bgpd: add bgp_pbr_route structure

This structure is the model exchange between some bgp services like
flowspec and the policy routing service. This structure reflects what
the nlri entry means. To handle that structure, a dump routine is made
available. Also, a validation function is here to cancel a policy route
installation, whenever it is not possible to install the requested
policy routing.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

1 files changed, 130 insertions, 2 deletions

diff --git a/bgpd/bgp_pbr.h b/bgpd/bgp_pbr.h
index 62fe7aa4f..6ed8b297d 100644
--- a/bgpd/bgp_pbr.h
+++ b/bgpd/bgp_pbr.h
@@ -22,6 +22,132 @@
 #include "nexthop.h"
 #include "zclient.h"
 
+/* flowspec case: 0 to 3 actions maximum:
+ * 1 redirect
+ * 1 set dscp
+ * 1 set traffic rate
+ */
+#define ACTIONS_MAX_NUM 4
+enum bgp_pbr_action_enum {
+	ACTION_TRAFFICRATE = 1,
+	ACTION_TRAFFIC_ACTION = 2,
+	ACTION_REDIRECT = 3,
+	ACTION_MARKING = 4,
+	ACTION_REDIRECT_IP = 5
+};
+
+#define TRAFFIC_ACTION_SAMPLE     (1 << 0)
+#define TRAFFIC_ACTION_TERMINATE  (1 << 1)
+#define TRAFFIC_ACTION_DISTRIBUTE (1 << 2)
+
+#define OPERATOR_COMPARE_LESS_THAN    (1<<1)
+#define OPERATOR_COMPARE_GREATER_THAN (1<<2)
+#define OPERATOR_COMPARE_EQUAL_TO     (1<<3)
+#define OPERATOR_COMPARE_EXACT_MATCH  (1<<4)
+
+#define OPERATOR_UNARY_OR    (1<<1)
+#define OPERATOR_UNARY_AND   (1<<2)
+
+/* struct used to store values [0;65535]
+ * this can be used for port number of protocol
+ */
+#define BGP_PBR_MATCH_VAL_MAX 5
+
+struct bgp_pbr_match_val {
+	uint16_t value;
+	uint8_t compare_operator;
+	uint8_t unary_operator;
+} bgp_pbr_value_t;
+
+#define FRAGMENT_DONT  1
+#define FRAGMENT_IS    2
+#define FRAGMENT_FIRST 4
+#define FRAGMENT_LAST  8
+
+struct bgp_pbr_fragment_val {
+	uint8_t bitmask;
+};
+
+struct bgp_pbr_entry_action {
+	/* used to store enum bgp_pbr_action_enum enumerate */
+	uint8_t action;
+	union {
+		union {
+			uint8_t rate_info[4]; /* IEEE.754.1985 */
+			float rate;
+		} r __attribute__((aligned(8)));
+		struct _pbr_action {
+			uint8_t do_sample;
+			uint8_t filter;
+		} za;
+		vrf_id_t redirect_vrf;
+		struct _pbr_redirect_ip {
+			struct in_addr redirect_ip_v4;
+			uint8_t duplicate;
+		} zr;
+		uint8_t marking_dscp;
+	} u __attribute__((aligned(8)));
+};
+
+/* BGP Policy Route structure */
+struct bgp_pbr_entry_main {
+	uint8_t type;
+	uint16_t instance;
+
+	uint32_t flags;
+
+	uint8_t message;
+
+	/*
+	 * This is an enum but we are going to treat it as a uint8_t
+	 * for purpose of encoding/decoding
+	 */
+	afi_t afi;
+	safi_t safi;
+
+#define PREFIX_SRC_PRESENT (1 << 0)
+#define PREFIX_DST_PRESENT (1 << 1)
+#define FRAGMENT_PRESENT   (1 << 2)
+	uint8_t match_bitmask;
+
+	uint8_t match_src_port_num;
+	uint8_t match_dst_port_num;
+	uint8_t match_port_num;
+	uint8_t match_protocol_num;
+	uint8_t match_icmp_type_num;
+	uint8_t match_icmp_code_num;
+	uint8_t match_packet_length_num;
+	uint8_t match_dscp_num;
+	uint8_t match_tcpflags_num;
+
+	struct prefix src_prefix;
+	struct prefix dst_prefix;
+
+	struct bgp_pbr_match_val protocol[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val src_port[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val dst_port[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val port[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val icmp_type[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val icmp_code[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val packet_length[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val dscp[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_match_val tcpflags[BGP_PBR_MATCH_VAL_MAX];
+	struct bgp_pbr_fragment_val fragment;
+
+	uint16_t action_num;
+	struct bgp_pbr_entry_action actions[ACTIONS_MAX_NUM];
+
+	uint8_t distance;
+
+	uint32_t metric;
+
+	route_tag_t tag;
+
+	uint32_t mtu;
+
+	vrf_id_t vrf_id;
+};
+
 struct bgp_pbr_match {
 	char ipset_name[ZEBRA_IPSET_NAME_SIZE];
 
@@ -29,8 +155,8 @@ struct bgp_pbr_match {
 	 */
 	uint32_t type;
 
-#define MATCH_IP_SRC_SET    1 << 0
-#define MATCH_IP_DST_SET    1 << 1
+#define MATCH_IP_SRC_SET		(1 << 0)
+#define MATCH_IP_DST_SET		(1 << 1)
 	uint32_t flags;
 
 	vrf_id_t vrf_id;
@@ -113,4 +239,6 @@ extern uint32_t bgp_pbr_match_hash_key(void *arg);
 extern int bgp_pbr_match_hash_equal(const void *arg1,
 				    const void *arg2);
 
+void bgp_pbr_print_policy_route(struct bgp_pbr_entry_main *api);
+
 #endif /* __BGP_PBR_H__ */