Mapping Services to Rules

The application must maintain a mapping between ID and policy rules for either of the following service set styles:

In the sample application, the management daemon performs the following actions to create this mapping:

The data daemon, upon receiving the configuration from the management daemon, creates the policy database with the following mappings:

         Service set ID ---- Rules -- Direction
         Subunit ID ----- Service set ID --- Rules -- Direction

More information about the policy database on the PIC is in Using the Database on the PIC.

Creating the Rule Database

The management daemon creates a linked list of entries that associate service sets with rules, using the jnx_flow_svc_set_list_t structure, which is defined as follows in the file jnx-flow-mgmt_svc_set.h:

typedef struct jnx_flow_svc_set_list_s {

    struct jnx_flow_svc_set_list_s*     next;
    uint32_t                            is_jnx_flow;
    uint32_t                            rule_index;
    jnx_flow_svc_set_t                  svc_set;
    jnx_flow_svc_set_node_t            *svc_set_node;
    jnx_flow_config_type_t              op_type;
    jnx_flow_rule_name_list_t          *rule_list;

The structures referenced by jnx_flow_svc_set_list_t lead to nodes in the patricia tree that contains the database:

typedef struct jnx_flow_svc_set_node_s {
         patnode                node;
         jnx_flow_svc_set_t     svc_set;
         nh_idx_t               in_nh_idx;
         nh_idx_t               out_nh_idx;
         u_int16_t              svc_set_id;
      }  jnx_flow_svc_set_node_t;

typedef struct jnx_flow_rule_name_list_s {
          struct jnx_flow_rule_name_list_s*   next;
          jnx_flow_config_type_t              op_type; /* used in service set rule set */
          u_int32_t                           rule_index;
          char                                rule_name[JNX_FLOW_STR_SIZE];
          jnx_flow_rule_node_t*               rule_node;

typedef struct jnx_flow_rule_node_s {    
          patnode                 node;
          jnx_flow_rule_t         rule;
          u_int16_t               rule_id;
          u_int8_t                use_count;
      } jnx_flow_rule_node_t;

Subsequent code references jnx_flow_svc_set_list_t to add new service sets and rules. The functions jnx_flow_parse_service_set() and jnx_flow_parse_service_set_rules() ( in the file jnx-mgmt-svc_set.c) populate the structure after reading the configuration.

Extracting the Service Set Information

2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:26:47 2010 for Juniper Networks Partner Solution Development Platform JUNOS SDK 10.2R1 by Doxygen 1.4.5