doc: description packet's road in butterfly

Signed-off-by: Thiery Ouattara <[email protected]>

doc/DESCRIPTION.md

@@ -0,0 +1,89 @@
+DESCRIPTION
+
+## Packets come from VM (VHOST)
+
+### Poll:
+
+- We collect VM packets in the queue. If not packet in the queue it return.
+- We count and collect all packets from the queue and build they metadata(packets size; layers size and type)
+- We add packets size to the brick packets counter(so yes we can retrieve information about how much packets have been burst/receive).
+- We burst packets.
+
+## Packets go to VM (VHOST)
+
+### Burst:
+- Vhost bricks got all packet
+- Copy packets in vhosts queue.
+- We count all packets bytes that have been busted and we add it to packet count.
+
+## PRINT (SNIFFER)
+
+This brick is optional
+- Sniffer write all networks traffic in pcap files.
+- At this moment we only use pcap files but it possible to display it with FPRINTF().
+- We can change the path of pcap files.
+- For each packet:
+- We collect data size
+- Compute date and time of reception.
+- If packet is segmented we store each segment in a buffer before writing them into the pcap file. otherwise write it directly.
+
+## ANTISPOOF
+
+### Burst:
+
+Antispoof Brick have 2 parameter: a Mac Address and a boolean value "ARP reverse" (recheck that)
+- We let pass incoming packets into VM.
+- If packets are coming from VM:
+- we verify that packet mac address source with Brick mac address are the same
+- We verify if ARP reverse, simple ARP or IPv6. If all verification are OK we burst packet. (recheck that)
+
+
+## NPF (FIREWALL)
+
+Firewall use BPF rules, that can be pass to packetgraph API.
+- We set firewalling rules by converting SG to BPF rule, see (link to better explications about that)
+- Each rules have a direction. (IN/OUT or Both)
+- Firewall analyse only IPv4, IPv6 protocols and let pass no-IP protocols.
+- For each IP packets firewall brick check that packets pass the firewall (configured by butterfly earlier)
+
+## SWITCH
+
+- Switches are automatically added in network graphs when two or more VM connect to VTEP bricks with the same VNI on the same host.
+- If mac tables are death, we try to rebuild them. If it fail, we return an error.
+- We collect packet source address and port, (build metadata for each packet).
+- For each non-multicast mac address, we associate mac address to corresponding source port, store it in mac table and burst packets to corresponding ports.
+- For multicast mac; and unknow one, we burst to all but incoming brick
+
+
+## To VTEP
+
+If mac tables are death, we try to rebuild them. If it fail, we return an error.
+- We verify if destination IP address is multicast or unicast.
+- If unicast we find corresponding port in mac table.
+- Else we collect multicast mac address and create a new multicast IP address.
+- We collect VNI corresponding to communication port, build and arrange needful headers (ip, udp, vxlan ...) VxLAN packets encapsulations.
+- Burst them all.
+
+
+## From VTEP
+
+If mac tables are death, we try to rebuild them. If it fail, we return an error.
+
+for each packet:
+- We compare Vxlan packet VNI with port VNI, if it is OK, we remove packet VxLAN layer, record its mac address to VTEP mac table and get destination ip address.
+- We restore network layers L2,L3 and L3, and we send packet to corresponding port VNI.
+
+## SNIFFER (cf- sniffer)
+
+## NIC
+
+### Burst
+
+- We collect packets, its numbers, put them in ethernet device queue.
+- We burst packets in the queue on ethernet port and free memory.
+
+### Poll
+
+- We collect packets and its numbers in ethernet device queue, store them in array.
+- We rebuild all metadata for each packet and burst all packets in opposite direction
+