Skip to content

Commit

Permalink
FABRID base version (#168)
Browse files Browse the repository at this point in the history
Control plane features:
- Definition of FABRID policies and connection points on which they are
available
- CS loads policies and appends maps for policy indices and connection
points as detachable extensions to PCBs
- Remote CSes cache FABRID maps
- SD fetches detached extensions on request

Data plane features:
- Fabrid and Identifier HBH extensions for sending FABRID traffic
- WithFabrid option for choosing paths based on the fabrid query
- Fabrid dataplane path which sets HBH extensions
- BR fetches DRKey secret values and fabrid config on startup
- BR validates and updates FABRID HVFs

Tools:
- topology: --fabrid flag enables DRKey and fabrid for local topology
- ping: select fabrid policies with --fabridquery flag
- end2end: run integration test with --fabrid to test path validation

Demo:
1. `./scion.sh topology --fabrid` (docker: `./scion.sh topology -d
--endhosts --fabrid`)
2. `./scion.sh run`
3. `./bin/end2end_integration --fabrid` (docker:
`./bin/end2end_integration -d --fabrid`)
4. `./scion.sh stop`

Upstream changes:
- scionproto#4628
  • Loading branch information
jeltevanbommel authored Sep 20, 2024
2 parents c323c13 + bf66782 commit 17d89ad
Show file tree
Hide file tree
Showing 157 changed files with 15,856 additions and 438 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/gobra.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
caching: '1'
statsFile: ${{ env.statsFile }}
- name: Upload the verification report
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: verification_stats.json
path: ${{ env.statsFile }}
5 changes: 5 additions & 0 deletions acceptance/router_benchmark/conf/topology.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@
"isd_as": "1-ff00:0:1",
"mtu": 1400,
"dispatched_ports": "1024-65535",
"control_service": {
"cs1": {
"addr": "10.123.10.3:30252"
}
},
"border_routers": {
"br1a": {
"internal_addr": "10.123.10.1:30042",
Expand Down
7 changes: 7 additions & 0 deletions antlr/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,10 @@ antlr(
language = "Go",
package = "sequence",
)

antlr(
name = "pathpolicyconstraints",
srcs = ["PathPolicyConstraints.g4"],
language = "Go",
package = "pathpolicyconstraints",
)
72 changes: 72 additions & 0 deletions antlr/PathPolicyConstraints.g4
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@

grammar PathPolicyConstraints;

fragment HEXA: [1-9a-fA-F][0-9a-fA-F]* | '0';

WHITESPACE: [ \t\r\n]+ -> skip;
ZERO: '0';
NUM: [1-9][0-9]*;
WILDCARDAS: '-' '0';
LEGACYAS: '-' NUM;
AS: '-' HEXA '_' HEXA '_' HEXA;
HASH: '#';

QUESTIONMARK: '?';
ELSE: ':';

PLUS: '+';
LPAR: '(';
RPAR: ')';
LBRACE: '{';
RBRACE: '}';

MONKEYTAIL: '@';
GLOBALPOLICY: 'G';
LOCALPOLICY: 'L';
REJECT: 'REJECT';

start
: expression
;

query
: LBRACE expression QUESTIONMARK expression ELSE expression RBRACE #IfElse
| LBRACE expression QUESTIONMARK expression RBRACE #If
;

expression
: LPAR expression RPAR # Parens
| left=expression PLUS right=expression #ExpressionConcat
| identifier # ExpressionIdentifier
| query #ExpressionQuery
;

identifier: isd as HASH iface ',' iface MONKEYTAIL onepolicy;

isd
: ZERO # WildcardISD
| NUM # ISD
;

as
: WILDCARDAS # WildcardAS
| LEGACYAS # LegacyAS
| AS # AS
;

iface
: ZERO # WildcardIFace
| NUM # IFace
;

onepolicy
: GLOBALPOLICY policyindex # GlobalPolicy
| LOCALPOLICY policyindex # LocalPolicy
| ZERO # WildcardPolicy
| REJECT # Reject
;

policyindex
: NUM # PolicyIndex
;

1 change: 1 addition & 0 deletions antlr/generate.sh
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,4 @@ function generate {

generate traffic_class
generate sequence
generate pathpolicyconstraints
30 changes: 30 additions & 0 deletions antlr/pathpolicyconstraints/BUILD.bazel
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
load("//tools/lint:go.bzl", "go_library")
load("//tools/lint:go_config.bzl", "go_lint_config")
load("@apple_rules_lint//lint:defs.bzl", "package_lint_config")

go_lint_config(
name = "go_lint_config",
exclude_filter = [
"pathpolicyconstraints_parser.go",
],
visibility = [
"//visibility:public",
],
)

package_lint_config({
"go": ":go_lint_config",
})

go_library(
name = "go_default_library",
srcs = [
"pathpolicyconstraints_base_listener.go",
"pathpolicyconstraints_lexer.go",
"pathpolicyconstraints_listener.go",
"pathpolicyconstraints_parser.go",
],
importpath = "github.com/scionproto/scion/antlr/pathpolicyconstraints",
visibility = ["//visibility:public"],
deps = ["@com_github_antlr_antlr4_runtime_go_antlr//:go_default_library"],
)
143 changes: 143 additions & 0 deletions antlr/pathpolicyconstraints/pathpolicyconstraints_base_listener.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,143 @@
// File generated by ANTLR. DO NOT EDIT.

package pathpolicyconstraints // PathPolicyConstraints
import "github.com/antlr/antlr4/runtime/Go/antlr"

// BasePathPolicyConstraintsListener is a complete listener for a parse tree produced by PathPolicyConstraintsParser.
type BasePathPolicyConstraintsListener struct{}

var _ PathPolicyConstraintsListener = &BasePathPolicyConstraintsListener{}

// VisitTerminal is called when a terminal node is visited.
func (s *BasePathPolicyConstraintsListener) VisitTerminal(node antlr.TerminalNode) {}

// VisitErrorNode is called when an error node is visited.
func (s *BasePathPolicyConstraintsListener) VisitErrorNode(node antlr.ErrorNode) {}

// EnterEveryRule is called when any rule is entered.
func (s *BasePathPolicyConstraintsListener) EnterEveryRule(ctx antlr.ParserRuleContext) {}

// ExitEveryRule is called when any rule is exited.
func (s *BasePathPolicyConstraintsListener) ExitEveryRule(ctx antlr.ParserRuleContext) {}

// EnterStart is called when production start is entered.
func (s *BasePathPolicyConstraintsListener) EnterStart(ctx *StartContext) {}

// ExitStart is called when production start is exited.
func (s *BasePathPolicyConstraintsListener) ExitStart(ctx *StartContext) {}

// EnterIfElse is called when production IfElse is entered.
func (s *BasePathPolicyConstraintsListener) EnterIfElse(ctx *IfElseContext) {}

// ExitIfElse is called when production IfElse is exited.
func (s *BasePathPolicyConstraintsListener) ExitIfElse(ctx *IfElseContext) {}

// EnterIf is called when production If is entered.
func (s *BasePathPolicyConstraintsListener) EnterIf(ctx *IfContext) {}

// ExitIf is called when production If is exited.
func (s *BasePathPolicyConstraintsListener) ExitIf(ctx *IfContext) {}

// EnterParens is called when production Parens is entered.
func (s *BasePathPolicyConstraintsListener) EnterParens(ctx *ParensContext) {}

// ExitParens is called when production Parens is exited.
func (s *BasePathPolicyConstraintsListener) ExitParens(ctx *ParensContext) {}

// EnterExpressionIdentifier is called when production ExpressionIdentifier is entered.
func (s *BasePathPolicyConstraintsListener) EnterExpressionIdentifier(ctx *ExpressionIdentifierContext) {
}

// ExitExpressionIdentifier is called when production ExpressionIdentifier is exited.
func (s *BasePathPolicyConstraintsListener) ExitExpressionIdentifier(ctx *ExpressionIdentifierContext) {
}

// EnterExpressionConcat is called when production ExpressionConcat is entered.
func (s *BasePathPolicyConstraintsListener) EnterExpressionConcat(ctx *ExpressionConcatContext) {}

// ExitExpressionConcat is called when production ExpressionConcat is exited.
func (s *BasePathPolicyConstraintsListener) ExitExpressionConcat(ctx *ExpressionConcatContext) {}

// EnterExpressionQuery is called when production ExpressionQuery is entered.
func (s *BasePathPolicyConstraintsListener) EnterExpressionQuery(ctx *ExpressionQueryContext) {}

// ExitExpressionQuery is called when production ExpressionQuery is exited.
func (s *BasePathPolicyConstraintsListener) ExitExpressionQuery(ctx *ExpressionQueryContext) {}

// EnterIdentifier is called when production identifier is entered.
func (s *BasePathPolicyConstraintsListener) EnterIdentifier(ctx *IdentifierContext) {}

// ExitIdentifier is called when production identifier is exited.
func (s *BasePathPolicyConstraintsListener) ExitIdentifier(ctx *IdentifierContext) {}

// EnterWildcardISD is called when production WildcardISD is entered.
func (s *BasePathPolicyConstraintsListener) EnterWildcardISD(ctx *WildcardISDContext) {}

// ExitWildcardISD is called when production WildcardISD is exited.
func (s *BasePathPolicyConstraintsListener) ExitWildcardISD(ctx *WildcardISDContext) {}

// EnterISD is called when production ISD is entered.
func (s *BasePathPolicyConstraintsListener) EnterISD(ctx *ISDContext) {}

// ExitISD is called when production ISD is exited.
func (s *BasePathPolicyConstraintsListener) ExitISD(ctx *ISDContext) {}

// EnterWildcardAS is called when production WildcardAS is entered.
func (s *BasePathPolicyConstraintsListener) EnterWildcardAS(ctx *WildcardASContext) {}

// ExitWildcardAS is called when production WildcardAS is exited.
func (s *BasePathPolicyConstraintsListener) ExitWildcardAS(ctx *WildcardASContext) {}

// EnterLegacyAS is called when production LegacyAS is entered.
func (s *BasePathPolicyConstraintsListener) EnterLegacyAS(ctx *LegacyASContext) {}

// ExitLegacyAS is called when production LegacyAS is exited.
func (s *BasePathPolicyConstraintsListener) ExitLegacyAS(ctx *LegacyASContext) {}

// EnterAS is called when production AS is entered.
func (s *BasePathPolicyConstraintsListener) EnterAS(ctx *ASContext) {}

// ExitAS is called when production AS is exited.
func (s *BasePathPolicyConstraintsListener) ExitAS(ctx *ASContext) {}

// EnterWildcardIFace is called when production WildcardIFace is entered.
func (s *BasePathPolicyConstraintsListener) EnterWildcardIFace(ctx *WildcardIFaceContext) {}

// ExitWildcardIFace is called when production WildcardIFace is exited.
func (s *BasePathPolicyConstraintsListener) ExitWildcardIFace(ctx *WildcardIFaceContext) {}

// EnterIFace is called when production IFace is entered.
func (s *BasePathPolicyConstraintsListener) EnterIFace(ctx *IFaceContext) {}

// ExitIFace is called when production IFace is exited.
func (s *BasePathPolicyConstraintsListener) ExitIFace(ctx *IFaceContext) {}

// EnterGlobalPolicy is called when production GlobalPolicy is entered.
func (s *BasePathPolicyConstraintsListener) EnterGlobalPolicy(ctx *GlobalPolicyContext) {}

// ExitGlobalPolicy is called when production GlobalPolicy is exited.
func (s *BasePathPolicyConstraintsListener) ExitGlobalPolicy(ctx *GlobalPolicyContext) {}

// EnterLocalPolicy is called when production LocalPolicy is entered.
func (s *BasePathPolicyConstraintsListener) EnterLocalPolicy(ctx *LocalPolicyContext) {}

// ExitLocalPolicy is called when production LocalPolicy is exited.
func (s *BasePathPolicyConstraintsListener) ExitLocalPolicy(ctx *LocalPolicyContext) {}

// EnterWildcardPolicy is called when production WildcardPolicy is entered.
func (s *BasePathPolicyConstraintsListener) EnterWildcardPolicy(ctx *WildcardPolicyContext) {}

// ExitWildcardPolicy is called when production WildcardPolicy is exited.
func (s *BasePathPolicyConstraintsListener) ExitWildcardPolicy(ctx *WildcardPolicyContext) {}

// EnterReject is called when production Reject is entered.
func (s *BasePathPolicyConstraintsListener) EnterReject(ctx *RejectContext) {}

// ExitReject is called when production Reject is exited.
func (s *BasePathPolicyConstraintsListener) ExitReject(ctx *RejectContext) {}

// EnterPolicyIndex is called when production PolicyIndex is entered.
func (s *BasePathPolicyConstraintsListener) EnterPolicyIndex(ctx *PolicyIndexContext) {}

// ExitPolicyIndex is called when production PolicyIndex is exited.
func (s *BasePathPolicyConstraintsListener) ExitPolicyIndex(ctx *PolicyIndexContext) {}
Loading

0 comments on commit 17d89ad

Please sign in to comment.