int main(int argc, char **argv)
{
/**
* Simple example of firewall between two NICs.
* Print brick simply show packets.
*
* [nic-west]--[print-west]--[firewall]--[print-east]--[nic_east]
*/
struct pg_error *error = NULL;
struct pg_brick *nic_west, *nic_east;
struct pg_brick *print_west, *print_east;
struct pg_brick *fw;
struct pg_graph *graph;
/* init packetgraph and nics */
pg_start(argc, argv, &error);
if (pg_nic_port_count() < 2) {
printf("You need two DPDK ports to run this example\n");
return 1;
}
/* create bricks */
nic_west = pg_nic_new_by_id("nic-west", 0, &error);
fw = pg_firewall_new("fw", PG_NO_CONN_WORKER, &error);
print_west = pg_print_new("print-west", 0,
PG_PRINT_FLAG_MAX, 0, &error);
print_east = pg_print_new("print-east", 0,
PG_PRINT_FLAG_MAX, 0, &error);
nic_east = pg_nic_new_by_id("nic_east", 1, &error);
/* link bricks */
pg_brick_chained_links(&error, nic_west, print_west,
fw, print_east, nic_east);
/* add some rules to firewall */
pg_firewall_rule_add(fw, "tcp portrange 1-1024", PG_MAX_SIDE, 1, &error);
pg_firewall_rule_add(fw, "icmp", PG_MAX_SIDE, 1, &error);
pg_firewall_reload(fw, &error);
/* create a graph with all bricks inside */
graph = pg_graph_new("graph", fw, &error);
printf("let's pool 1000*1000 times ...\n");
for (int i = 0; i < 1000000; i++) {
if (pg_graph_poll(graph, &error) < 0) {
pg_error_print(error);
pg_error_free(error);
}
}
pg_graph_destroy(graph);
pg_stop();
return 0;
}
int main(int argc, char **argv)
{
struct pg_error *error = NULL;
struct pg_brick *nic, *app;
struct pg_graph *graph;
struct mydata pd;
pd.pkt_count = 0;
pg_start(argc, argv, &error);
start_time = g_get_real_time();
if (pg_nic_port_count() < 1) {
g_printf("No NIC port has been found, try adding --vdev=eth_pcap0,iface=eth0 arguments\n");
return 1;
}
nic = pg_nic_new_by_id("port 0", 0, &error);
app = pg_rxtx_new("myapp", &rx_callback, &tx_callback, (void *) &pd);
pg_brick_link(nic, app, &error);
graph = pg_graph_new("example", nic, &error);
while (42)
if (pg_graph_poll(graph, &error) < 0)
break;
pg_error_print(error);
pg_error_free(error);
pg_graph_destroy(graph);
pg_stop();
return 1;
}
static int start_loop(int verbose)
{
struct pg_error *error = NULL;
struct pg_brick *nic_tmp, *switch_east, *print_tmp;
uint16_t port_count = rte_eth_dev_count();
GList *nic_manager = NULL;
GList *manager = NULL;
g_assert(port_count > 1);
/*
* Here is an ascii graph of the links:
*
* [NIC-X] - [PRINT-X] --\
* \
* [NIC-X+1] - [PRINT-X+1] } -- [SWITCH]
* /
* [NIC-X+2] - [PRINT-X+2] /
* ....
*/
switch_east = pg_switch_new("switch", 20, 20, &error);
CHECK_ERROR(error);
PG_BM_ADD(manager, switch_east);
for (int i = 0; i < port_count; ++i) {
nic_tmp = pg_nic_new_by_id("nic", 1, 1, WEST_SIDE, i, &error);
CHECK_ERROR(error);
print_tmp = pg_print_new("print", 1, 1, NULL,
PG_PRINT_FLAG_MAX, NULL,
&error);
CHECK_ERROR(error);
if (!verbose)
pg_brick_chained_links(&error, nic_tmp, switch_east);
else
pg_brick_chained_links(&error, nic_tmp,
print_tmp, switch_east);
CHECK_ERROR(error);
PG_BM_ADD(nic_manager, nic_tmp);
PG_BM_ADD(manager, print_tmp);
}
while (1) {
uint64_t tot_send_pkts = 0;
for (int i = 0; i < 100000; ++i) {
uint16_t nb_send_pkts;
PG_BM_GET_NEXT(nic_manager, nic_tmp);
pg_brick_poll(nic_tmp, &nb_send_pkts, &error);
tot_send_pkts += nb_send_pkts;
CHECK_ERROR(error);
usleep(1);
}
printf("poll pkts: %lu\n", tot_send_pkts);
}
nic_manager = g_list_first(nic_manager);
PG_BM_DESTROY(manager);
PG_BM_DESTROY(nic_manager);
return 0;
}
int main(int argc, char **argv)
{
struct pg_brick *nic = NULL;
struct pg_error *error = NULL;
uint32_t rx, tx;
int port_count;
pg_start(argc, argv, &error);
if (pg_error_is_set(&error)) {
pg_error_print(error);
pg_error_free(error);
return 1;
}
port_count = pg_nic_port_count();
if (port_count == 0) {
printf("Error: you need at least one DPDK port\n");
return 1;
}
for (int i = 0; i < port_count; i++) {
nic = pg_nic_new_by_id("nic", i, &error);
if (!nic) {
printf("Error on nic creation (port %i)\n", i);
pg_error_print(error);
pg_error_free(error);
pg_stop();
return 1;
}
pg_nic_capabilities(nic, &rx, &tx);
printf("====== Port %i capabilities ======\nRX:\n", i);
#define print_capa(R, capa) \
printf(#capa ":\t\t%s\n", (R) & (capa) ? "yes" : "no");
print_capa(rx, PG_NIC_RX_OFFLOAD_VLAN_STRIP);
print_capa(rx, PG_NIC_RX_OFFLOAD_IPV4_CKSUM);
print_capa(rx, PG_NIC_RX_OFFLOAD_UDP_CKSUM);
print_capa(rx, PG_NIC_RX_OFFLOAD_TCP_CKSUM);
print_capa(rx, PG_NIC_RX_OFFLOAD_TCP_LRO);
print_capa(rx, PG_NIC_RX_OFFLOAD_QINQ_STRIP);
print_capa(rx, PG_NIC_RX_OFFLOAD_OUTER_IPV4_CKSUM);
printf("TX:\n");
print_capa(tx, PG_NIC_TX_OFFLOAD_VLAN_INSERT);
print_capa(tx, PG_NIC_TX_OFFLOAD_IPV4_CKSUM);
print_capa(tx, PG_NIC_TX_OFFLOAD_UDP_CKSUM);
print_capa(tx, PG_NIC_TX_OFFLOAD_TCP_CKSUM);
print_capa(tx, PG_NIC_TX_OFFLOAD_SCTP_CKSUM);
print_capa(tx, PG_NIC_TX_OFFLOAD_TCP_TSO);
print_capa(tx, PG_NIC_TX_OFFLOAD_UDP_TSO);
print_capa(tx, PG_NIC_TX_OFFLOAD_OUTER_IPV4_CKSUM);
print_capa(tx, PG_NIC_TX_OFFLOAD_QINQ_INSERT);
#undef print_capa
pg_brick_destroy(nic);
}
pg_stop();
return 0;
}
static void test_nic_simple_flow(void)
{
struct pg_brick *nic_west, *nic_ring;
int i = 0;
int nb_iteration = 32;
uint16_t nb_send_pkts;
uint16_t total_send_pkts = 0;
uint16_t total_get_pkts = 0;
struct pg_error *error = NULL;
struct pg_nic_stats info;
/* create a chain of a few nop brick with collectors on each sides */
/*
* [nic_west] ------- [nic_east]
*/
/* write rx pcap file (required bu pcap driver) */
const gchar pcap_in_file[] = {
212, 195, 178, 161, 2, 0, 4, 0, 0, 0, 0,
0, 0, 0, 0, 0, 255, 255, 0, 0, 1, 0, 0, 0};
g_assert(g_file_set_contents("in.pcap", pcap_in_file,
sizeof(pcap_in_file), NULL));
nic_west = pg_nic_new("nic", "eth_pcap0,rx_pcap=in.pcap,tx_pcap=out.pcap", &error);
CHECK_ERROR(error);
nic_ring = pg_nic_new_by_id("nic", 0, &error);
CHECK_ERROR(error);
pg_brick_link(nic_west, nic_ring, &error);
CHECK_ERROR(error);
for (i = 0; i < nb_iteration * 6; ++i) {
/* max pkts is the maximum nbr of packets
rte_eth_burst_wrap can send */
max_pkts = i * 2;
if (max_pkts > 64)
max_pkts = 64;
/*poll packets to east*/
pg_brick_poll(nic_west, &nb_send_pkts, &error);
CHECK_ERROR(error);
/* collect pkts on the east */
if (nb_send_pkts) {
total_send_pkts += max_pkts;
}
/* check no pkts end here */
CHECK_ERROR(error);
}
pg_nic_get_stats(nic_ring, &info);
g_assert(info.opackets == total_send_pkts);
max_pkts = 64;
for (i = 0; i < nb_iteration; ++i) {
/* poll packet to the west */
pg_brick_poll(nic_ring, &nb_send_pkts, &error);
CHECK_ERROR(error);
total_get_pkts += nb_send_pkts;
}
/* This assert allow us to check nb_send_pkts*/
g_assert(total_get_pkts == total_send_pkts);
g_assert(info.opackets == total_send_pkts);
/* use packets_count in collect_west here to made
* another check when merge*/
/* break the chain */
pg_brick_destroy(nic_west);
pg_brick_destroy(nic_ring);
/* remove pcap files */
g_assert(g_unlink("in.pcap") == 0);
g_assert(g_unlink("out.pcap") == 0);
}
int main(int argc, char **argv)
{
struct pg_error *error = NULL;
struct pg_brick *fw;
struct pg_brick *nic_west, *nic_east;
uint16_t nb_send_pkts;
uint64_t total;
struct timeval start, end;
int i;
pg_start(argc, argv, &error);
CHECK_ERROR(error);
g_assert(rte_eth_dev_count() >= 2);
nic_west = pg_nic_new_by_id("port 0", 1, 1, WEST_SIDE, 0, &error);
CHECK_ERROR(error);
fw = pg_firewall_new("fw", 1, 1, PG_NO_CONN_WORKER, &error);
pg_firewall_thread_register(fw);
CHECK_ERROR(error);
nic_east = pg_nic_new_by_id("port 1", 1, 1, EAST_SIDE, 1, &error);
CHECK_ERROR(error);
pg_brick_link(nic_west, fw, &error);
CHECK_ERROR(error);
pg_brick_link(fw, nic_east, &error);
CHECK_ERROR(error);
g_assert(!pg_firewall_rule_add(fw, "tcp portrange 50-60", MAX_SIDE, 1,
&error));
CHECK_ERROR(error);
g_assert(!pg_firewall_rule_add(fw, "icmp", MAX_SIDE, 1, &error));
CHECK_ERROR(error);
g_assert(!pg_firewall_reload(fw, &error));
CHECK_ERROR(error);
for (;;) {
gettimeofday(&start, 0);
total = 0;
for (i = 0; i < LOOPS; i++) {
g_assert(pg_brick_poll(nic_west,
&nb_send_pkts,
&error));
usleep(1);
total += nb_send_pkts;
g_assert(pg_brick_poll(nic_east,
&nb_send_pkts,
&error));
total += nb_send_pkts;
usleep(1);
}
gettimeofday(&end, 0);
usleep(100);
printf("time in us: for %i loops: %lu\ntotal %"PRIu64"\n",
LOOPS,
(end.tv_sec * 1000000 + end.tv_usec) -
(start.tv_sec * 1000000 + start.tv_usec), total);
pg_firewall_gc(fw);
}
pg_stop();
return 0;
}
static int start_loop(int verbose, int nb_vhost)
{
struct pg_error *error = NULL;
struct pg_brick *nic_tmp, *switch_east, *print_tmp;
uint16_t port_count = rte_eth_dev_count();
GList *nic_manager = NULL;
GList *manager = NULL;
int ret = -1;
/*
* Here is an ascii graph of the links:
*
* [NIC-X] - [PRINT-X] --\
* \
* [NIC-X+1] - [PRINT-X+1] } -- [SWITCH]
* /
* [NIC-X+2] - [PRINT-X+2] /
* ....
*/
switch_east = pg_switch_new("switch", 20, 20, EAST_SIDE, &error);
CHECK_ERROR(error);
PG_BM_ADD(manager, switch_east);
if (nb_vhost) {
if (pg_vhost_start("/tmp", &error) < 0)
goto free_switch;
port_count = nb_vhost;
}
g_assert(port_count > 1);
for (int i = 0; i < port_count; ++i) {
char *tmp_name;
if (nb_vhost) {
tmp_name = g_strdup_printf("vhost-%d", i);
nic_tmp = pg_vhost_new(tmp_name, 1, 1,
WEST_SIDE, &error);
} else {
tmp_name = g_strdup_printf("nic-%d", i);
nic_tmp = pg_nic_new_by_id(tmp_name, i, &error);
}
g_free(tmp_name);
CHECK_ERROR(error);
tmp_name = g_strdup_printf("print-%d", i);
print_tmp = pg_print_new(tmp_name, 1, 1, NULL,
PG_PRINT_FLAG_MAX, NULL,
&error);
g_free(tmp_name);
CHECK_ERROR(error);
if (!verbose)
pg_brick_chained_links(&error, nic_tmp, switch_east);
else
pg_brick_chained_links(&error, nic_tmp,
print_tmp, switch_east);
CHECK_ERROR(error);
PG_BM_ADD(nic_manager, nic_tmp);
PG_BM_ADD(manager, print_tmp);
}
while (1) {
uint64_t tot_send_pkts = 0;
for (int i = 0; i < 100000; ++i) {
uint16_t nb_send_pkts;
PG_BM_GET_NEXT(nic_manager, nic_tmp);
pg_brick_poll(nic_tmp, &nb_send_pkts, &error);
tot_send_pkts += nb_send_pkts;
CHECK_ERROR(error);
usleep(1);
}
printf("poll pkts: %lu\n", tot_send_pkts);
}
ret = 0;
nic_manager = g_list_first(nic_manager);
PG_BM_DESTROY(nic_manager);
free_switch:
PG_BM_DESTROY(manager);
pg_vhost_stop();
return ret;
}
static void test_nic_simple_flow(void)
{
struct pg_brick *nic_west, *nic_ring;
int i = 0;
int nb_iteration = 32;
uint16_t nb_send_pkts;
uint16_t total_send_pkts = 0;
uint16_t total_get_pkts = 0;
struct pg_error *error = NULL;
struct pg_nic_stats info;
gchar *tmp;
/* create a chain of a few nop brick with collectors on each sides */
/*
* [nic_west] ------- [nic_east]
*/
tmp = g_strdup_printf("eth_pcap0,rx_pcap=%s,tx_pcap=out.pcap",
glob_pcap_in);
nic_west = pg_nic_new("nic", tmp, &error);
g_free(tmp);
CHECK_ERROR(error);
nic_ring = pg_nic_new_by_id("nic", 0, &error);
CHECK_ERROR(error);
pg_brick_link(nic_west, nic_ring, &error);
CHECK_ERROR(error);
for (i = 0; i < nb_iteration * 6; ++i) {
/* max pkts is the maximum nbr of packets
rte_eth_burst_wrap can send */
max_pkts = i * 2;
if (max_pkts > 64)
max_pkts = 64;
/*poll packets to east*/
pg_brick_poll(nic_west, &nb_send_pkts, &error);
CHECK_ERROR(error);
/* collect pkts on the east */
if (nb_send_pkts) {
total_send_pkts += max_pkts;
}
/* check no pkts end here */
CHECK_ERROR(error);
}
pg_nic_get_stats(nic_ring, &info);
g_assert(info.opackets == total_send_pkts);
max_pkts = 64;
for (i = 0; i < nb_iteration; ++i) {
/* poll packet to the west */
pg_brick_poll(nic_ring, &nb_send_pkts, &error);
CHECK_ERROR(error);
total_get_pkts += nb_send_pkts;
}
/* This assert allow us to check nb_send_pkts*/
g_assert(total_get_pkts == total_send_pkts);
g_assert(info.opackets == total_send_pkts);
/* use packets_count in collect_west here to made
* another check when merge*/
/* break the chain */
pg_brick_destroy(nic_west);
pg_brick_destroy(nic_ring);
}
static int start_loop(uint32_t vtep_ip, struct ether_addr *vtep_mac,
struct ether_addr *inner_mac,
GList *neighbor_macs)
{
struct pg_error *error = NULL;
struct pg_brick *nic_east, *nic_west, *vtep_east, *vtep_west;
struct pg_brick *print_east, *print_west, *print_middle;
/*
* Here is an ascii graph of the links:
* NIC = nic
* VT = vtep
*
* [NIC] - [PRINT] - [VT] -- [PRINT] -- [VT] -- [PRINT] -- [NIC]
*/
nic_east = pg_nic_new_by_id("nic-e", 1, 1, EAST_SIDE, 0, &error);
CHECK_ERROR(error);
nic_west = pg_nic_new_by_id("nic-w", 1, 1, WEST_SIDE, 1, &error);
CHECK_ERROR(error);
vtep_east = pg_vtep_new("vt-e", 1, 1, WEST_SIDE,
vtep_ip, *vtep_mac, 1, &error);
CHECK_ERROR(error);
inverse_mac(vtep_mac);
pg_print_mac(vtep_mac);
printf("\n");
vtep_west = pg_vtep_new("vt-w", 1, 1, EAST_SIDE,
~vtep_ip, *vtep_mac, 1, &error);
CHECK_ERROR(error);
print_west = pg_print_new("west", 1, 1, NULL, PG_PRINT_FLAG_MAX, NULL,
&error);
CHECK_ERROR(error);
print_east = pg_print_new("east", 1, 1, NULL, PG_PRINT_FLAG_MAX, NULL,
&error);
CHECK_ERROR(error);
print_middle = pg_print_new("middle", 1, 1, NULL, PG_PRINT_FLAG_MAX,
NULL, &error);
CHECK_ERROR(error);
/* If you want to print transmiting pkts uncomment this and coment
* the bellow pg_brick_chained_links
* Attention: this may slow down the transmition */
/* pg_brick_chained_links(&error, nic_west, print_west, */
/* vtep_west, print_middle, vtep_east, */
/* print_east, nic_east); */
pg_brick_chained_links(&error, nic_west, vtep_west, vtep_east, nic_east);
CHECK_ERROR(error);
pg_vtep_add_vni(vtep_west, nic_west, 0, inet_addr("225.0.0.43"), &error);
CHECK_ERROR(error);
pg_vtep_add_vni(vtep_east, nic_east, 0, inet_addr("225.0.0.43"), &error);
CHECK_ERROR(error);
while (!quit) {
uint16_t nb_send_pkts;
g_assert(pg_brick_poll(nic_west, &nb_send_pkts, &error));
usleep(1);
g_assert(pg_brick_poll(nic_east, &nb_send_pkts, &error));
usleep(1);
}
pg_brick_destroy(nic_west);
pg_brick_destroy(print_west);
pg_brick_destroy(vtep_west);
pg_brick_destroy(print_middle);
pg_brick_destroy(vtep_east);
pg_brick_destroy(print_east);
pg_brick_destroy(nic_east);
return 0;
}
