policy_map

Policy map manipulation.

This module permits the manipulation of policy maps used in the creation of service policies that can be applied to one or more types of hardware features, beginning with Policy Based Routing (PBR).

Policy maps for PBR (policy based routing) can match rules of either an IPv4 access list (including both source, destination addresses and all normal ACL flags) or any MPLS traffic.

Policy maps are constructed by key (consisting of a name and a feature, only eos::POLICY_FEATURE_PBR is presently supported), and the above rules are configured using the policy_map_mgr. For example, to source route traffic matching the existing ACL “netblock-fe” for a PBR policy named “src-routing-fe”, use this code in a handler with access to the policy_map_mgr object as policy_map_mgr() in scope.

   eos::policy_map_key_t pm_key("src-routing-fe", eos::POLICY_FEATURE_PBR);
   eos::acl_key_t acl_key("netblock-fe", eos::ACL_TYPE_IPV4);
   eos::class_map_t cm(pm_key);
   eos::class_map_rule_t cm_rule(acl_key);
   eos::policy_map_t pm(pm_key);
   eos::policy_map_rule_t pm_rule(pm_key);
   eos::policy_map_action_t action(eos::POLICY_ACTION_NEXTHOP_GROUP);
   action.nexthop_group_name_is("nhg-fe");
   pm_rule.action_set(action);
   cm.rule_set(1, cm_rule);
   pm.rule_set(1, pm_rule);
   policy_map_mgr()->policy_map_is(pm);
   // Apply to Ethernet3/1 (PBR policies are always applied ACL_IN (inbound).
   policy_map_mgr()->policy_map_apply(pm_key, eos::intf_id_t("Ethernet3/1"),
                                      eos::ACL_IN, true);

To instead program that same policy matching MPLS traffic instead of an IPv4 ACL, use the following pattern, noting that we explicitly supply a new class map key referring to the special eos::CLASS_MAP_MPLS_ANY name and skip binding the ACL to the class map entirely:

   eos::policy_map_key_t pm_key("src-routing-fe", eos::POLICY_FEATURE_PBR);
   eos::class_map_key_t cm_key(eos::CLASS_MAP_MPLS_ANY, eos::POLICY_FEATURE_PBR);
   eos::class_map_t cm(cm_key);
   eos::policy_map_rule_t pm_rule(cm_key);
   eos::policy_map_action_t action(eos::POLICY_ACTION_NEXTHOP_GROUP);
   action.nexthop_group_name_is("nhg-fe");
   pm_rule.action_set(action);
   cm.rule_set(1, cm_rule);
   pm.rule_set(1, pm_rule);
   policy_map_mgr()->policy_map_is(pm);
   // Finally, apply the policy as before

A valid policy map may have either:

1. One or more rules matching class maps matching one or more IPv4 ACLs. 2. A single policy map rule matching eos::CLASS_MAP_MPLS_ANY class, which itself may have only a single action

Using both “IP ACL” and “MPLS any” modes in the same policy map is not supported, and a eos::configuration_error will be thrown by the policy map when attempting to set both rules, or attempting to set more than one eos::CLASS_MAP_MPLS_ANY class map match rule per policy map.

template <>

struct policy_map_action_t >

Public Functions

size_t operator()(eos::policy_map_action_t const &) const

template <>

struct policy_map_key_t >

Public Functions

size_t operator()(eos::policy_map_key_t const &) const

namespace eos

class policy_map_iter_t

#include <policy_map.h>

An iterator providing forwards only iteration over collections of policy maps.

Private Functions

policy_map_iter_t(policy_map_iter_impl * const)

Friends

friend class policy_map_iter_impl

class policy_map_handler

#include <policy_map.h>

Event handler for policy feature specific events.

Callbacks about failures to program policy features into hardware are reported via this handler.

Public Functions

policy_map_handler(policy_map_mgr *)

Constructs a policy map handler for the supplied policy hardware feature.

policy_map_mgr * get_policy_map_mgr() const

Returns a pointer to the policy map manager for use in a derived handler.

void watch_policy_map(policy_map_key_t const & key, bool interest)

Registers to receive updates on changes to this policy feature.

Parameters

• key -

  The policy feature to receive notifications for

• watch -

  Receives notifications if and only if true.

virtual void on_policy_map_sync(policy_map_key_t const &)

Callback fired upon successful policy map application.

Parameters

• policy_map_key_t -

  The key identifying the updated policy map.

virtual void on_policy_map_sync_fail(policy_map_key_t const &, std::string const & message)

Callback fired when policy map commit or apply operations failed.

Parameters

• policy_map_key_t -

  The policy map which failed to update.

• message -

  An error message which may be the empty string.

Protected Attributes

policy_map_mgr * policy_map_mgr_

policy_feature_t feature_

class policy_map_mgr

#include <policy_map.h>

EOS policy map manager.

The policy manager provides access to policy-map management, as well as policy map application to interfaces.

Public Functions

virtual ~policy_map_mgr()

virtual void resync_init() = 0

Resync

virtual void resync_complete() = 0

Completes any underway resync operation.

virtual bool exists(policy_map_key_t const & key) const = 0

Returns true if and only if the provided policy map key is configured.

virtual policy_map_t policy_map(policy_map_key_t const & key) const = 0

virtual void policy_map_is(policy_map_t const & policy_map) = 0

virtual void policy_map_del(policy_map_key_t const & key) = 0

virtual policy_map_iter_t policy_map_iter(policy_feature_t) const = 0

Provides iteration over the configured policy maps for a feature.

virtual void policy_map_apply(policy_map_key_t const &, intf_id_t, acl_direction_t, bool apply) = 0

Applies or unapplies the policy map to an interface in a direction.

Protected Functions

policy_map_mgr()

Private Members

policy_map_mgr

Friends

friend class policy_map_handler

namespace std

STL namespace.

template <>

struct policy_map_action_t >

Public Functions

size_t operator()(eos::policy_map_action_t const &) const

template <>

struct policy_map_key_t >

Public Functions

size_t operator()(eos::policy_map_key_t const &) const

Type definitions in policy_map

Warning

doxygenfile: Found multiple matches for file “eos/types/policy_map.h