diff options
author | Anand B Jyoti <anand.b.jyoti@intel.com> | 2017-04-18 13:36:02 +0530 |
---|---|---|
committer | Deepak S <deepak.s@linux.intel.com> | 2017-04-19 03:15:39 -0700 |
commit | a59ed4772da29826915010a7c9d34b5ebd256c42 (patch) | |
tree | 05f9a4f3c7a6ef86c1ece39771120741a9cb2a75 /VNFs/vFW/config | |
parent | 8a4e9e534fcb1ef718ed5c1089fdc8698b13fb7f (diff) |
vFW: Adding Virtual Firewall VNF
JIRA: SAMPLEVNF-4
vFW supports following features:
- Basic packet filtering (malformed packets, IP fragments)
- Connection tracking for TCP and UDP
- Access Control List for rule based policy enforcement
- SYN-flood protection via Synproxy* for TCP
- UDP, TCP and ICMP protocol pass-through
- CLI based enable/disable connection tracking, synproxy,
basic packet filtering
- Hardware and Software Load Balancing
- L2L3 stack support for ARP/ICMP handling
- Multithread support
- Multiple physical port support
Change-Id: I96d28858488ed8764370d161975bc1e0557c8b20
Signed-off-by: Anand B Jyoti <anand.b.jyoti@intel.com>
[Push patch to gerrit]
Signed-off-by: Deepak S <deepak.s@linux.intel.com>
Diffstat (limited to 'VNFs/vFW/config')
24 files changed, 2190 insertions, 0 deletions
diff --git a/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_1Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_1Thread.cfg new file mode 100644 index 00000000..a274506b --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_1Thread.cfg @@ -0,0 +1,60 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ad102814,ff000000,2,ad102814) (cb106414,ff000000,0,cb106414) +arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,1,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ1.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,2)(1,3) +prv_que_handler = (0,1) +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0 +pktq_out = TXQ0.1 TXQ1.1 TXQ2.1 TXQ3.1 SWQ0 + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + + + + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_4Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_4Thread.cfg new file mode 100644 index 00000000..7d543c83 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_4Thread.cfg @@ -0,0 +1,119 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 SWQ1 SWQ2 SWQ3 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ad102814,ff000000,2,ad102814) (cb106414,ff000000,0,cb106414) +arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,1,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ1.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,2)(1,3) +prv_que_handler = (0,1) +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0 +pktq_out = TXQ0.1 TXQ1.1 TXQ2.1 TXQ3.1 SWQ0 + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE3] +type = VFW +core = 3 +pktq_in = RXQ0.1 RXQ1.1 RXQ2.1 RXQ3.1 +pktq_out = TXQ0.2 TXQ1.2 TXQ2.2 TXQ3.2 SWQ1 +; +; +;n_rules = 10000 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE4] +type = VFW +core = 4 +pktq_in = RXQ0.2 RXQ1.2 RXQ2.2 RXQ3.2 +pktq_out = TXQ0.3 TXQ1.3 TXQ2.3 TXQ3.3 SWQ2 +; +; +;n_rules = 10000 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = 5 +pktq_in = RXQ0.3 RXQ1.3 RXQ2.3 RXQ3.3 +pktq_out = TXQ0.4 TXQ1.4 TXQ2.4 TXQ3.4 SWQ3 +; +; +;n_rules = 10000 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_script.tc b/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_script.tc new file mode 100644 index 00000000..06702077 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV4_MultiPortPair_script.tc @@ -0,0 +1,86 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config 203.16.100.10 8 +link 0 up +link 1 down +link 1 config 202.16.100.10 8 +link 1 up +link 2 down +link 2 config 173.16.40.10 8 +link 2 up +link 3 down +link 3 config 172.16.40.10 8 +link 3 up +;p 1 arpadd 0 203.16.100.20 00:00:00:00:00:01 +;p 1 arpadd 2 173.16.40.20 00:00:00:00:00:04 +;p 1 arpadd 1 202.16.100.20 00:00:00:00:00:02 +;p 1 arpadd 3 172.16.40.20 00:00:00:00:00:03 +p action add 0 accept +p action add 0 fwd 2 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 0 +p action add 1 count + +p action add 2 accept +p action add 2 fwd 3 +p action add 2 count + +p action add 3 accept +p action add 3 fwd 1 +p action add 3 count + +p action add 4 drop +p action add 4 count + +p action add 5 drop +p action add 5 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack +p action add 3 conntrack + +p action add 4 conntrack +p action add 5 conntrack + +p vfw add 1 203.16.100.20 8 173.16.40.20 8 0 65535 67 69 0 0 4 +p vfw add 1 202.16.100.20 8 172.16.40.20 8 0 65535 67 69 0 0 5 + +p vfw add 2 203.16.100.20 8 173.16.40.20 8 0 65535 0 65535 0 0 0 +p vfw add 2 173.16.40.20 8 203.16.100.20 8 0 65535 0 65535 0 0 1 +p vfw add 2 202.16.100.20 8 172.16.40.20 8 0 65535 0 65535 0 0 2 +p vfw add 2 172.16.40.20 8 202.16.100.20 8 0 65535 0 65535 0 0 3 + +p vfw applyruleset +set fwd rxonly +set_sym_hash_ena_per_port 0 enable +set_hash_global_config 0 simple_xor ipv4-udp enable +set_sym_hash_ena_per_port 1 enable +set_hash_global_config 1 simple_xor ipv4-udp enable + +set_hash_input_set 0 ipv4-udp src-ipv4 dst-ipv4 udp-src-port udp-dst-port add +set_hash_input_set 1 ipv4-udp src-ipv4 dst-ipv4 udp-src-port udp-dst-port add + +set_sym_hash_ena_per_port 2 enable +set_hash_global_config 2 simple_xor ipv4-udp enable +set_sym_hash_ena_per_port 3 enable +set_hash_global_config 3 simple_xor ipv4-udp enable + +set_hash_input_set 2 ipv4-udp src-ipv4 dst-ipv4 udp-src-port udp-dst-port add +set_hash_input_set 3 ipv4-udp src-ipv4 dst-ipv4 udp-src-port udp-dst-port add + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_1Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_1Thread.cfg new file mode 100644 index 00000000..b90fad14 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_1Thread.cfg @@ -0,0 +1,59 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 + +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 +pktq_out = TXQ0.0 TXQ1.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ac102814,ff000000,1,ac102814) (ca106414,ff000000,0,ca106414) +;arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,1,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1) +prv_que_handler = (0) + +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 +pktq_out = TXQ0.1 TXQ1.1 SWQ0 + +;n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 4000000 +pkt_type = ipv4 +traffic_type = 4 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_4Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_4Thread.cfg new file mode 100644 index 00000000..dee9d97d --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_4Thread.cfg @@ -0,0 +1,117 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 + +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 SWQ1 SWQ2 SWQ3 +pktq_out = TXQ0.0 TXQ1.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ac102814,ff000000,1,ac102814) (ca106414,ff000000,0,ca106414) +;arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,1,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1) +prv_que_handler = (0) + +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 +pktq_out = TXQ0.1 TXQ1.1 SWQ0 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE3] +type = VFW +core = 3 +pktq_in = RXQ0.1 RXQ1.1 +pktq_out = TXQ0.2 TXQ1.2 SWQ1 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE4] +type = VFW +core = 4 +pktq_in = RXQ0.2 RXQ1.2 +pktq_out = TXQ0.3 TXQ1.3 SWQ2 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE5] +type = VFW +core = 5 +pktq_in = RXQ0.3 RXQ1.3 +pktq_out = TXQ0.4 TXQ1.4 SWQ3 +; +; +n_rules = 4096 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_script.tc b/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_script.tc new file mode 100644 index 00000000..ef585d72 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV4_SinglePortPair_script.tc @@ -0,0 +1,60 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config 202.16.100.10 8 +link 0 up +link 1 down +link 1 config 172.16.40.10 8 +link 1 up + +;p 1 arpadd 1 172.16.40.20 00:00:00:00:00:04 +;p 1 arpadd 0 202.16.100.20 00:00:00:00:00:01 + +p action add 0 accept +p action add 0 fwd 0 +p action add 0 count +p action add 1 accept +p action add 1 fwd 1 +p action add 1 count + +p action add 2 drop +p action add 2 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack +p action add 3 conntrack +p action add 4 conntrack +p action add 5 conntrack +p action add 6 conntrack +p action add 7 conntrack + +p vfw add 1 202.16.100.20 8 172.16.40.20 8 0 65535 67 69 0 0 2 +p vfw add 2 202.16.100.20 8 172.16.40.20 8 0 65535 0 65535 0 0 1 +p vfw add 2 172.16.40.20 8 202.16.100.20 8 0 65535 0 65535 0 0 0 + +p vfw applyruleset + +set fwd rxonly +set_sym_hash_ena_per_port 0 enable +set_hash_global_config 0 simple_xor ipv4-udp enable +set_sym_hash_ena_per_port 1 enable +set_hash_global_config 1 simple_xor ipv4-udp enable + +set_hash_input_set 0 ipv4-udp src-ipv4 dst-ipv4 udp-src-port udp-dst-port add +set_hash_input_set 1 ipv4-udp src-ipv4 dst-ipv4 udp-src-port udp-dst-port add + +p 1 arpls + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_1Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_1Thread.cfg new file mode 100644 index 00000000..ddf746e2 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_1Thread.cfg @@ -0,0 +1,58 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,2,2012::6a05:caff:fe30:2081) +nd_route_tbl = (fec1::6a05:caff:fe30:21b0,64,1,fec1::6a05:caff:fe30:21b0) +nd_route_tbl = (2016::6a05:caff:fe30:2081,64,3,2016::6a05:caff:fe30:2081) +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ1.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,2)(1,3) +prv_que_handler = (0,1) +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0 +pktq_out = TXQ0.1 TXQ1.1 TXQ2.1 TXQ3.1 SWQ0 + + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 diff --git a/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_4Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_4Thread.cfg new file mode 100644 index 00000000..5b1a1cd7 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_4Thread.cfg @@ -0,0 +1,119 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 SWQ1 SWQ2 SWQ3 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,2,2012::6a05:caff:fe30:2081) +nd_route_tbl = (fec1::6a05:caff:fe30:21b0,64,1,fec1::6a05:caff:fe30:21b0) +nd_route_tbl = (2016::6a05:caff:fe30:2081,64,3,2016::6a05:caff:fe30:2081) +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ1.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,2)(1,3) +prv_que_handler = (0,1) +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 RXQ2.0 RXQ3.0 +pktq_out = TXQ0.1 TXQ1.1 TXQ2.1 TXQ3.1 SWQ0 + + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE3] +type = VFW +core = 3 +pktq_in = RXQ0.1 RXQ1.1 RXQ2.1 RXQ3.1 +pktq_out = TXQ0.2 TXQ1.2 TXQ2.2 TXQ3.2 SWQ1 + + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE4] +type = VFW +core = 4 +pktq_in = RXQ0.2 RXQ1.2 RXQ2.2 RXQ3.2 +pktq_out = TXQ0.3 TXQ1.3 TXQ2.3 TXQ3.3 SWQ2 + + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = 5 +pktq_in = RXQ0.3 RXQ1.3 RXQ2.3 RXQ3.3 +pktq_out = TXQ0.4 TXQ1.4 TXQ2.4 TXQ3.4 SWQ3 + + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_script.tc b/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_script.tc new file mode 100644 index 00000000..00bf424d --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV6_MultiPortPair_script.tc @@ -0,0 +1,82 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config fec0:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 0 up +link 1 down +link 1 config fec1:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 1 up +link 2 down +link 2 config 2012:0000:0000:0000:6a05:caff:fe30:2071 64 +link 2 up +link 3 down +link 3 config 2016:0000:0000:0000:6a05:caff:fe30:2071 64 +link 3 up +;p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:00:00:00:00:01 +;p 1 arpadd 2 2012::6a05:caff:fe30:2081 00:00:00:00:00:04 +;p 1 arpadd 1 fec1::6a05:caff:fe30:21b0 00:00:00:00:00:02 +;p 1 arpadd 3 2016::6a05:caff:fe30:2081 00:00:00:00:00:03 +p action add 0 accept +p action add 0 fwd 2 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 0 +p action add 1 count + +p action add 2 accept +p action add 2 fwd 3 +p action add 2 count + +p action add 3 accept +p action add 3 fwd 1 +p action add 3 count + +p action add 4 drop +p action add 4 count + +p action add 5 drop +p action add 5 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack +p action add 3 conntrack +p action add 4 conntrack +p action add 5 conntrack + +p vfw add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 67 69 0 0 4 +p vfw add 1 fec1::6a05:caff:fe30:21b0 64 2016::6a05:caff:fe30:2081 64 0 65535 67 69 0 0 5 +p vfw add 2 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 0 +p vfw add 2 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 1 +p vfw add 2 fec1::6a05:caff:fe30:21b0 64 2016::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 2 +p vfw add 2 2016::6a05:caff:fe30:2081 64 fec1::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 3 +p vfw applyruleset +set fwd rxonly +set_sym_hash_ena_per_port 0 enable +set_hash_global_config 0 simple_xor ipv6-udp enable +set_sym_hash_ena_per_port 1 enable +set_hash_global_config 1 simple_xor ipv6-udp enable + +set_hash_input_set 0 ipv6-udp src-ipv6 dst-ipv6 udp-src-port udp-dst-port add +set_hash_input_set 1 ipv6-udp src-ipv6 dst-ipv6 udp-src-port udp-dst-port add + +set_sym_hash_ena_per_port 2 enable +set_hash_global_config 2 simple_xor ipv6-udp enable +set_sym_hash_ena_per_port 3 enable +set_hash_global_config 3 simple_xor ipv6-udp enable + +set_hash_input_set 2 ipv6-udp src-ipv6 dst-ipv6 udp-src-port udp-dst-port add +set_hash_input_set 3 ipv6-udp src-ipv6 dst-ipv6 udp-src-port udp-dst-port add diff --git a/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_1Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_1Thread.cfg new file mode 100644 index 00000000..ed2e8422 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_1Thread.cfg @@ -0,0 +1,59 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 +pktq_out = TXQ0.0 TXQ1.0 ;TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) +;arp_route_tbl = (98102814,ff000000,1,98102814) (c0106414,ff000000,0,c0106414) +;arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,1,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 ;00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 ;RXQ1.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1);(1,3) +prv_que_handler = (0) +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 ;RXQ2.0 RXQ3.0 +pktq_out = TXQ0.1 TXQ1.1 SWQ0;TXQ2.1 TXQ3.1 SWQ0 + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_4Thread.cfg b/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_4Thread.cfg new file mode 100644 index 00000000..fd9da8f2 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_4Thread.cfg @@ -0,0 +1,118 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ0 SWQ1 SWQ2 SWQ3 +pktq_out = TXQ0.0 TXQ1.0 ;TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) +;arp_route_tbl = (98102814,ff000000,1,98102814) (c0106414,ff000000,0,c0106414) +;arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,1,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 ;00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 ;RXQ1.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1);(1,3) +prv_que_handler = (0) +[PIPELINE2] +type = VFW +core = 2 +pktq_in = RXQ0.0 RXQ1.0 ;RXQ2.0 RXQ3.0 +pktq_out = TXQ0.1 TXQ1.1 SWQ0;TXQ2.1 TXQ3.1 SWQ0 + +;n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 + +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE3] +type = VFW +core = 3 +pktq_in = RXQ0.1 RXQ1.1 ;RXQ2.1 RXQ3.1 +pktq_out = TXQ0.2 TXQ1.2 SWQ1;TXQ2.2 TXQ3.2 SWQ1 +; +; +;n_rules = 10000 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE4] +type = VFW +core = 4 +pktq_in = RXQ0.2 RXQ1.2 ;RXQ2.2 RXQ3.2 +pktq_out = TXQ0.3 TXQ1.3 SWQ2;TXQ2.3 TXQ3.3 SWQ2 +; +; +;n_rules = 10000 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = 5 +pktq_in = RXQ0.3 RXQ1.3 ;RXQ2.2 RXQ3.2 +pktq_out = TXQ0.4 TXQ1.4 SWQ3;TXQ2.3 TXQ3.3 SWQ2 +; +; +;n_rules = 10000 +;n_flows gets round up to power of 2 + +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 + +tcp_be_liberal = 0 + diff --git a/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_script.tc b/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_script.tc new file mode 100644 index 00000000..c1579446 --- /dev/null +++ b/VNFs/vFW/config/VFW_HWLB_IPV6_SinglePortPair_script.tc @@ -0,0 +1,54 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config fec0:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 0 up + +link 1 down +link 1 config 2012:0000:0000:0000:6a05:caff:fe30:2071 64 +link 1 up + +;p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:00:00:00:00:01 +;p 1 arpadd 1 2012::6a05:caff:fe30:2081 00:00:00:00:00:04 + +p action add 0 accept +p action add 0 fwd 1 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 0 +p action add 1 count + +p action add 2 drop +p action add 2 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack + +p vfw add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 67 69 0 0 2 +p vfw add 2 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 0 +p vfw add 2 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 1 +p vfw applyruleset + +set fwd rxonly +set_sym_hash_ena_per_port 0 enable +set_hash_global_config 0 simple_xor ipv6-udp enable +set_sym_hash_ena_per_port 1 enable +set_hash_global_config 1 simple_xor ipv6-udp enable + + +set_hash_input_set 0 ipv6-udp src-ipv6 dst-ipv6 udp-src-port udp-dst-port add +set_hash_input_set 1 ipv6-udp src-ipv6 dst-ipv6 udp-src-port udp-dst-port add diff --git a/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_1Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_1Thread.cfg new file mode 100644 index 00000000..8e26c286 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_1Thread.cfg @@ -0,0 +1,121 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 SWQ9 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ad102814,ff000000,1,ad102814) (cb106414,ff000000,0,cb106414) +arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,2,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +#ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ2.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1)(2,3) +prv_que_handler = (0,2) +;lib_arp_debug = 1 +[PIPELINE2] +type = TXRX +core = s0c2 +pktq_in = RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ0 SWQ1 SWQ2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 1 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = s0c4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ5 SWQ6;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE5] +type = TXRX +core = s0c2h +pktq_in = SWQ5 SWQ6 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ0.1 TXQ1.1 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX +[PIPELINE6] +type = TXRX +core = s0c5 +pktq_in = RXQ2.0 RXQ3.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ7 SWQ8 SWQ9;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE7] +type = LOADB +core = 6 +pktq_in = SWQ7 SWQ8 +pktq_out = SWQ9 SWQ10 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 1 +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE8] +type = VFW +core = s0c7 +pktq_in = SWQ9 SWQ10 +pktq_out = SWQ11 SWQ12;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE9] +type = TXRX +core = s0c5h +pktq_in = SWQ11 SWQ12 ;SWQ20 SWQ21 ;RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ2.1 TXQ3.1 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_4Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_4Thread.cfg new file mode 100644 index 00000000..adcce34e --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_4Thread.cfg @@ -0,0 +1,155 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 SWQ13 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ad102814,ff000000,1,ad102814) (cb106414,ff000000,0,cb106414) +arp_route_tbl = (ac102814,ff000000,3,ac102814) (ca106414,ff000000,2,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +#ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ2.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1)(2,3) +prv_que_handler = (0,2) + +;lib_arp_debug = 1 +[PIPELINE2] +type = TXRX +core = s0c2 +pktq_in = RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ0 SWQ1 SWQ2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 SWQ5 SWQ6 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 2 +prv_que_handler = (0) + +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = s0c4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ7 SWQ8;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = s0c4h +pktq_in = SWQ5 SWQ6 +pktq_out = SWQ9 SWQ10;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 + +[PIPELINE6] +type = TXRX +core = s0c2h +pktq_in = SWQ7 SWQ8 SWQ9 SWQ10 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX +[PIPELINE7] +type = TXRX +core = s0c5 +pktq_in = RXQ2.0 RXQ3.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ11 SWQ12 SWQ13;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE8] +type = LOADB +core = 6 +pktq_in = SWQ11 SWQ12 +pktq_out = SWQ14 SWQ15 SWQ16 SWQ17 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 2 +n_lb_tuples = 5 +prv_que_handler = (0) +;loadb_debug = 0 +[PIPELINE9] +type = VFW +core = s0c7 +pktq_in = SWQ14 SWQ15 +pktq_out = SWQ18 SWQ19;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE10] +type = VFW +core = s0c7h +pktq_in = SWQ16 SWQ17 +pktq_out = SWQ20 SWQ21;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 + +[PIPELINE11] +type = TXRX +core = s0c5h +pktq_in = SWQ18 SWQ19 SWQ20 SWQ21 ;RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ2.1 TXQ3.1 TXQ2.2 TXQ3.2 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_script.tc b/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_script.tc new file mode 100644 index 00000000..2e328a79 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV4_MultiPortPair_script.tc @@ -0,0 +1,67 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config 203.16.100.10 8 +link 0 up +link 1 down +link 1 config 202.16.100.10 8 +link 1 up +link 2 down +link 2 config 173.16.40.10 8 +link 2 up +link 3 down +link 3 config 172.16.40.10 8 +link 3 up +;p 1 arpadd 0 203.16.100.20 00:cb:10:64:14:00 +;p 1 arpadd 1 173.16.40.20 00:ca:10:64:14:00 +;p 1 arpadd 2 202.16.100.20 00:ad:10:28:14:00 +;p 1 arpadd 3 172.16.40.20 00:ac:10:28:14:00 +p action add 0 accept +p action add 0 fwd 1 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 0 +p action add 1 count + +p action add 2 accept +p action add 2 fwd 3 +p action add 2 count + +p action add 3 accept +p action add 3 fwd 2 +p action add 3 count + +p action add 4 drop +p action add 4 count + +p action add 5 drop +p action add 5 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack +p action add 3 conntrack +p action add 4 conntrack +p action add 5 conntrack + +p vfw add 1 203.16.100.20 8 173.16.40.20 8 0 65535 67 69 0 0 4 +p vfw add 1 202.16.100.20 8 172.16.40.20 8 0 65535 67 69 0 0 5 + +p vfw add 2 203.16.100.20 8 173.16.40.20 8 0 65535 0 65535 0 0 0 +p vfw add 2 173.16.40.20 8 203.16.100.20 8 0 65535 0 65535 0 0 1 +p vfw add 2 202.16.100.20 8 172.16.40.20 8 0 65535 0 65535 0 0 2 +p vfw add 2 172.16.40.20 8 202.16.100.20 8 0 65535 0 65535 0 0 3 +p vfw applyruleset diff --git a/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_1Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_1Thread.cfg new file mode 100644 index 00000000..5499ea8c --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_1Thread.cfg @@ -0,0 +1,81 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 +pktq_out = TXQ0.0 TXQ1.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ac102814,ff000000,1,ac102814) (ca106414,ff000000,0,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1) +prv_que_handler = (0) + +[PIPELINE2] +type = TXRX +core = 2 +pktq_in = RXQ0.0 RXQ1.0 +pktq_out = SWQ0 SWQ1 SWQ2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 +outport_offset = 136 +n_vnf_threads = 1 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 + +[PIPELINE4] +type = VFW +core = 4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ5 SWQ6 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 4096000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +;udp_replied = 20 + +[PIPELINE5] +type = TXRX +core = 5 +pktq_in = SWQ5 SWQ6 +pktq_out = TXQ0.1 TXQ1.1 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_4Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_4Thread.cfg new file mode 100644 index 00000000..abb4735b --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_4Thread.cfg @@ -0,0 +1,130 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 +pktq_out = TXQ0.0 TXQ1.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +arp_route_tbl = (ac102814,ff000000,1,ac102814) (ca106414,ff000000,0,ca106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1) +prv_que_handler = (0) + +[PIPELINE2] +type = TXRX +core = 2 +pktq_in = RXQ0.0 RXQ1.0 +pktq_out = SWQ0 SWQ1 SWQ2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 SWQ5 SWQ6 SWQ7 SWQ8 SWQ9 SWQ10 +outport_offset = 136 +n_vnf_threads = 4 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = 4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ11 SWQ12;TXQ0.0 TXQ1.0 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = 5 +pktq_in = SWQ5 SWQ6 +pktq_out = SWQ13 SWQ14;TXQ0.0 TXQ1.0 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE6] +type = VFW +core = 6 +pktq_in = SWQ7 SWQ8 +pktq_out = SWQ15 SWQ16;TXQ0.0 TXQ1.0 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE7] +type = VFW +core = 7 +pktq_in = SWQ9 SWQ10 +pktq_out = SWQ17 SWQ18;TXQ0.0 TXQ1.0 + +n_rules = 4096 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv4 +traffic_type = 4 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 + +[PIPELINE8] +type = TXRX +core = 8 +pktq_in = SWQ11 SWQ12 SWQ13 SWQ14 SWQ15 SWQ16 SWQ17 SWQ18 +pktq_out = TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 TXQ0.3 TXQ1.3 TXQ0.4 TXQ1.4 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_script.tc b/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_script.tc new file mode 100644 index 00000000..213f58f8 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV4_SinglePortPair_script.tc @@ -0,0 +1,49 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config 202.16.100.10 8 +link 0 up +link 1 down +link 1 config 172.16.40.10 8 +link 1 up + +;p 1 arpadd 1 172.16.40.20 00:00:00:00:00:04 +;p 1 arpadd 0 202.16.100.20 00:00:00:00:00:01 + +p action add 0 accept +p action add 0 fwd 0 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 1 +p action add 1 count + +p action add 2 drop +p action add 2 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack +p action add 3 conntrack +p action add 4 conntrack +p action add 5 conntrack +p action add 6 conntrack +p action add 7 conntrack + +p vfw add 1 202.16.100.20 8 172.16.40.20 8 0 65535 67 69 0 0 2 +p vfw add 2 202.16.100.20 8 172.16.40.20 8 0 65535 0 65535 0 0 1 +p vfw add 2 172.16.40.20 8 202.16.100.20 8 0 65535 0 65535 0 0 0 + +p vfw applyruleset diff --git a/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_1Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_1Thread.cfg new file mode 100644 index 00000000..aefb37aa --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_1Thread.cfg @@ -0,0 +1,122 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 SWQ9 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) +nd_route_tbl = (fec1::6a05:caff:fe30:21b0,64,2,fec1::6a05:caff:fe30:21b0) +nd_route_tbl = (2016::6a05:caff:fe30:2081,64,3,2016::6a05:caff:fe30:2081) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ2.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1)(2,3) +prv_que_handler = (0,2) +;lib_arp_debug = 1 +[PIPELINE2] +type = TXRX +core = s0c2 +pktq_in = RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ0 SWQ1 SWQ2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 1 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = s0c4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ5 SWQ6;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 + +[PIPELINE5] +type = TXRX +core = s0c2h +pktq_in = SWQ5 SWQ6 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ0.1 TXQ1.1 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX +[PIPELINE6] +type = TXRX +core = s0c5 +pktq_in = RXQ2.0 RXQ3.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ7 SWQ8 SWQ9;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE7] +type = LOADB +core = 6 +pktq_in = SWQ7 SWQ8 +pktq_out = SWQ9 SWQ10 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 1 +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE8] +type = VFW +core = s0c7 +pktq_in = SWQ9 SWQ10 +pktq_out = SWQ11 SWQ12;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE9] +type = TXRX +core = s0c5h +pktq_in = SWQ11 SWQ12 ;SWQ20 SWQ21 ;RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ2.1 TXQ3.1 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_4Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_4Thread.cfg new file mode 100644 index 00000000..bc30db8d --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_4Thread.cfg @@ -0,0 +1,152 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 SWQ13 +pktq_out = TXQ0.0 TXQ1.0 TXQ2.0 TXQ3.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) +nd_route_tbl = (fec1::6a05:caff:fe30:21b0,64,2,fec1::6a05:caff:fe30:21b0) +nd_route_tbl = (2016::6a05:caff:fe30:2081,64,3,2016::6a05:caff:fe30:2081) +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ca:10:64:14:00 00:ad:10:28:14:00 00:ac:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 RXQ2.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1)(2,3) +prv_que_handler = (0,2) +;lib_arp_debug = 1 +[PIPELINE2] +type = TXRX +core = s0c2 +pktq_in = RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ0 SWQ1 SWQ2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 SWQ5 SWQ6 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 2 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = s0c4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ7 SWQ8;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = s0c4h +pktq_in = SWQ5 SWQ6 +pktq_out = SWQ9 SWQ10;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 + +[PIPELINE6] +type = TXRX +core = s0c2h +pktq_in = SWQ7 SWQ8 SWQ9 SWQ10 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 ;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX +[PIPELINE7] +type = TXRX +core = s0c5 +pktq_in = RXQ2.0 RXQ3.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ11 SWQ12 SWQ13;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE8] +type = LOADB +core = 6 +pktq_in = SWQ11 SWQ12 +pktq_out = SWQ14 SWQ15 SWQ16 SWQ17 ;SWQ10 SWQ11 +outport_offset = 136; 8 +n_vnf_threads = 2 +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE9] +type = VFW +core = s0c7 +pktq_in = SWQ14 SWQ15 +pktq_out = SWQ18 SWQ19;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE10] +type = VFW +core = s0c7h +pktq_in = SWQ16 SWQ17 +pktq_out = SWQ20 SWQ21;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 + +[PIPELINE11] +type = TXRX +core = s0c5h +pktq_in = SWQ18 SWQ19 SWQ20 SWQ21 ;RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = TXQ2.1 TXQ3.1 TXQ2.2 TXQ3.2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_script.tc b/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_script.tc new file mode 100644 index 00000000..048ff738 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV6_MultiPortPair_script.tc @@ -0,0 +1,68 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config fec0:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 0 up +link 1 down +link 1 config fec1:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 1 up +link 2 down +link 2 config 2012:0000:0000:0000:6a05:caff:fe30:2071 64 +link 2 up +link 3 down +link 3 config 2016:0000:0000:0000:6a05:caff:fe30:2071 64 +link 3 up +;p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:cb:10:64:14:00 +;p 1 arpadd 1 2012::6a05:caff:fe30:2081 00:ca:10:64:14:00 +;p 1 arpadd 2 fec1::6a05:caff:fe30:21b0 00:ad:10:28:14:00 +;p 1 arpadd 3 2016::6a05:caff:fe30:2081 00:ac:10:28:14:00 +p action add 0 accept +p action add 0 fwd 1 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 0 +p action add 1 count + +p action add 2 accept +p action add 2 fwd 3 +p action add 2 count + +p action add 3 accept +p action add 3 fwd 2 +p action add 3 count + +p action add 4 drop +p action add 4 count + +p action add 5 drop +p action add 5 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack +p action add 3 conntrack +p action add 4 conntrack +p action add 5 conntrack + +p vfw add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 67 69 0 0 4 +p vfw add 1 fec1::6a05:caff:fe30:21b0 64 2016::6a05:caff:fe30:2081 64 0 65535 67 69 0 0 5 +p vfw add 2 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 0 +p vfw add 2 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 1 +p vfw add 2 fec1::6a05:caff:fe30:21b0 64 2016::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 2 +p vfw add 2 2016::6a05:caff:fe30:2081 64 fec1::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 3 +p vfw applyruleset + + diff --git a/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_1Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_1Thread.cfg new file mode 100644 index 00000000..4fb0fad1 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_1Thread.cfg @@ -0,0 +1,79 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 +pktq_out = TXQ0.0 TXQ1.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) +;arp_route_tbl = (98102814,ff000000,1,98102814) (c0106414,ff000000,0,c0106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1) +prv_que_handler = (0) +[PIPELINE2] +type = TXRX +core = 2 +pktq_in = RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ0 SWQ1 SWQ2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 +outport_offset = 136; 8 +n_vnf_threads = 1 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = 4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ5 SWQ6;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = TXRX +core = 5 +pktq_in = SWQ5 SWQ6 +pktq_out = TXQ0.1 TXQ1.1 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_4Thread.cfg b/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_4Thread.cfg new file mode 100644 index 00000000..4c372f75 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_4Thread.cfg @@ -0,0 +1,131 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +[PIPELINE0] +type = MASTER +core = 0 +[PIPELINE1] +type = ARPICMP +core = 1 + +pktq_in = SWQ2 +pktq_out = TXQ0.0 TXQ1.0 +; ARP route table entries (ip, mask, if_port, nh) hex values with no 0x +nd_route_tbl = (fec0::6a05:caff:fe30:21b0,64,0,fec0::6a05:caff:fe30:21b0) +nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) +;arp_route_tbl = (98102814,ff000000,1,98102814) (c0106414,ff000000,0,c0106414) +; Link MAC addresses in order aa:bb:cc:dd:ee:ff separated by space +; +; Hex values with no leading 0x, MACs in ascending port order starting @P0 +ports_mac_list = 00:cb:10:64:14:00 00:ad:10:28:14:00 +; +; egress (private interface) info +pktq_in_prv = RXQ0.0 +; +;for pub port <-> prv port mapping (prv, pub) +prv_to_pub_map = (0,1) +prv_que_handler = (0) +[PIPELINE2] +type = TXRX +core = 2 +pktq_in = RXQ0.0 RXQ1.0 ;SWQ4 SWQ5 ;SWQ8 SWQ9 SWQ12 SWQ13 +pktq_out = SWQ0 SWQ1 SWQ2;TXQ0.0 TXQ1.0 ;TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 +pipeline_txrx_type = RXRX +; +[PIPELINE3] +type = LOADB +core = 3 +pktq_in = SWQ0 SWQ1 +pktq_out = SWQ3 SWQ4 SWQ5 SWQ6 SWQ7 SWQ8 SWQ9 SWQ10 +outport_offset = 136; 8 +n_vnf_threads = 4 +prv_que_handler = (0) +n_lb_tuples = 5 +;loadb_debug = 0 +[PIPELINE4] +type = VFW +core = 4 +pktq_in = SWQ3 SWQ4 +pktq_out = SWQ11 SWQ12;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE5] +type = VFW +core = 5 +pktq_in = SWQ5 SWQ6 +pktq_out = SWQ13 SWQ14;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE6] +type = VFW +core = 6 +pktq_in = SWQ7 SWQ8 +pktq_out = SWQ15 SWQ16;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 +;udp_unreplied and udp_replied controls udp "connection" timeouts, normally 30/180 +;udp_unreplied = 20 +;udp_replied = 20 +[PIPELINE7] +type = VFW +core = 7 +pktq_in = SWQ9 SWQ10 +pktq_out = SWQ17 SWQ18;TXQ0.0 TXQ1.0 + +n_rules = 10000 + +;n_flows gets round up to power of 2 +n_flows = 1000000 +pkt_type = ipv6 +traffic_type = 6 +; tcp_time_wait controls timeout for closed connection, normally 120 +tcp_time_wait = 10 +tcp_be_liberal = 0 + +[PIPELINE8] +type = TXRX +core = 8 +pktq_in = SWQ11 SWQ12 SWQ13 SWQ14 SWQ15 SWQ16 SWQ17 SWQ18 +pktq_out = TXQ0.1 TXQ1.1 TXQ0.2 TXQ1.2 TXQ0.3 TXQ1.3 TXQ0.4 TXQ1.4 +pipeline_txrx_type = TXTX diff --git a/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_script.tc b/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_script.tc new file mode 100644 index 00000000..b333d5c4 --- /dev/null +++ b/VNFs/vFW/config/VFW_SWLB_IPV6_SinglePortPair_script.tc @@ -0,0 +1,44 @@ +; Copyright (c) 2017 Intel Corporation +; +; Licensed under the Apache License, Version 2.0 (the "License"); +; you may not use this file except in compliance with the License. +; You may obtain a copy of the License at +; +; http:#www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, software +; distributed under the License is distributed on an "AS IS" BASIS, +; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +; See the License for the specific language governing permissions and +; limitations under the License. + +link 0 down +link 0 config fec0:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 0 up + +link 1 down +link 1 config 2012:0000:0000:0000:6a05:caff:fe30:2071 64 +link 1 up + +;p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:00:00:00:00:01 +;p 1 arpadd 1 2012::6a05:caff:fe30:2081 00:00:00:00:00:04 + +p action add 0 accept +p action add 0 fwd 1 +p action add 0 count + +p action add 1 accept +p action add 1 fwd 0 +p action add 1 count + +p action add 2 drop +p action add 2 count + +p action add 0 conntrack +p action add 1 conntrack +p action add 2 conntrack + +p vfw add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 67 69 0 0 2 +p vfw add 2 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 0 +p vfw add 2 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 1 +p vfw applyruleset |