RARE user and assistance email list

[mc36 <>]

my bad, after tring this out on my homenet, i found that what i've suggested 
beforehand was almost the same config...
here is the one that works out to the dataplanes and performs the 
encapsulation as configured:

vrf def polkav
 exit
serv p4 p4
 export-vrf polkav
 exit
int tun1122
 vrf for polkav
 ipv4 address 10.11.22.1 0.0.0.0                   <------------------- all 
zeroes euuals to the default route btw... :)
 exit
ipv4 pbr CORE sequence 10 polka4 polkav

^^^^^^^ that is, no nexthop specified, just the new vrf, and you just allow 
pure ip routing to match to the tunnel's default route... :)

br,
cs




On 8/11/22 10:52, mc36 wrote:
> -------- Forwarded Message --------
> Subject: Re: Access-list by using Freertr/Tofino ASIC
> Date: Thu, 11 Aug 2022 10:51:36 +0200
> From: mc36 <>
> To: Everson Borges <>, rafaelsg <>
>
> hi,
>
> as discussed before briefly, there is no such a knob as pbr2polka in the 
> dataplanes yet as they try to provide as minimal is they need...
>
> AMS0001#show running-config | include pbr
> ipv4 pbr CORE sequence 10 polka4 CORE nexthop 10.11.22.2
>
> AMS0001#
>
> what they can provide are the following:
>
> mc36@noti:~$ cat /nfs/own/web/src/misc/p4lang/forwarder.py | grep pbr4
>                 if cmds[0] == "pbr4norm":
>                 if cmds[0] == "pbr4vrf":
>                 if cmds[0] == "pbr4hop":
>                 if cmds[0] == "pbr4lab":
> mc36@noti:~$
>
> here, as polka will provide a tunnel interface, the best you can do to place 
> it to a fresh new vrf:
>
> vrf def polkav
>    exit
> serv p4 p4
>    export-vrf polkav
>    exit
> int tun1122
>    vrf for polkav
>    ipv4 address 10.11.22.1 255.255.255.0
>    exit
> ipv4 pbr CORE sequence 10 polka4 polkav nexthop 10.11.22.2
>
> this will have the same effect, but expressed in a dataplane friendly way...
>
> br,
> cs
>
>
>
>
> On 8/10/22 17:06, Everson Borges wrote:
> > Hi Csaba, how are you? I hope you are   well. :)
> >
> >
> > I am trying to run Freertr/Tofino and PolKa at the RARE Testbed and am facing 
> > some problems/doubts about it.
> >
> > As you can   see in the attached Figure, we are trying to ping from host 10.1.101.101 to 10.2.101.101. We have set up an access list as described below. However, we are not seeing 
> > the packet being classified by the access-list in the routers (AMS and FRA).
> >
> > sequence 10 permit 17 10.1.101.101 255.255.255.255 all 10.2.101.101 
> > 255.255.255.255 all tos 32
> > sequence 20 permit 6 10.1.101.101 255.255.255.255 all 10.2.101.101 
> > 255.255.255.255 all tos 32
> > sequence 30 permit 1 10.1.101.101 255.255.255.255 all 10.2.101.101 
> > 255.255.255.255 all tos 32
> >
> > We pinged by using the following command:
> > Screen Shot 2022-08-10 at 12.00.59.png
> >
> > After pinging, we tried to see the packet coming at the Amsterdam router by 
> > using the following command:
> >
> > AMS0001#display access-list polka4
> >
> > However, we are not seeing the counter being incremented in the access list. 
> > In my home lab, it works.
> >
> > Do you have any idea what   is going on?     Is there a command that we can 
> > expose the incoming traffic in the routers, such as tcpdump?
> >
> > Best regards,
> > --
> > Att.
> > Everson Scherrer Borges
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#483): https://groups.io/g/freertr/message/483
> Mute This Topic: https://groups.io/mt/92954623/6006518
> Group Owner: 
> Unsubscribe: https://groups.io/g/freertr/unsub []
> -=-=-=-=-=-=-=-=-=-=-=-