xlate_stage2(LR, Priority, Match, Action, State))
lrp_ip_dnat_stage1(LR, Priority, Match, Action, State) <= (
nat.ldnat_xlate_stage1(LR, Priority, Match, Action, State))
lrp_ip_dnat_stage2(LR, Priority, Match, Action, State) <= (
nat.ldnat_xlate_stage2(LR, Priority, Match, Action, State))
#automatic route
lrp_ip_route(LR, Priority, Match, Action, State) <= (
lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR,
UUID_LR, UUID_LR_CHASSIS, State) & (State != 0) &
(Priority == LRP[LRP_PREFIX] * 3) &
match.ip_proto(Match1) &
match.ip_dst_prefix(LRP[LRP_IP],
LRP[LRP_PREFIX], Match2) &
(Match == Match1 + Match2) &
action.load(LRP[LRP_PORTID],
NXM_Reg(REG_DST_IDX), Action1) &
action.load(LRP[LRP_MAC_INT],
NXM_Reg(ETH_SRC_IDX), Action2) &
action.move(NXM_Reg(IP_DST_IDX), NXM_Reg(REG2_IDX), Action3) &
# lrp_handle_unknow_dst_pkt may use it to modify IP to
# construct right arp request
action.load(LRP[LRP_IP_INT],
NXM_Reg(REG3_IDX), Action4) &
action.resubmit_next(Action5) &
(Action == Action1 + Action2 + Action3 + Action4 + Action5)
)
#static route
lrp_ip_route(LR, Priority, Match, Action, State) <= (
lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR,
UUID_LR, UUID_LR_CHASSIS, State1) &
(lroute_array(Route, UUID_LR, State2)) &
(State == State1 + State2) & (State != 0) &
(UUID_LR == LR[LR_UUID]) &
# only match the first outport
(LRP[LRP_UUID] == Route[LSR_OUTPORT]) &
(Priority == 1 + Route[LSR_PREFIX] * 3) &
match.ip_proto(Match1) &
match.ip_dst_prefix(Route[LSR_IP],
Route[LSR_PREFIX], Match2) &
(Match == Match1 + Match2) &
action.load(LRP[LRP_PORTID],
NXM_Reg(REG_DST_IDX), Action1) &
action.load(LRP[LRP_MAC_INT],
NXM_Reg(ETH_SRC_IDX), Action2) &
action.load(Route[LSR_NEXT_HOP_INT],
NXM_Reg(REG2_IDX), Action3) &
# lrp_handle_unknow_dst_pkt may use it to modify IP to
# construct right arp request
action.load(LRP[LRP_IP_INT],
NXM_Reg(REG3_IDX), Action4) &
action.resubmit_next(Action5) &
(Action == Action1 + Action2 + Action3 + Action4 + Action5)
)
# gateway chassis no need to consider ecmp
if not options.has_key('GATEWAY'):
lrp_ip_route(LR, Priority, Match, Action, State) <= (
ecmp_static_route(LR, Priority, Match, Action, State)
)
lrp_ecmp_judge(LR, Priority, Match, Action, State) <= (
ecmp_static_route_judge(LR, Priority, Match, Action, State)
)
# drop packet if we cannot found route for this packet
lrp_ip_route(LR, Priority, Match, Action, State) <= (
(Priority == 0) &
lr_array(LR, UUID_LR, State) & (State != 0) &
match.match_none(Match) &
action.resubmit_table(TABLE_DROP_PACKET, Action)
)
pyDatalog.create_terms('lunsnat_xlate_stage1, lunsnat_xlate_stage2')
pyDatalog.create_terms('ldnat_xlate_stage1, ldnat_xlate_stage2')
pyDatalog.create_terms('lundnat_xlate_stage1, lundnat_xlate_stage2')
pyDatalog.create_terms('LNAT1, LNAT2')
lunsnat_xlate_stage1(LR, Priority, Match, Action, State) <= (
(Priority == 2) &
lnat_data(LNAT1, LR, 'snat', UUID_LR, State1) &
lnat_data(LNAT2, LR1, 'dnat', UUID_LR, State2) &
(State == State1 + State2) & (State != 0) &
(LNAT1[LNAT_XLATE_IP] == LNAT2[LNAT_XLATE_IP]) &
(LNAT1[LNAT_IP] == LNAT2[LNAT_IP]) &
(LNAT1[LNAT_PREFIX] == 32) & (LNAT2[LNAT_PREFIX] == 32) &
match.ip_proto(Match1) &
match.ip_dst(LNAT1[LNAT_XLATE_IP], Match2) &
(Match == Match1 + Match2) &
action.mod_nw_dst(LNAT1[LNAT_IP], Action1) &
action.resubmit_next(Action2) &
(Action == Action1 + Action2)
)
lunsnat_xlate_stage1(LR, Priority, Match, Action, State) <= (
(Priority == 1) &
lnat_data(LNAT, LR, 'snat', UUID_LR, State) & (State != 0) &
match.ip_proto(Match1) &
match.ip_dst(LNAT[LNAT_XLATE_IP], Match2) &
(Match == Match1 + Match2) &
action.unsnat(fc.TABLE_LRP_INGRESS_UNSNAT_STAGE2, Action)
)
def init_lrp_ingress_clause(options):
init_ecmp_clause(options)
if options.has_key('GATEWAY'):
_live_lsp_link_lrp(
LSP, LS, UUID_LS, LRP, LR, UUID_LR, None, State) <= (lsp_link_lrp(
LSP, LS, UUID_LS, LRP, LR, UUID_LR, None, State))
_live_lsp_link_lrp(
LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS,
State) <= (lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR,
UUID_LR_CHASSIS, State1)
& chassis_array(PHY_CHASSIS, UUID_LR_CHASSIS, State2) &
(State == State1 + State2))
else:
_live_lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR,
UUID_LR_CHASSIS, State) <= (lsp_link_lrp(
LSP, LS, UUID_LS, LRP, LR, UUID_LR,
UUID_LR_CHASSIS, State))
# response ICMP packet if receiving ICMP request
lrp_pkt_response(LR, Priority, Match, Action, State) <= (
(Priority == 3) & _live_lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR,
UUID_LR, UUID_LR_CHASSIS, State) &
(State != 0) & match.icmp_proto(Match1) & match.icmp_type(8, Match2)
& match.icmp_code(0, Match3) & match.ip_dst(LRP[LRP_IP], Match4) &
(Match == Match1 + Match2 + Match3 + Match4)
& action.exchange(NXM_Reg(IP_SRC_IDX), NXM_Reg(IP_DST_IDX), Action1)
& action.load(0xff, NXM_Reg(IP_TTL_IDX), Action2)
& action.load(0, NXM_Reg(ICMP_TYPE_IDX), Action3) & action.move(
NXM_Reg(REG_SRC_IDX), NXM_Reg(REG_DST_IDX), Action4) & action.load(
1,
NXM_Reg(REG_FLAG_IDX, FLAG_LOOPBACK_BIT_IDX,
FLAG_LOOPBACK_BIT_IDX), Action5)
& action.resubmit_next(Action6) &
(Action == Action1 + Action2 + Action3 + Action4 + Action5 + Action6))
lrp_pkt_response(LR, Priority, Match, Action, State) <= (
(Priority == 0) & lr_array(LR, UUID_LR, State) &
(State != 0) & match.ip_proto(Match) & action.resubmit_next(Action))
lrp_drop_unexpect(LR, Priority, Match, Action, State) <= (
(Priority == 2) & lr_array(LR, UUID_LR, State) &
(State != 0) & match.ip_proto(Match1) & match.ip_ttl(1, Match2) &
(Match == Match1 + Match2)
& action.resubmit_table(TABLE_DROP_PACKET, Action))
lrp_drop_unexpect(LR, Priority, Match, Action, State) <= (
(Priority == 0) & lr_array(LR, UUID_LR, State) &
(State != 0) & match.ip_proto(Match) & action.dec_ttl(Action1)
& action.resubmit_next(Action2) & (Action == Action1 + Action2))
lrp_ip_unsnat_stage1(LR, Priority, Match, Action,
State) <= (nat.lunsnat_xlate_stage1(
LR, Priority, Match, Action, State))
lrp_ip_unsnat_stage2(LR, Priority, Match, Action,
State) <= (nat.lunsnat_xlate_stage2(
LR, Priority, Match, Action, State))
lrp_ip_dnat_stage1(LR, Priority, Match, Action,
State) <= (nat.ldnat_xlate_stage1(
LR, Priority, Match, Action, State))
lrp_ip_dnat_stage2(LR, Priority, Match, Action,
State) <= (nat.ldnat_xlate_stage2(
LR, Priority, Match, Action, State))
#automatic route
lrp_ip_route(LR, Priority, Match, Action, State) <= (
lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS,
State) & (State != 0) &
(Priority == _cal_priority(LRP[LRP_PREFIX], 0, LRP[LRP_ILK_IDX]))
& match.ip_proto(Match1)
& match.ip_dst_prefix(LRP[LRP_IP], LRP[LRP_PREFIX], Match2) &
(Match == Match1 + Match2)
& action.load(LRP[LRP_PORTID], NXM_Reg(REG_DST_IDX), Action1)
& action.load(LRP[LRP_MAC_INT], NXM_Reg(ETH_SRC_IDX), Action2)
& action.move(NXM_Reg(IP_DST_IDX), NXM_Reg(REG2_IDX), Action3) &
# lrp_handle_unknow_dst_pkt may use it to modify IP to
# construct right arp request
action.load(LRP[LRP_IP_INT], NXM_Reg(REG3_IDX), Action4)
& action.resubmit_next(Action5) &
(Action == Action1 + Action2 + Action3 + Action4 + Action5))
if options.has_key('GATEWAY'):
_static_route_changed(Route, LR, LRP, State) <= (
local_system_id(UUID_CHASSIS)
& lroute_array(Route, UUID_LR, State1) & lsp_link_lrp(
LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_CHASSIS, State2) &
(Route[LSR_OUTPORT] == LRP[LRP_UUID])
& local_patchport(LSP1, LS, State3) &
(State == State1 + State2 + State3) & (State != 0))
_next_live_hop_lr(UUID_LRP, LRP, LR, LR_NEXT,
State) <= (next_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State)
& (LR_NEXT[LR_CHASSIS_UUID] == None))
# if next LR is pining on a chassis, tuplenet have to verify if the geneve
# tunnel port had been create. Otherwise, some packet may deliver to this
# LR which has no tunnel port to remote chassis. It cause packet drop once
# a gateway chassis was re-add.
_next_live_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State) <= (
next_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State1) &
(LR_NEXT[LR_CHASSIS_UUID] != None) & remote_chassis(
LR_NEXT[LR_CHASSIS_UUID], PHY_CHASSIS_WITH_OFPORT, State2) &
(State == State1 + State2))
_next_live_hop_lr(UUID_LRP, LRP, LR, LR_NEXT,
State) <= (next_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State)
& local_system_id(LR_NEXT[LR_CHASSIS_UUID]))
_static_route_changed(Route, LR, LRP, State) <= (
lroute_array(Route, UUID_LR, State1)
& _next_live_hop_lr(Route[LSR_OUTPORT], LRP, LR, LR_NEXT, State2) &
(State == State1 + State2) & (State != 0))
#static route
lrp_ip_route(LR, Priority, Match, Action, State) <= (
_static_route_changed(Route, LR, LRP, State) &
(Priority == _cal_priority(Route[LSR_PREFIX], 1, Route[LSR_ILK_IDX]))
& match.ip_proto(Match1)
& match.ip_dst_prefix(Route[LSR_IP], Route[LSR_PREFIX], Match2) &
(Match == Match1 + Match2)
& action.load(LRP[LRP_PORTID], NXM_Reg(REG_DST_IDX), Action1)
& action.load(LRP[LRP_MAC_INT], NXM_Reg(ETH_SRC_IDX), Action2)
& action.load(Route[LSR_NEXT_HOP_INT], NXM_Reg(REG2_IDX), Action3) &
# lrp_handle_unknow_dst_pkt may use it to modify IP to
# construct right arp request
action.load(LRP[LRP_IP_INT], NXM_Reg(REG3_IDX), Action4)
& action.resubmit_next(Action5) &
(Action == Action1 + Action2 + Action3 + Action4 + Action5))
# gateway chassis no need to consider ecmp
if not options.has_key('GATEWAY'):
lrp_ip_route(LR, Priority, Match, Action, State) <= (ecmp_static_route(
LR, Priority, Match, Action, State))
lrp_ecmp_judge(LR, Priority, Match,
Action, State) <= (ecmp_static_route_judge(
LR, Priority, Match, Action, State))
# drop packet if we cannot found route for this packet
lrp_ip_route(LR, Priority, Match, Action,
State) <= ((Priority == 0) & lr_array(LR, UUID_LR, State) &
(State != 0) & match.match_none(Match)
& action.resubmit_table(TABLE_DROP_PACKET, Action))