maple table: IACL
Details
- Name
- IACL
- Feature
- TABLE_ACCESS
- Type
- 1
- Entries
- 1536
- Data width
- 576
- Control register
- TBL_ACCESS_CTRL_0
- Data register
- TBL_ACCESS_DATA_0
Description
A rule entry for ingress ACL rules
This ACL rule can be used to match packets. It seems usable to do traffic policing but also L3 forwarding to the NEXTHOP DMAC entries (via Rule UNICAST_ROUTING).
Fields
| Name | LSB | Bits | Description |
|---|---|---|---|
| FIELD_11 | 560 | 16 |
First field of the fields with user-definable content. The meaning of these fields depend on the template number that is associated with the rule-block this rule is in. Rule blocks are always 128 rules large on all SoCs and can have 2 to 3 possible templates associated, which are selected by the TID (Template ID) of a rule, so that rules in a block can have different templates. Some templates (the first 5 on RTL8380) are pre-configured on the SoCs, the other can be configured by the users through the template configuration registers. A template will for example specify that FIELD_0 is bits 0-15 of the destination IP, FIELD_1 is bits 16-31, FIELD_2 is the L4 TCP destination port etc. Note that complex rules apply which fields can hold which type of data. |
| FIELD_10 | 544 | 16 |
|
| FIELD_9 | 528 | 16 |
|
| FIELD_8 | 512 | 16 |
|
| FIELD_7 | 496 | 16 |
|
| FIELD_6 | 480 | 16 |
|
| FIELD_5 | 464 | 16 |
|
| FIELD_4 | 448 | 16 |
|
| FIELD_3 | 432 | 16 |
|
| FIELD_2 | 416 | 16 |
|
| FIELD_1 | 400 | 16 |
|
| FIELD_0 | 384 | 16 |
Last field of the fields with user-definable content. |
| SPMMASK_FIX | 374 | 2 |
First entry in the fixed ACL fields. |
| SPN | 368 | 6 |
Source Port Number packet arrived on |
| MGNT_VLAN | 367 | 1 |
Packet arrived on management VLAN |
| DMAC_HIT_SW | 366 | 1 |
The Destination MAC of the packet is one of the device’s |
| NOT_FIRST_FRAG | 365 | 1 |
|
| FRAME_TYPE_L4 | 362 | 3 |
0: UDP, 1: TCP, 2: ICMP/ICMPv6, 3: IGMP |
| FRAME_TYPE | 360 | 2 |
0: ARP, 1: L2 only, 2: IPv4, 3: IPv6 |
| OTAG_FMT | 359 | 1 |
0: outer tag packet, 1: outer priority tag or untagged |
| ITAG_FMT | 358 | 1 |
0: inner tag packet, 1: inner priority tag or untagged |
| OTAG_EXIST | 357 | 1 |
1: packet with outer tag |
| ITAG_EXIST | 356 | 1 |
1: packet with inner tag |
| FRAME_TYPE_L2 | 354 | 2 |
0: Ethernet, 1: LLC_SNAP, 2: LLC_Other, 3: Reserved |
| TID | 352 | 2 |
Last entry in the fixed ACL fields. |
| BMSK_FIELD_11 | 336 | 16 |
First field of the user-definable content fields. Bitmask for this. |
| BMSK_FIELD_10 | 320 | 16 |
|
| BMSK_FIELD_9 | 304 | 16 |
|
| BMSK_FIELD_8 | 288 | 16 |
|
| BMSK_FIELD_7 | 272 | 16 |
|
| BMSK_FIELD_6 | 256 | 16 |
|
| BMSK_FIELD_5 | 240 | 16 |
|
| BMSK_FIELD_4 | 224 | 16 |
|
| BMSK_FIELD_3 | 208 | 16 |
|
| BMSK_FIELD_2 | 192 | 16 |
|
| BMSK_FIELD_1 | 176 | 16 |
|
| BMSK_FIELD_0 | 160 | 16 |
Last field of the user-definable content fields. Bitmask for this. |
| BMSK_SPMMASK_FIX | 150 | 2 |
First entry in the fixed field ACL entry matching bitmask. |
| BMSK_SPN | 144 | 6 |
|
| BMSK_MGNT_VLAN | 143 | 1 |
|
| BMSK_DMAC_HIT_SW | 142 | 1 |
|
| BMSK_NOT_FIRST_FRAG | 141 | 1 |
|
| BMSK_FRAME_TYPE_L4 | 138 | 3 |
|
| BMSK_FRAME_TYPE | 136 | 2 |
|
| BMSK_OTAG_FMT | 135 | 1 |
|
| BMSK_ITAG_FMT | 134 | 1 |
|
| BMSK_OTAG_EXIST | 133 | 1 |
|
| BMSK_ITAG_EXIST | 132 | 1 |
|
| BMSK_FRAME_TYPE_L2 | 130 | 2 |
|
| BMSK_TID | 128 | 2 |
Last entry in the fixed field ACL entry matching bitmask. |
| VALID | 127 | 1 |
This templated rule is active. |
| NOT | 126 | 1 |
Matches when the matching conditions do NOT match. |
| AND1 | 125 | 1 |
And match conditions of this rule 2n with the next rule 2n+1 in same block |
| AND2 | 124 | 1 |
And matching conditions of this rule m in block 2n with rule m in block 2n+1 |
| IVALID | 123 | 1 |
|
| AIF4 | 96 | 9 |
Fields holding metadata for actions. Actions are performed according to their order in the rule, drop is first. Data for the action is in Fields AIF0-AIF4, the first action that is active uses the data in AIF0, the next one in AIF1 and so on. |
| AIF3 | 80 | 10 |
|
| AIF2 | 64 | 14 |
|
| AIF1 | 48 | 14 |
|
| AIF0 | 32 | 16 |
Data for the first active action apart from drop (does not need any additional data). For example a Forwarding action: Type of forwarding action = (field_value >> 13) & 0x7 Actions are 0: PERMIT, 1: DROP, 2: COPY_TO_PORTID, 3: COPY_TO_PORTMASK, 4: REDIRECT_TO_PORTID, 5: REDIRECT_TO_PORTMASK, 6:UNICAST_ROUTING, 7: VLAN_LEAKY The target of the action is in the other bits of the field value, such as the port-id to forward to or the DMAC entry in the nexthop table for UNICAST_ROUTING. |
| DROP | 14 | 2 |
DROP action: various ways to drop the packet, 1 is normal kind |
| FWD_SEL | 13 | 1 |
Forward packet: to port, portmask, dest route, next rule, drop |
| OVID_SEL | 12 | 1 |
Perform action on OVID (Outer VLAN-ID) |
| IVID_SEL | 11 | 1 |
Perform action on IVID (Inner VLAN-ID) |
| FLT_SEL | 10 | 1 |
Apply a filter to the packet |
| LOG_SEL | 9 | 1 |
Log this packet in one of the log counters in the LOG table |
| RMK_SEL | 8 | 1 |
Remark the packet with a different priority |
| METER_SEL | 7 | 1 |
Apply a rate meter to this packet |
| TAGST_SEL | 6 | 1 |
Changes the egress tag. |
| MIR_SEL | 5 | 1 |
Mirror the packet to one of the Link Aggregation Groups |
| NORPRI_SEL | 4 | 1 |
Change the normal priority. |
| CPUPRI_SEL | 3 | 1 |
Change the CPU priority. |
| OTPID_SEL | 2 | 1 |
Change outer Tag Protocol Identifier (802.1q) |
| ITPID_SEL | 1 | 1 |
Change inner Tag Protocol Identifier (802.1q) |
| SHAPER_SEL | 0 | 1 |
Apply a traffic shaper. |