def init_lrp_ingress_clause(options): init_ecmp_clause(options) # response ICMP packet if receiving ICMP request lrp_pkt_response(LR, Priority, Match, Action, State) <= ( (Priority == 3) & lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State) & (State != 0) & match.icmp_proto(Match1) & match.icmp_type(8, Match2) & match.icmp_code(0, Match3) & match.ip_dst(LRP[LRP_IP], Match4) & (Match == Match1 + Match2 + Match3 + Match4) & action.exchange(NXM_Reg(IP_SRC_IDX), NXM_Reg(IP_DST_IDX), Action1) & action.load(0xff, NXM_Reg(IP_TTL_IDX), Action2) & action.load(0, NXM_Reg(ICMP_TYPE_IDX), Action3) & action.move(NXM_Reg(REG_SRC_IDX), NXM_Reg(REG_DST_IDX), Action4) & action.load(1, NXM_Reg(REG_FLAG_IDX, FLAG_LOOPBACK_BIT_IDX, FLAG_LOOPBACK_BIT_IDX), Action5) & action.resubmit_next(Action6) & (Action == Action1 + Action2 + Action3 + Action4 + Action5 + Action6) ) lrp_pkt_response(LR, Priority, Match, Action, State) <= ( (Priority == 0) & lr_array(LR, UUID_LR, State) & (State != 0) & match.ip_proto(Match) & action.resubmit_next(Action)) lrp_drop_unexpect(LR, Priority, Match, Action, State) <= ( (Priority == 2) & lr_array(LR, UUID_LR, State) & (State != 0) & match.ip_proto(Match1) & match.ip_ttl(1, Match2) & (Match == Match1 + Match2) & action.resubmit_table(TABLE_DROP_PACKET, Action) ) lrp_drop_unexpect(LR, Priority, Match, Action, State) <= ( (Priority == 0) & lr_array(LR, UUID_LR, State) & (State != 0) & match.ip_proto(Match) & action.dec_ttl(Action1) & action.resubmit_next(Action2) & (Action == Action1 + Action2) ) lrp_ip_unsnat_stage1(LR, Priority, Match, Action, State) <= ( nat.lunsnat_xlate_stage1(LR, Priority, Match, Action, State)) lrp_ip_unsnat_stage2(LR, Priority, Match, Action, State) <= ( nat.lunsnat_xlate_stage2(LR, Priority, Match, Action, State)) lrp_ip_dnat_stage1(LR, Priority, Match, Action, State) <= ( nat.ldnat_xlate_stage1(LR, Priority, Match, Action, State)) lrp_ip_dnat_stage2(LR, Priority, Match, Action, State) <= ( nat.ldnat_xlate_stage2(LR, Priority, Match, Action, State)) #automatic route lrp_ip_route(LR, Priority, Match, Action, State) <= ( lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State) & (State != 0) & (Priority == LRP[LRP_PREFIX] * 3) & match.ip_proto(Match1) & match.ip_dst_prefix(LRP[LRP_IP], LRP[LRP_PREFIX], Match2) & (Match == Match1 + Match2) & action.load(LRP[LRP_PORTID], NXM_Reg(REG_DST_IDX), Action1) & action.load(LRP[LRP_MAC_INT], NXM_Reg(ETH_SRC_IDX), Action2) & action.move(NXM_Reg(IP_DST_IDX), NXM_Reg(REG2_IDX), Action3) & # lrp_handle_unknow_dst_pkt may use it to modify IP to # construct right arp request action.load(LRP[LRP_IP_INT], NXM_Reg(REG3_IDX), Action4) & action.resubmit_next(Action5) & (Action == Action1 + Action2 + Action3 + Action4 + Action5) ) #static route lrp_ip_route(LR, Priority, Match, Action, State) <= ( lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State1) & (lroute_array(Route, UUID_LR, State2)) & (State == State1 + State2) & (State != 0) & (UUID_LR == LR[LR_UUID]) & # only match the first outport (LRP[LRP_UUID] == Route[LSR_OUTPORT]) & (Priority == 1 + Route[LSR_PREFIX] * 3) & match.ip_proto(Match1) & match.ip_dst_prefix(Route[LSR_IP], Route[LSR_PREFIX], Match2) & (Match == Match1 + Match2) & action.load(LRP[LRP_PORTID], NXM_Reg(REG_DST_IDX), Action1) & action.load(LRP[LRP_MAC_INT], NXM_Reg(ETH_SRC_IDX), Action2) & action.load(Route[LSR_NEXT_HOP_INT], NXM_Reg(REG2_IDX), Action3) & # lrp_handle_unknow_dst_pkt may use it to modify IP to # construct right arp request action.load(LRP[LRP_IP_INT], NXM_Reg(REG3_IDX), Action4) & action.resubmit_next(Action5) & (Action == Action1 + Action2 + Action3 + Action4 + Action5) ) # gateway chassis no need to consider ecmp if not options.has_key('GATEWAY'): lrp_ip_route(LR, Priority, Match, Action, State) <= ( ecmp_static_route(LR, Priority, Match, Action, State) ) lrp_ecmp_judge(LR, Priority, Match, Action, State) <= ( ecmp_static_route_judge(LR, Priority, Match, Action, State) ) # drop packet if we cannot found route for this packet lrp_ip_route(LR, Priority, Match, Action, State) <= ( (Priority == 0) & lr_array(LR, UUID_LR, State) & (State != 0) & match.match_none(Match) & action.resubmit_table(TABLE_DROP_PACKET, Action) )
pyDatalog.create_terms('lunsnat_xlate_stage1, lunsnat_xlate_stage2') pyDatalog.create_terms('ldnat_xlate_stage1, ldnat_xlate_stage2') pyDatalog.create_terms('lundnat_xlate_stage1, lundnat_xlate_stage2') pyDatalog.create_terms('LNAT1, LNAT2') lunsnat_xlate_stage1(LR, Priority, Match, Action, State) <= ( (Priority == 2) & lnat_data(LNAT1, LR, 'snat', UUID_LR, State1) & lnat_data(LNAT2, LR1, 'dnat', UUID_LR, State2) & (State == State1 + State2) & (State != 0) & (LNAT1[LNAT_XLATE_IP] == LNAT2[LNAT_XLATE_IP]) & (LNAT1[LNAT_IP] == LNAT2[LNAT_IP]) & (LNAT1[LNAT_PREFIX] == 32) & (LNAT2[LNAT_PREFIX] == 32) & match.ip_proto(Match1) & match.ip_dst(LNAT1[LNAT_XLATE_IP], Match2) & (Match == Match1 + Match2) & action.mod_nw_dst(LNAT1[LNAT_IP], Action1) & action.resubmit_next(Action2) & (Action == Action1 + Action2) ) lunsnat_xlate_stage1(LR, Priority, Match, Action, State) <= ( (Priority == 1) & lnat_data(LNAT, LR, 'snat', UUID_LR, State) & (State != 0) & match.ip_proto(Match1) & match.ip_dst(LNAT[LNAT_XLATE_IP], Match2) & (Match == Match1 + Match2) & action.unsnat(fc.TABLE_LRP_INGRESS_UNSNAT_STAGE2, Action) )
def init_lrp_ingress_clause(options): init_ecmp_clause(options) if options.has_key('GATEWAY'): _live_lsp_link_lrp( LSP, LS, UUID_LS, LRP, LR, UUID_LR, None, State) <= (lsp_link_lrp( LSP, LS, UUID_LS, LRP, LR, UUID_LR, None, State)) _live_lsp_link_lrp( LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State) <= (lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State1) & chassis_array(PHY_CHASSIS, UUID_LR_CHASSIS, State2) & (State == State1 + State2)) else: _live_lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State) <= (lsp_link_lrp( LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State)) # response ICMP packet if receiving ICMP request lrp_pkt_response(LR, Priority, Match, Action, State) <= ( (Priority == 3) & _live_lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State) & (State != 0) & match.icmp_proto(Match1) & match.icmp_type(8, Match2) & match.icmp_code(0, Match3) & match.ip_dst(LRP[LRP_IP], Match4) & (Match == Match1 + Match2 + Match3 + Match4) & action.exchange(NXM_Reg(IP_SRC_IDX), NXM_Reg(IP_DST_IDX), Action1) & action.load(0xff, NXM_Reg(IP_TTL_IDX), Action2) & action.load(0, NXM_Reg(ICMP_TYPE_IDX), Action3) & action.move( NXM_Reg(REG_SRC_IDX), NXM_Reg(REG_DST_IDX), Action4) & action.load( 1, NXM_Reg(REG_FLAG_IDX, FLAG_LOOPBACK_BIT_IDX, FLAG_LOOPBACK_BIT_IDX), Action5) & action.resubmit_next(Action6) & (Action == Action1 + Action2 + Action3 + Action4 + Action5 + Action6)) lrp_pkt_response(LR, Priority, Match, Action, State) <= ( (Priority == 0) & lr_array(LR, UUID_LR, State) & (State != 0) & match.ip_proto(Match) & action.resubmit_next(Action)) lrp_drop_unexpect(LR, Priority, Match, Action, State) <= ( (Priority == 2) & lr_array(LR, UUID_LR, State) & (State != 0) & match.ip_proto(Match1) & match.ip_ttl(1, Match2) & (Match == Match1 + Match2) & action.resubmit_table(TABLE_DROP_PACKET, Action)) lrp_drop_unexpect(LR, Priority, Match, Action, State) <= ( (Priority == 0) & lr_array(LR, UUID_LR, State) & (State != 0) & match.ip_proto(Match) & action.dec_ttl(Action1) & action.resubmit_next(Action2) & (Action == Action1 + Action2)) lrp_ip_unsnat_stage1(LR, Priority, Match, Action, State) <= (nat.lunsnat_xlate_stage1( LR, Priority, Match, Action, State)) lrp_ip_unsnat_stage2(LR, Priority, Match, Action, State) <= (nat.lunsnat_xlate_stage2( LR, Priority, Match, Action, State)) lrp_ip_dnat_stage1(LR, Priority, Match, Action, State) <= (nat.ldnat_xlate_stage1( LR, Priority, Match, Action, State)) lrp_ip_dnat_stage2(LR, Priority, Match, Action, State) <= (nat.ldnat_xlate_stage2( LR, Priority, Match, Action, State)) #automatic route lrp_ip_route(LR, Priority, Match, Action, State) <= ( lsp_link_lrp(LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_LR_CHASSIS, State) & (State != 0) & (Priority == _cal_priority(LRP[LRP_PREFIX], 0, LRP[LRP_ILK_IDX])) & match.ip_proto(Match1) & match.ip_dst_prefix(LRP[LRP_IP], LRP[LRP_PREFIX], Match2) & (Match == Match1 + Match2) & action.load(LRP[LRP_PORTID], NXM_Reg(REG_DST_IDX), Action1) & action.load(LRP[LRP_MAC_INT], NXM_Reg(ETH_SRC_IDX), Action2) & action.move(NXM_Reg(IP_DST_IDX), NXM_Reg(REG2_IDX), Action3) & # lrp_handle_unknow_dst_pkt may use it to modify IP to # construct right arp request action.load(LRP[LRP_IP_INT], NXM_Reg(REG3_IDX), Action4) & action.resubmit_next(Action5) & (Action == Action1 + Action2 + Action3 + Action4 + Action5)) if options.has_key('GATEWAY'): _static_route_changed(Route, LR, LRP, State) <= ( local_system_id(UUID_CHASSIS) & lroute_array(Route, UUID_LR, State1) & lsp_link_lrp( LSP, LS, UUID_LS, LRP, LR, UUID_LR, UUID_CHASSIS, State2) & (Route[LSR_OUTPORT] == LRP[LRP_UUID]) & local_patchport(LSP1, LS, State3) & (State == State1 + State2 + State3) & (State != 0)) _next_live_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State) <= (next_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State) & (LR_NEXT[LR_CHASSIS_UUID] == None)) # if next LR is pining on a chassis, tuplenet have to verify if the geneve # tunnel port had been create. Otherwise, some packet may deliver to this # LR which has no tunnel port to remote chassis. It cause packet drop once # a gateway chassis was re-add. _next_live_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State) <= ( next_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State1) & (LR_NEXT[LR_CHASSIS_UUID] != None) & remote_chassis( LR_NEXT[LR_CHASSIS_UUID], PHY_CHASSIS_WITH_OFPORT, State2) & (State == State1 + State2)) _next_live_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State) <= (next_hop_lr(UUID_LRP, LRP, LR, LR_NEXT, State) & local_system_id(LR_NEXT[LR_CHASSIS_UUID])) _static_route_changed(Route, LR, LRP, State) <= ( lroute_array(Route, UUID_LR, State1) & _next_live_hop_lr(Route[LSR_OUTPORT], LRP, LR, LR_NEXT, State2) & (State == State1 + State2) & (State != 0)) #static route lrp_ip_route(LR, Priority, Match, Action, State) <= ( _static_route_changed(Route, LR, LRP, State) & (Priority == _cal_priority(Route[LSR_PREFIX], 1, Route[LSR_ILK_IDX])) & match.ip_proto(Match1) & match.ip_dst_prefix(Route[LSR_IP], Route[LSR_PREFIX], Match2) & (Match == Match1 + Match2) & action.load(LRP[LRP_PORTID], NXM_Reg(REG_DST_IDX), Action1) & action.load(LRP[LRP_MAC_INT], NXM_Reg(ETH_SRC_IDX), Action2) & action.load(Route[LSR_NEXT_HOP_INT], NXM_Reg(REG2_IDX), Action3) & # lrp_handle_unknow_dst_pkt may use it to modify IP to # construct right arp request action.load(LRP[LRP_IP_INT], NXM_Reg(REG3_IDX), Action4) & action.resubmit_next(Action5) & (Action == Action1 + Action2 + Action3 + Action4 + Action5)) # gateway chassis no need to consider ecmp if not options.has_key('GATEWAY'): lrp_ip_route(LR, Priority, Match, Action, State) <= (ecmp_static_route( LR, Priority, Match, Action, State)) lrp_ecmp_judge(LR, Priority, Match, Action, State) <= (ecmp_static_route_judge( LR, Priority, Match, Action, State)) # drop packet if we cannot found route for this packet lrp_ip_route(LR, Priority, Match, Action, State) <= ((Priority == 0) & lr_array(LR, UUID_LR, State) & (State != 0) & match.match_none(Match) & action.resubmit_table(TABLE_DROP_PACKET, Action))