doc: description packet's road in butterfly

Signed-off-by: Thiery Ouattara <[email protected]>

doc/DESCRIPTION.md

@@ -0,0 +1,57 @@
+DESCRIPTION
+
+##Packets come from VM (VHOST)
+
+###Poll:
+
+We collect the brick, its node numbers and the packet generator. We verify if atomic option activated. We collect VM packets and its numbers in the queue. If not packet in the queue it return 0.
+If atomic option activated, we set count to 16384 (this give thread more time) or we set count to 1024. We count and collect all packets size from the queue and build the metadata, and we add packets size to count. We burst packets.
+
+##Packets go to VM (VHOST)
+
+###Burst:
+
+Vhost bricks got all packet, verify if atomic option activated and copy packets in vhosts queue. We count all packets bytes those have been busted and we add this number atomically or not on packet count.
+
+##May be PRINT (SNIFFER)
+
+sniffer score all networks traffic in pcap files (it is optional). We can change the path of pcap files. At the moment we only use pcap files but it possible to display it with FPRINTF().
+For each packet:
+we collect data size, calculate date and time of reception. we verify if segment number upper to 1, we store in a buffer before writing in pcap file. Else we write it directly.
+
+##ANTISPOOF
+
+###Burst:
+
+We let pass packets incoming in VM. If packet go out from VM, we compare packet mac address source with VM mac address. We verify if ARP reverse, simple ARP or IPv6. If all verification are OK we burst packet.
+
+##NPF (FIREWALL)
+
+Firewall analyse only IPv4, IPv6 protocols and let pass no-IP protocols. We collect packets about the source and we verify packets direction (in/out). We iterate packet masque with IPv4/IPv6 protocols and create security rules for packets filtering.
+
+##Maybe SWITCH
+
+Switches are automatically added in network graphs, when two or many VM connected to VTEP bricks with the same VNI. We collect all packet, verify if mac tables are death or not. If yes, we try to rebuild. If rebuild mac table fail, we return an error. We collect packet source address and port, build metadata for each packet. For each no-milicast IP address, we associate mac address to corresponding source port, store it in mac table and burst packets to corresponding ports.
+
+##To VTEP
+
+We collect the communication port between upstream bricks and VTEP. we verify if mac tables are death or not. If yes, we try to rebuild. If rebuild mac table fail, we return an error. we verify if destination IP address is multicast or unicast. If unicast we find corresponding port in mac table. else we collect multicast mac address and create a new multicast IP address. we collect VNI corresponding to communication port, build and arrange needful headers (ip, udp, vxlan ...) for ethernet packets encapsulation to VxLAN packets. we burst packets.
+
+##From VTEP
+
+When VTEP take in encapsulate Vxlan packet, we verify that, is packet correct, is udp protocol, is IP address multicast or not and is outer udp of VxLAN checksum correct.
+For each port:
+we verify if mac tables are death or not. If yes, we try to rebuild. If rebuild mac table fail, we return an error. We compare Vxlan packet VNI with port VNI, if it is OK, we remove packet VxLAN layer, record its mac address to VTEP mac table and get destination ip address. we restore network layers L2,L3 and L3, and we send packet to corresponding port VNI.
+
+##SNIFFER (cf- sniffer)
+
+##NIC
+
+###Burst
+
+We collect packets, its numbers, put them in ethernet device queue  ethernet, we burst packets in the queue on ethernet port  and free memory.
+
+###Poll
+
+We collect packets and its numbers in ethernet device queue, store them in array. We rebuild all metadata for each packet and burst all packets in opposite direction
+