[dpdk-dev,v2,2/4] ethdev: Add vTEP encap/decap actions
Checks
Commit Message
Add new flow action types and associated action data structures to
support the encapsulation and decapsulation of the virtual tunnel
endpoints.
The RTE_FLOW_ACTION_TYPE_VTEP_ENCAP action will cause the matching
flow to be encapsulated in the virtual tunnel endpoint overlay
defined in the vtep_encap action data.
The RTE_FLOW_ACTION_TYPE_VTEP_DECAP action will cause all virtual tunnel
endpoint overlays up to and including the first instance of the flow
item type defined in the vtep_decap action data for the matching flows.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
---
doc/guides/prog_guide/rte_flow.rst | 77 ++++++++++++++++++++++++++++++++++++--
lib/librte_ether/rte_flow.h | 60 +++++++++++++++++++++++++++--
2 files changed, 131 insertions(+), 6 deletions(-)
Comments
05/04/2018 15:51, Declan Doherty:
> +/**
> + * RTE_FLOW_ACTION_TYPE_VTEP_ENCAP
> + *
> + * Virtual tunnel end-point encapsulation action data.
> + *
> + * Non-terminating action by default.
> + */
> +struct rte_flow_action_vtep_encap {
> + struct rte_flow_action_item {
> + enum rte_flow_item_type type;
> + /**< Flow item type. */
> + const void *item;
> + /**< Flow item definition. */
> + } *pattern;
> + /**<
> + * vTEP pattern specification (list terminated by the END pattern item).
> + */
> +};
> +
> +/**
> + * RTE_FLOW_ACTION_TYP_VTEP_DECAP
> + *
> + * Virtual tunnel end-point decapsulation action data.
> + *
> + * Non-terminating action by default.
> + */
> +struct rte_flow_action_vtep_decap {
> + enum rte_flow_item_type type;
> + /**<
> + * Flow item type of virtual tunnel end-point to be decapsulated
> + */
> +};
Question about the naming:
Why using the terminology VTEP instead of TUNNEL simply?
I probably miss something, but tunnel encap/decap looks simpler to me.
On 05/04/2018 17:42, Thomas Monjalon wrote:
> 05/04/2018 15:51, Declan Doherty:
>> +/**
>> + * RTE_FLOW_ACTION_TYPE_VTEP_ENCAP
>> + *
>> + * Virtual tunnel end-point encapsulation action data.
>> + *
>> + * Non-terminating action by default.
>> + */
>> +struct rte_flow_action_vtep_encap {
>> + struct rte_flow_action_item {
>> + enum rte_flow_item_type type;
>> + /**< Flow item type. */
>> + const void *item;
>> + /**< Flow item definition. */
>> + } *pattern;
>> + /**<
>> + * vTEP pattern specification (list terminated by the END pattern item).
>> + */
>> +};
>> +
>> +/**
>> + * RTE_FLOW_ACTION_TYP_VTEP_DECAP
>> + *
>> + * Virtual tunnel end-point decapsulation action data.
>> + *
>> + * Non-terminating action by default.
>> + */
>> +struct rte_flow_action_vtep_decap {
>> + enum rte_flow_item_type type;
>> + /**<
>> + * Flow item type of virtual tunnel end-point to be decapsulated
>> + */
>> +};
> Question about the naming:
> Why using the terminology VTEP instead of TUNNEL simply?
> I probably miss something, but tunnel encap/decap looks simpler to me.
Initial thought was that the tunnel terminology may conflict with
existing tunnel item types and their uses. In previous terminologies, it
was assumed that to create a tunneled flows, each time a tunnel item has
to be specified in the patterns.
Now with the endpoint concept, the tunnel endpoint will be created once
only, in for each subsequent flows created that is supposed to use the
tunnel, will use the tunnel metadata during the flow creation. Hence
comes the terminology virtual tunnel endpoint (VTEP). It does not harm
to use tunnel instead of vtep except the endpoint term is mission. In
the next patch TUNNEL terminology is used instead of VTEP.
@@ -997,9 +997,11 @@ Actions
Each possible action is represented by a type. Some have associated
configuration structures. Several actions combined in a list can be assigned
-to a flow rule. That list is not ordered.
+to a flow rule. That list is not ordered, with the exception of actions which
+modify the packet itself, these packet modification actions must be specified
+in the explicit order in which they are to be executed.
-They fall in three categories:
+They fall in four categories:
- Terminating actions (such as QUEUE, DROP, RSS, PF, VF) that prevent
processing matched packets by subsequent flow rules, unless overridden
@@ -1008,8 +1010,11 @@ They fall in three categories:
- Non-terminating actions (PASSTHRU, DUP) that leave matched packets up for
additional processing by subsequent flow rules.
+- Non-terminating meta actions that do not affect the fate of packets but result
+ in modification of the packet itself (SECURITY, VTEP_ENCAP, VTEP_DECAP).
+
- Other non-terminating meta actions that do not affect the fate of packets
- (END, VOID, MARK, FLAG, COUNT, SECURITY).
+ (END, VOID, MARK, FLAG, COUNT).
When several actions are combined in a flow rule, they should all have
different types (e.g. dropping a packet twice is not possible).
@@ -1486,6 +1491,72 @@ fields in the pattern items.
| 1 | END |
+-------+----------+
+
+Action: ``VTEP_ENCAP``
+^^^^^^^^^^^^^^^^^^^^^^
+
+Performs an encapsulation action by encapsulating the flows matched by the
+pattern items according to the network overlay defined in the
+``rte_flow_action_vtep_encap`` pattern items.
+
+This action modifies the payload of matched flows. The pattern items specified
+in the ``rte_flow_action_vtep_encap`` action structure must defined a valid
+set of overlay headers, from the Ethernet header up to the overlay header. The
+pattern must be terminated with the RTE_FLOW_ITEM_TYPE_END item type.
+
+- Non-terminating by default.
+
+.. _table_rte_flow_action_vtep_encap:
+
+.. table:: VTEP_ENCAP
+
+ +-------------+---------------------------------------------+
+ | Field | Value |
+ +=============+=============================================+
+ | ``pattern`` | Virtual tunnel end-point pattern definition |
+ +-------------+---------------------------------------------+
+
+
+.. _table_rte_flow_action_vtep_encap_example:
+
+.. table:: IPv4 VxLAN flow pattern example.
+
+ +-------+--------------------------+------------+
+ | Index | Flow Item Type | Flow Item |
+ +=======+==========================+============+
+ | 0 | RTE_FLOW_ITEM_TYPE_ETH | eth item |
+ +-------+--------------------------+------------+
+ | 1 | RTE_FLOW_ITEM_TYPE_IPV4 | ipv4 item |
+ +-------+--------------------------+------------+
+ | 2 | RTE_FLOW_ITEM_TYPE_UDP | udp item |
+ +-------+--------------------------+------------+
+ | 3 | RTE_FLOW_ITEM_TYPE_VXLAN | vxlan item |
+ +-------+--------------------------+------------+
+ | 4 | RTE_FLOW_ITEM_TYPE_END | NULL |
+ +-------+--------------------------+------------+
+
+
+Action: ``VTEP_DECAP``
+^^^^^^^^^^^^^^^^^^^^^^
+
+Performs a decapsulation action by stripping all headers of the virtual tunnel
+end-point overlay up to the header defined by the flow item type of flows
+matched by the pattern items.
+
+This action modifies the payload of matched flows. The flow item type specified
+in the ``rte_flow_action_vtep_decap`` action structure must defined a valid
+set of overlay header type.
+
+- Non-terminating by default.
+
+.. _table_rte_flow_action_vtep_decap:
+
+ +---------------+----------------------------------------------+
+ | Field | Value |
+ +===============+==============================================+
+ | ``item type`` | Item type of tunnel end-point to decapsulate |
+ +---------------+----------------------------------------------+
+
Negative types
~~~~~~~~~~~~~~
@@ -854,14 +854,17 @@ struct rte_flow_item {
const void *mask; /**< Bit-mask applied to spec and last. */
};
+
/**
* Action types.
*
* Each possible action is represented by a type. Some have associated
* configuration structures. Several actions combined in a list can be
- * affected to a flow rule. That list is not ordered.
+ * affected to a flow rule. That list is not ordered, with the exception of
+ * actions which modify the packet itself, these packet modification actions
+ * must be specified in the explicit order in which they are to be executed.
*
- * They fall in three categories:
+ * They fall in four categories:
*
* - Terminating actions (such as QUEUE, DROP, RSS, PF, VF) that prevent
* processing matched packets by subsequent flow rules, unless overridden
@@ -870,6 +873,10 @@ struct rte_flow_item {
* - Non terminating actions (PASSTHRU, DUP) that leave matched packets up
* for additional processing by subsequent flow rules.
*
+ * - Non terminating meta actions that do not affect the fate of
+ * packets but result in modification of the packet itself (SECURITY,
+ * VTEP_ENCAP, VTEP_DECAP).
+ *
* - Other non terminating meta actions that do not affect the fate of
* packets (END, VOID, MARK, FLAG, COUNT).
*
@@ -1022,7 +1029,21 @@ enum rte_flow_action_type {
*
* See struct rte_flow_action_group_count.
*/
- RTE_FLOW_ACTION_TYPE_GROUP_COUNT
+ RTE_FLOW_ACTION_TYPE_GROUP_COUNT,
+ /**
+ * Encapsulate flow in defined vTEP defined in
+ * rte_flow_action_vtep_encap structure.
+ *
+ * See struct rte_flow_action_vtep_encap.
+ */
+ RTE_FLOW_ACTION_TYPE_VTEP_ENCAP,
+
+ /**
+ * Decapsulate all the headers of the vTEP
+ *
+ * See struct rte_flow_action_vtep_decap.
+ */
+ RTE_FLOW_ACTION_TYPE_VTEP_DECAP
};
/**
@@ -1172,6 +1193,39 @@ struct rte_flow_action_group_count {
uint32_t id;
};
+/**
+ * RTE_FLOW_ACTION_TYPE_VTEP_ENCAP
+ *
+ * Virtual tunnel end-point encapsulation action data.
+ *
+ * Non-terminating action by default.
+ */
+struct rte_flow_action_vtep_encap {
+ struct rte_flow_action_item {
+ enum rte_flow_item_type type;
+ /**< Flow item type. */
+ const void *item;
+ /**< Flow item definition. */
+ } *pattern;
+ /**<
+ * vTEP pattern specification (list terminated by the END pattern item).
+ */
+};
+
+/**
+ * RTE_FLOW_ACTION_TYP_VTEP_DECAP
+ *
+ * Virtual tunnel end-point decapsulation action data.
+ *
+ * Non-terminating action by default.
+ */
+struct rte_flow_action_vtep_decap {
+ enum rte_flow_item_type type;
+ /**<
+ * Flow item type of virtual tunnel end-point to be decapsulated
+ */
+};
+
/**
* Definition of a single action.
*