From 5ff29cbcfacbe3ed67f4c1c85fe7ddb3a4f8de1b Mon Sep 17 00:00:00 2001 From: Deepak S Date: Fri, 18 Aug 2017 17:44:56 -0700 Subject: Update vACL config files JIRA: SAMPLEVNF-76 Change-Id: Iab363cc6cd5310e25c15758f02ca68751e81a49c Signed-off-by: Deepak S --- VNFs/vACL/config/IPv4_hwlb_acl.tc | 22 +++++++++++++++------ VNFs/vACL/config/IPv4_hwlb_acl_1LB_1t.cfg | 7 +++++-- VNFs/vACL/config/IPv4_swlb_acl.tc | 23 +++++++++++++++------- VNFs/vACL/config/IPv4_swlb_acl_1LB_1t.cfg | 12 +++++++----- VNFs/vACL/config/IPv6_hwlb_acl.tc | 28 +++++++++++++++------------ VNFs/vACL/config/IPv6_hwlb_acl_1LB_1t.cfg | 8 +++++--- VNFs/vACL/config/IPv6_swlb_acl.tc | 32 ++++++++++++++++--------------- VNFs/vACL/config/IPv6_swlb_acl_1LB_1t.cfg | 14 ++++++++------ 8 files changed, 90 insertions(+), 56 deletions(-) (limited to 'VNFs/vACL') diff --git a/VNFs/vACL/config/IPv4_hwlb_acl.tc b/VNFs/vACL/config/IPv4_hwlb_acl.tc index fa4f1430..79b48ed3 100644 --- a/VNFs/vACL/config/IPv4_hwlb_acl.tc +++ b/VNFs/vACL/config/IPv4_hwlb_acl.tc @@ -13,24 +13,34 @@ ; limitations under the License. link 0 down -link 0 config 192.16.100.10 8 +link 0 config 202.16.100.10 8 link 0 up + link 1 down -link 1 config 152.16.40.10 8 +link 1 config 172.16.40.10 8 link 1 up -p 1 arpadd 1 152.16.40.20 00:00:00:00:00:02 -p 1 arpadd 0 192.16.100.20 00:00:00:00:00:01 +; routeadd +routeadd 0 202.16.100.20 0xff000000 +routeadd 1 172.16.40.20 0xff000000 + +; IPv4 static ARP +;p 1 arpadd 1 172.16.40.20 00:00:00:00:00:04 +;p 1 arpadd 0 202.16.100.20 00:00:00:00:00:01 + p action add 0 accept p action add 0 fwd 0 p action add 0 count + p action add 1 accept p action add 1 fwd 1 p action add 1 count -p acl add 1 192.16.100.0 8 152.16.40.0 8 0 65535 0 65535 0 0 1 -p acl add 1 152.16.40.0 8 192.16.100.0 8 0 65535 0 65535 0 0 0 +; IPv4 rules +p acl add 1 202.16.100.20 8 172.16.40.20 8 0 65535 0 65535 0 0 1 +p acl add 1 172.16.40.20 8 202.16.100.20 8 0 65535 0 65535 0 0 0 p acl applyruleset + set fwd rxonly set_sym_hash_ena_per_port 0 enable set_hash_global_config 0 simple_xor ipv4-udp enable diff --git a/VNFs/vACL/config/IPv4_hwlb_acl_1LB_1t.cfg b/VNFs/vACL/config/IPv4_hwlb_acl_1LB_1t.cfg index 77beeb14..f312e5ba 100644 --- a/VNFs/vACL/config/IPv4_hwlb_acl_1LB_1t.cfg +++ b/VNFs/vACL/config/IPv4_hwlb_acl_1LB_1t.cfg @@ -12,6 +12,11 @@ ; See the License for the specific language governing permissions and ; limitations under the License. +[EAL] +# add pci whitelist eg below +w = 05:00.0 +w = 05:00.1 + [PIPELINE0] type = MASTER core = 0 @@ -20,8 +25,6 @@ type = ARPICMP core = 1 pktq_in = SWQ0 pktq_out = TXQ0.0 TXQ1.0 -arp_route_tbl = (98102814,ff000000,1,98102814) (c0106414,ff000000,0,c0106414) -ports_mac_list = 00:00:00:00:00:01 00:00:00:00:00:02 pktq_in_prv = RXQ0.0 prv_to_pub_map = (0,1) prv_que_handler = (0) diff --git a/VNFs/vACL/config/IPv4_swlb_acl.tc b/VNFs/vACL/config/IPv4_swlb_acl.tc index 25fdfba6..7274847a 100644 --- a/VNFs/vACL/config/IPv4_swlb_acl.tc +++ b/VNFs/vACL/config/IPv4_swlb_acl.tc @@ -13,21 +13,30 @@ ; limitations under the License. link 0 down -link 0 config 192.16.100.10 8 +link 0 config 202.16.100.10 8 link 0 up + link 1 down -link 1 config 192.16.40.10 8 +link 1 config 172.16.40.10 8 link 1 up -;p 1 arpadd 1 192.16.40.20 00:00:00:00:00:02 -;p 1 arpadd 0 192.16.100.20 00:00:00:00:00:01 +; routeadd +routeadd 0 202.16.100.20 0xff000000 +routeadd 1 172.16.40.20 0xff000000 + +; IPv4 static ARP +;p 1 arpadd 1 172.16.40.20 00:00:00:00:00:04 +;p 1 arpadd 0 202.16.100.20 00:00:00:00:00:01 + p action add 0 accept p action add 0 fwd 0 p action add 0 count + p action add 1 accept p action add 1 fwd 1 p action add 1 count -p acl add 1 192.16.100.0 8 192.16.40.0 8 0 65535 0 65535 0 0 1 -p acl add 1 192.16.40.0 8 192.16.100.0 8 0 65535 0 65535 0 0 0 -p acl applyruleset +; IPv4 rules +p acl add 1 202.16.100.20 8 172.16.40.20 8 0 65535 0 65535 0 0 1 +p acl add 1 172.16.40.20 8 202.16.100.20 8 0 65535 0 65535 0 0 0 +p acl applyruleset \ No newline at end of file diff --git a/VNFs/vACL/config/IPv4_swlb_acl_1LB_1t.cfg b/VNFs/vACL/config/IPv4_swlb_acl_1LB_1t.cfg index 2637ec1d..2a8d6d0c 100644 --- a/VNFs/vACL/config/IPv4_swlb_acl_1LB_1t.cfg +++ b/VNFs/vACL/config/IPv4_swlb_acl_1LB_1t.cfg @@ -11,6 +11,10 @@ ; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ; See the License for the specific language governing permissions and ; limitations under the License. +[EAL] +# add pci whitelist eg below +w = 05:00.0 +w = 05:00.1 [PIPELINE0] type = MASTER @@ -19,9 +23,7 @@ core = 0 type = ARPICMP core = 1 pktq_in = SWQ2 -pktq_out = TXQ0.0 TXQ1.0 -arp_route_tbl = (c0102814,ffffff00,1,98102814) (c0106414,ffffff00,0,c0106414) -ports_mac_list = 00:00:00:00:00:01 00:00:00:00:00:02 +pktq_out = SWQ7 pktq_in_prv = RXQ0.0 prv_to_pub_map = (0,1) prv_que_handler = (0) @@ -53,6 +55,6 @@ traffic_type = 4 [PIPELINE5] type = TXRX core = 5 -pktq_in = SWQ5 SWQ6 -pktq_out = TXQ0.1 TXQ1.1 +pktq_in = SWQ5 SWQ6 SWQ7 +pktq_out = TXQ0.0 TXQ1.0 pipeline_txrx_type = TXTX diff --git a/VNFs/vACL/config/IPv6_hwlb_acl.tc b/VNFs/vACL/config/IPv6_hwlb_acl.tc index 3ec5fba7..41761108 100644 --- a/VNFs/vACL/config/IPv6_hwlb_acl.tc +++ b/VNFs/vACL/config/IPv6_hwlb_acl.tc @@ -15,28 +15,32 @@ link 0 down link 0 config fec0:0000:0000:0000:6a05:caff:fe30:21a0 64 link 0 up + link 1 down link 1 config 2012:0000:0000:0000:6a05:caff:fe30:2071 64 link 1 up -p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:00:00:00:00:01 -p 1 arpadd 1 2012::6a05:caff:fe30:2081 00:00:00:00:00:02 + +;routeadd +routeadd 0 fec0::6a05:caff:fe30:21b0 64 +routeadd 1 2012::6a05:caff:fe30:2081 64 + +; IPv6 static ARP +;p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:00:00:00:00:01 +;p 1 arpadd 1 2012::6a05:caff:fe30:2081 00:00:00:00:00:04 + p action add 0 accept -p action add 0 fwd 1 +p action add 0 fwd 0 p action add 0 count p action add 1 accept -p action add 1 fwd 0 +p action add 1 fwd 1 p action add 1 count - -;p action add 0 conntrack -;p action add 1 conntrack -;p action add 2 conntrack -;p action add 3 conntrack - -p acl add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 0 -p acl add 1 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 1 +; IPv6 rules +p acl add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 1 +p acl add 1 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 0 p acl applyruleset + set fwd rxonly set_sym_hash_ena_per_port 0 enable set_hash_global_config 0 simple_xor ipv6-udp enable diff --git a/VNFs/vACL/config/IPv6_hwlb_acl_1LB_1t.cfg b/VNFs/vACL/config/IPv6_hwlb_acl_1LB_1t.cfg index cdb16ca0..6568d781 100644 --- a/VNFs/vACL/config/IPv6_hwlb_acl_1LB_1t.cfg +++ b/VNFs/vACL/config/IPv6_hwlb_acl_1LB_1t.cfg @@ -12,6 +12,11 @@ ; See the License for the specific language governing permissions and ; limitations under the License. +[EAL] +# add pci whitelist eg below +w = 05:00.0 +w = 05:00.1 + [PIPELINE0] type = MASTER core = 0 @@ -20,9 +25,6 @@ type = ARPICMP core = 1 pktq_in = SWQ0 pktq_out = TXQ0.0 TXQ1.0 -nd_route_tbl = (fe80::6a05:caff:fe30:21b0,64,0,fe80::6a05:caff:fe30:21b0) -nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) -ports_mac_list = 00:00:00:00:00:01 00:00:00:00:00:02 pktq_in_prv = RXQ0.0 prv_to_pub_map = (0,1) prv_que_handler = (0) diff --git a/VNFs/vACL/config/IPv6_swlb_acl.tc b/VNFs/vACL/config/IPv6_swlb_acl.tc index 0dc82129..c964609a 100644 --- a/VNFs/vACL/config/IPv6_swlb_acl.tc +++ b/VNFs/vACL/config/IPv6_swlb_acl.tc @@ -13,28 +13,30 @@ ; limitations under the License. link 0 down -link 0 config fe80:0000:0000:0000:6a05:caff:fe30:21a0 64 +link 0 config fec0:0000:0000:0000:6a05:caff:fe30:21a0 64 link 0 up + link 1 down link 1 config 2012:0000:0000:0000:6a05:caff:fe30:2071 64 link 1 up -p 1 arpadd 0 fe80::6a05:caff:fe30:21b0 00:00:00:00:00:01 -p 1 arpadd 1 2012::6a05:caff:fe30:2081 3c:fd:fe:a1:37:aa + +;routeadd +routeadd 0 fec0::6a05:caff:fe30:21b0 64 +routeadd 1 2012::6a05:caff:fe30:2081 64 + +; IPv6 static ARP +;p 1 arpadd 0 fec0::6a05:caff:fe30:21b0 00:00:00:00:00:01 +;p 1 arpadd 1 2012::6a05:caff:fe30:2081 00:00:00:00:00:04 + p action add 0 accept -p action add 0 fwd 1 +p action add 0 fwd 0 p action add 0 count p action add 1 accept -p action add 1 fwd 0 +p action add 1 fwd 1 p action add 1 count - -;p action add 0 conntrack -;p action add 1 conntrack -;p action add 2 conntrack -;p action add 3 conntrack - -p acl add 1 fe80::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 0 -p acl add 1 2012::6a05:caff:fe30:2081 64 fe80::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 1 -p acl applyruleset - +; IPv6 rules +p acl add 1 fec0::6a05:caff:fe30:21b0 64 2012::6a05:caff:fe30:2081 64 0 65535 0 65535 0 0 1 +p acl add 1 2012::6a05:caff:fe30:2081 64 fec0::6a05:caff:fe30:21b0 64 0 65535 0 65535 0 0 0 +p acl applyruleset \ No newline at end of file diff --git a/VNFs/vACL/config/IPv6_swlb_acl_1LB_1t.cfg b/VNFs/vACL/config/IPv6_swlb_acl_1LB_1t.cfg index 43d0e726..2b5017eb 100644 --- a/VNFs/vACL/config/IPv6_swlb_acl_1LB_1t.cfg +++ b/VNFs/vACL/config/IPv6_swlb_acl_1LB_1t.cfg @@ -12,6 +12,11 @@ ; See the License for the specific language governing permissions and ; limitations under the License. +[EAL] +# add pci whitelist eg below +w = 05:00.0 +w = 05:00.1 + [PIPELINE0] type = MASTER core = 0 @@ -19,10 +24,7 @@ core = 0 type = ARPICMP core = 1 pktq_in = SWQ2 -pktq_out = TXQ0.0 TXQ1.0 -nd_route_tbl = (fe80::6a05:caff:fe30:21b0,64,0,fe80::6a05:caff:fe30:21b0) -nd_route_tbl = (2012::6a05:caff:fe30:2081,64,1,2012::6a05:caff:fe30:2081) -ports_mac_list = 00:00:00:00:00:01 00:00:00:00:00:02 +pktq_out = SWQ7 pktq_in_prv = RXQ0.0 prv_to_pub_map = (0,1) prv_que_handler = (0) @@ -54,6 +56,6 @@ traffic_type = 6 [PIPELINE5] type = TXRX core = 5 -pktq_in = SWQ5 SWQ6 -pktq_out = TXQ0.1 TXQ1.1 +pktq_in = SWQ5 SWQ6 SWQ7 +pktq_out = TXQ0.0 TXQ1.0 pipeline_txrx_type = TXTX -- cgit 1.2.3-korg