Transparent Security is a solution for identify the source devices of a DDoS attack and mitigates the attack in the customer premises or the access network. This solution leverages a P4 based programmable data plane for add in-band network telemetry (INT) for device identification and in-band mitigation.
Cleans up the code so I can start addressing issue #286 - Adding return path config more easily.
Fixes #298
Changes the name of data_inspection_t to add_switch_id_t in core_tna.p4 as it performs the same functions as the same table name add_switch_id_t in aggregate_tna.p4. After changing the name, I updated the controller to add the switch ID rather than letting the tests do it
Fixes #295
Moving the population of the the core_tna.p4 setup_telem_rpt_t table from SDN startup to WS call by tests
Fixes #242
Default tofino architecture is now 'tna' from 'v1model' which we will no longer be supporting
This PR also removes any unnecessary code around the above-mentioned changes including much of the hooks required by mininet
Do you have any concerns with this PR?
Each switch now will send packets without data_forward_t entries directly to port 1 which could be problematic on hardware if each switch is not connected to each other on their configured port 1.
Mininet automation will now completely break.
How can the reviewer verify this PR?
Ensure CI completes
Any background context you want to provide?
Some of this refactoring is to address configuration of the return path hence the name of this branch. As the changes started to get too large, I decided to break up the work into 2 patches.
Screenshots or logs (if appropriate)
Questions:
Have you connected this PR to the issue it resolves? yes, all 3
Does the documentation need an update? no
Does this add new dependencies? no, but removed the hook to downgrade scapy on the snaps-hcp machine as well on this patch
Have you added unit or functional tests for this PR? Just massaged the existing ones a bit
What does this PR do?
Cleans up the code so I can start addressing issue #286 - Adding return path config more easily.
Fixes #298 Changes the name of data_inspection_t to add_switch_id_t in core_tna.p4 as it performs the same functions as the same table name add_switch_id_t in aggregate_tna.p4. After changing the name, I updated the controller to add the switch ID rather than letting the tests do it
Fixes #295 Moving the population of the the core_tna.p4 setup_telem_rpt_t table from SDN startup to WS call by tests
Fixes #242 Default tofino architecture is now 'tna' from 'v1model' which we will no longer be supporting
This PR also removes any unnecessary code around the above-mentioned changes including much of the hooks required by mininet
Do you have any concerns with this PR?
Each switch now will send packets without data_forward_t entries directly to port 1 which could be problematic on hardware if each switch is not connected to each other on their configured port 1.
Mininet automation will now completely break.
How can the reviewer verify this PR?
Ensure CI completes
Any background context you want to provide?
Some of this refactoring is to address configuration of the return path hence the name of this branch. As the changes started to get too large, I decided to break up the work into 2 patches.
Screenshots or logs (if appropriate)
Questions: