cni: move the PBL to punt when VCL is on

This patch moves the PBL to the pod's VRF as it was previously in the main VRF. This will enable pod to self communication respecting the port mapping defined in the annotation. When VCL is enabled on the pod, we add the PBL in the punt table so that traffic is first looked up in VPP's session table, then hits the port lookup in the PBL. This allows using all three (memif,VCL,tuntap) for a single pod. Signed-off-by: Nathan Skrzypczak <[email protected]>
projectcalico · Oct 17, 2023 · 704bbbd · 704bbbd
1 parent 90ffeaa
commit 704bbbd
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 12 deletions.
diff --git a/.gitignore b/.gitignore
@@ -20,6 +20,7 @@ test/vagrant/.vagrant
 
 # macOS
 .DS_Store
+*.bkp
 
 # build artefacts
 calico-vpp-agent/version

diff --git a/calico-vpp-agent/cni/network_vpp.go b/calico-vpp-agent/cni/network_vpp.go
@@ -153,7 +153,8 @@ func (s *Server) AddVppInterface(podSpec *storage.LocalPodSpec, doHostSideConf b
 	 * ourselves in s.podInterfaceMap
 	 */
 	s.removeConflictingContainers(podSpec.ContainerIps, podSpec.NetworkName)
-
+	var swIfIndex uint32
+	var isL3 bool
 	stack := s.vpp.NewCleanupStack()
 	var vni uint32
 	err = s.checkAvailableBuffers(podSpec)
@@ -209,7 +210,7 @@ func (s *Server) AddVppInterface(podSpec *storage.LocalPodSpec, doHostSideConf b
 			goto err
 		}
 	} else {
-		swIfIndex, isL3 := podSpec.GetParamsForIfType(podSpec.DefaultIfType)
+		swIfIndex, isL3 = podSpec.GetParamsForIfType(podSpec.DefaultIfType)
 		if swIfIndex != types.InvalidID {
 			s.log.Infof("pod(add) Default routes to swIfIndex=%d isL3=%t", swIfIndex, isL3)
 			err = s.RoutePodInterface(podSpec, stack, swIfIndex, isL3)
@@ -219,14 +220,14 @@ func (s *Server) AddVppInterface(podSpec *storage.LocalPodSpec, doHostSideConf b
 		} else {
 			s.log.Warn("No default if type for pod")
 		}
+	}
 
-		swIfIndex, isL3 = podSpec.GetParamsForIfType(podSpec.PortFilteredIfType)
-		if swIfIndex != types.InvalidID {
-			s.log.Infof("pod(add) PBL routes to %d l3?:%t", swIfIndex, isL3)
-			err = s.RoutePblPortsPodInterface(podSpec, stack, swIfIndex, isL3)
-			if err != nil {
-				goto err
-			}
+	swIfIndex, isL3 = podSpec.GetParamsForIfType(podSpec.PortFilteredIfType)
+	if swIfIndex != types.InvalidID {
+		s.log.Infof("pod(add) PBL routes to %d l3?:%t", swIfIndex, isL3)
+		err = s.RoutePblPortsPodInterface(podSpec, stack, swIfIndex, isL3)
+		if err != nil {
+			goto err
 		}
 	}
 

diff --git a/calico-vpp-agent/cni/network_vpp_routes.go b/calico-vpp-agent/cni/network_vpp_routes.go
@@ -117,15 +117,19 @@ func (s *Server) RoutePblPortsPodInterface(podSpec *storage.LocalPodSpec, stack
 			})
 		}
 
+		// See docs/drawio/vrfs.drawio
 		client := types.PblClient{
-			ID: vpplink.InvalidID,
-			// TableId:    podSpec.VrfId,
+			ID:         vpplink.InvalidID,
+			TableId:    podSpec.GetVrfId(vpplink.IpFamilyFromIPNet(containerIP)),
 			Addr:       containerIP.IP,
 			Path:       path,
 			PortRanges: portRanges,
 		}
+		if podSpec.EnableVCL {
+			client.TableId = common.PuntTableId
+		}
 
-		vrfId := podSpec.GetVrfId(vpplink.IpFamilyV4) // pbl only supports v4 ?
+		vrfId := podSpec.GetVrfId(vpplink.IpFamilyFromIPNet(containerIP)) // pbl only supports v4 ?
 		s.log.Infof("pod(add) PBL client for %s VRF %d", containerIP.IP, vrfId)
 		pblIndex, err := s.vpp.AddPblClient(&client)
 		if err != nil {

diff --git a/docs/drawio/vrfs.drawio b/docs/drawio/vrfs.drawio
@@ -0,0 +1 @@
+<mxfile host="Electron" modified="2023-10-11T15:40:42.257Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/20.8.10 Chrome/106.0.5249.199 Electron/21.3.5 Safari/537.36" etag="J7iTVJT6-A_H6t-E5FFg" version="20.8.10" type="device"><diagram id="RxcxJ1UT-itXMrFT2446" name="archi">7V1rc9o4F/41mdn9gMfWxZePTZps+27b7ba76Xa/dBww4NTBDDhp0l//ysE3SQdhQDKGTTqzC7IQ+Fyec9HR8Rm+uHv8bRHOp+/TUZScIXv0eIZfnyHkYNtl/8tHnlYjvhesBiaLeFRMqgc+xz+jYtAuRu/jUbTkJmZpmmTxnB8cprNZNMy4sXCxSH/w08Zpwn/rPJxE0sDnYZjIo1/iUTYt7oLa9fibKJ5My2927OLKXVhOLgaW03CU/mgM4cszfLFI02z16u7xIkpy4pV0WX3uas3V6octolnW5gPXf15OLq8uXl+RL/6n73hM58QZlGR+CJP74o6n6TIbZOF8cP3pqvjl2VNJjkV6PxtF+YrOGT7/MY2z6PM8HOZXfzABYGPT7C4pLodJPJmx10P2C6MFG3iIFlnMaPuquJCl+SfGcZJcpEm6eP4KPKKRPyJsfJkt0u9R44qPbrDrsivyrRfUyL8gemwMFaT4LUrvomzxxKYUV93ixguxRLh4/6NmskOKsWmTwSU7w0KwJtXSNe3Zi4L8MCtc/3r4x5enW+f9N3I9vEujb0/fB0jiRDx/IM9cwK/Yl7oJ+wnnNwv2apI9E0Ee0cGtJBpnAK/u4tEoX7cX7MKezC4UQOwKTLELS+z6+OarzJNcm95+PMulhmmTjYiCSfZmJgnEH48jdziEiD/yghs7X3CRZmEWp7NifQ28QB7PDIpkZnjIojI3XFPMIBIz3sWz+0c29EvOgF/304x2sBVG/hhkhTv0o5uxHtpTnvQOgFoupAa+KcpTifLpIp7EszD/5Cy8i3IeRNnU/rUNgjGzYyt4ZURBNHDFty3b4RnjA5yxAc5Q1xBjXIkxTILjYTqYp6PlIJ6rgOjIbXulFirjjjo17p7Ejfn9LHezbpKoA2bcpFmW3h2KH5j6FqIcS4gLIZdjeYDVqPRGO1cc2W5IjBjeLx4qPkSz0as8qMhpnYTLZTzkGRE9xtk/OVAx67d697Vx5fVjgWHPb57KNzN2K/8033ytV8jf1h97fld+bi1jlun9YhipMLu47SxcTKJMNbFwcqIRFyTJjG5wkUIgV4wtooT5Ig98aAVxtfiGj2nM7q2SIxIIjodPrcAjQfXHL7iiQ7FGMzDasKyHazks11qRSlqLCUP41Jg2zycs199BZRZKP9bnYjb2YrViLdIVkfeQctlGM3uV/2PLyeY2Z/a78IbF8dthTBUgLKJl/DMHtkJQC6Kwxen5GX3NRpJ8+fNw+H3yDHMl7MzSWcR7rANCQUlXa7MITFV2oPhRZ80AHAIs23ICijhOlf7+niJMfX5VKshsOh4vo0yQCS1SUJo2fVi3I26VGOk0ELLGSxgj98A62hbregV1HhEwyQksAZLawpsnxM7E84xgmyt4XdS2lb/LRcJ8Vz2fYn5++X3r5vvbTRd/Dd1qOrI7AHJSel61Cmf3DNiSpRxJ/RLP43ku9yn7T5pNGWSzeCwdRapYuM/xlR0EoqFX5B8cB9BNc+kHZAxbazj9yqGpGlu38T/3wNa2fmQpuD0BVyIiiWtbgV3/CQu2BVrHFWIcMbbXBLTYFpzIDcDpUNEAdIFVcn70jxyFPqT5dg66AhKhvXI8A1g11OqvwfG0XdfT40HwTB+4Pr+COU+Tyqy/egtsTkzTu5v75WaTo8GAIEHjCZARInWSAsIc/ZlTOflwcDIRavl8hIJKUDskpeQA9tCUIpRYLuFlCkj5dk2p0sPRntDaJlhrOC/YJ033ZcDwLaeq2ofJ332MFjEjSY73+zopuKWT0q9cFwpyn5dWPgnmha0CtG2dlKog46l6z1R+re+jy2UR8bcLF8SVw6VjyXttk/aqdL7Haa8B4qVOWECLLwLWt8j7Loe2HI4t2Vjid2k4QDr5huyG9kBUxeUjy/E5gRUETYQXkBn7Ft4xFMWULS1HtKW8OZRpuj7M1620gSSMTE6WWTyb5ERP77M8gmRLA0VRy2jxEA+ji7evP62mzNPR6k01eRQ/lLMf4pBd+BA9Zm/SeXmd/eTGlP6ZCVlNlBrdY6vAS2VVi2jeKjiyZ7An3O25F9INTDptXeGe7fsiX6ofoMRTua1tcRJ5bBnSWIb/FpeZYder085CCkXXprCQqsFUr3MMy0KZszoZ51it6T2GwQHm9zMGrpA3NgiE/UvVPfvHHkeQjnNQMKW0lwrVWRLUjz2e/WxGv0yGk1O1xnUG9JxEEX/HzXQaWAQ1HGt+WWp7lkeMGAkxgaK5cAjmvZx3vVmk4WgYLrP+WYi2FuEIqoQGvFgxRghCZc4ilLAGldKzWOp0KuldImXwS6zjzgBRC7syTGmpFIYZ0D+T7CHfCjBHKowsFzUrMg5voZF2C10a2l32PpyzrQLB3Q006pfhRThXKyoGZhWSIaH4rK3hdV1JXanHyaC/b3SmHUqPrO62pQFFR2BAHWFVQei0mM9v+N+/w6+3zuMw+TaeZI+3//72YSAnlv471rNEkDbmE2ML4/0NAcgD2YPpoQF1AtSlxQQJJXsaJ2YwVeLRDGjBee4R2VWUq1Nzv0fQra2sLF5XaItYeBtQ6eohDC7IMdkBPDJ7q9TSF3Mr00b2sIBdvo/pyLphs577Wdi/3EV38fgMnWf3M8WZ5A27gBrstiRoBzmbCRSygYYcPFVu0orL55cZwxR86OvZBeoT0fYjm0gE9gH6Ig1nw0HaylUxgNokab0nXusH82LPymYWGGnQnx34RvN/oIf7/Jd/Ip1ljfHVnz5+CgqDyg2cQ/FTLpg4tMdLPFnqy9D/gB4v0O7odOMzMWVnw/FZuYehPb0Jc0COkA8tq2B6s9NabphSchwrkekEw7NSQDbGZ06/qvnyAC3A6wI0Rzx7uE1EFjSznLyc5mkY1N+IDKgvOIWQrFLNl5gMIA60DwMGZcM6KLu+ePcSkjVCsja2GwzJzBluOdY+mYAMU1x1fDmUD+/IAe82QVmuTFeHCsg645sQeEFuWrdMkyPpI7Nv2uojKaVMrUgOQV5AiM2bH5rTxSZO4LqBT7F4GHkXhtz+Fb+J4g+3lyNv/DG9jIc/k3G5/ybQ/HPxNl1k03SSzsLksh4950W/nvMu17UVh26jLHsqmhOH91kKO9a7HZLczrHWGE1udsULLm12xdvulbT2afbTSvk006FjTCAfgrs9gw5TSs4cSWTq5CDEkslYVq5cgNUuatWlepSFEEe2kyj2UXJE6WpfC6vaLHQ9dpFf+ODhKNADrek69d9aq5W4T+1HGK2FLWpxT9pcBAqUUBabfqfg9Dpevet2KL8XKG07jN3YzfUaXcXJGrbqshite1EoTUtPTAbyfP44BSeQhO56mAKpcpvIMdOnUOz+JfRglU9eCO1hEd9IcO+jF0oBaFqqm0Q2UUkSz5fRZvAKl/PV01HG8WOulBKa+cMIRrMbnxKqCc0IkyNfSIxDXXNs6OEB9ah+OIM2xF/cYM1ucM8q1SlGlu/X4MMf/UX2zifElKAm1r8f3ieWg+X5qmDqmH3iSqN77hMjfg2DPnFfIv0T9djKnFNPwG3VMmGtx+buCG4EMcwM1uxxS5Cpy2ETGkuTLhywEvuMt/R1TktfgHbrYKIe/TfUJc/6NuryhQ5PLrUaFw313is7mZvqvQerj5yCOYFMWwUKe3sVA9vyEJ/X0eNjYOEBE+WXmPcwsLGc0Ja1Z7vUubVCPFXt7eaeSv1K6eTQtD557wn7s+27ixLLwRKi1VUsHeAdFh/t6XaBd3L1xpEVAqh1WgfgMfbzO6BVTdG+smyicRxMD2OJol5jHFQIcBQg59RP8qrQQAi5jwrahE5xqBNXTk4Q9RraGp3iMCz2atXuNdRhXpqxEJgYRD7tneU7bJkpRMCRM6KRB0XAgevh0K2ulE98VxYBaUTPnp1oMBQUC/4ZFYVYV9pIeExOue/Xdp+Pan6kF6xWUCdaqeo3f1bssbQnbj5EZyv81dbGnuEvcgI+1VLlv/fUCaEz5cBEdA0/3BIqDz8k/u6xHWkOf/d7AkjP8Ne1+QQRzUvq0I6oy2J9S1jP95EVBCKMG3JVyYbnKYpRe/lQP7NPxm11EP6Y0FfWEjWa9BpsB8LGj5EG8eDuBAE5+3KMYBP+qrZ6Nm4JtS0P2U6qtt8uEUKsQA1c8nxfK3CBpKK9kc9TlM79jpsbFk/CZ+pxUZtiVNyQZCZPoBiROsQSOu9XTktHxYgqGDyR4nXx0BMbMnbQNr25zeUK2cnKBXt2Z/Mzymwp7NQ3VZL/8mv2x3BylT0Ogr8vrqOHd5+fXg2at1Swq0kE0SstvhPmL/gFsjKtOR6fP5uoOB7/fBc24xGyn4Xh9E7Jr+fFvt3MgKbexk7Og3ehvc3m4SL3nSyxirVNswvO61dIvjoIwcnX7qcfhOgG43qzynAqdOORB18IvLDeYBzkNHDiYQWCR1IxpNT9XpUhl/SsjmCYOJmn0ua+9RDRY3yAs3pieybgMQmmzu2B97Rfj5GzU2r8aIznHrWw/EDXTtl8WlUqKk41w3twXtAr/0E6e+i4luOLVr/10wsDVUkKCgSHVldmX8zKbtpXFeqPEe3AmTjempW8SUFrLTiKmhVHqBwYiM+uN+dvGG+MqylsFTfL5JhVX2cYKEvSyDCV9MSvJz9uf0Zfvi2fLjD++C18fPVmJW+bkiP2Q7yMeblrmzABvxR6NjmUMOHSJaeXIVnPkG1ETaqOBroQmcuPgPdwzCcTt2NTM9sBziub3/bEXTnSdIco41jzCQCYdWBvoaPJXig1s1fZC4/3UlxhBS3OhFI5+5a90GMYiNjmxHWqBl4dxLEwxVEb0//fyFeY4XIegHaYrYC5bGyD5CDpChWjmukKmBb92u84iXyF4fwDzMejfxaZWlV7nXCo+jyWGSoTp2SU6msu4aApCvRFY99pL1qYdvLmRE8KXww5WL53eAdL904B2MBsx3hct2kFjmEpBbEnNtilniXE4AGydj0H4BF5tUBarcuuZEpmGSs5bG9adRQnakIQRMR0zBoQIYA4iqfkd0wVPwwLNqj5FzTupLNMMdDf+SVVzLPkyHPFSM7B7Gew1rXlsjcYJ4PJ4pJRTUPlX/7uJv/8RYbJ+bf3aDl4lQSo9YGJl2SxKjwUXeGgg/CwlNpTShbre5SMzmwxFbLFgidtLhQEmtD3N1u8vW3oY7rYXFf6/iQSS05tDHfKfnI9sQ4vmcRdhfroO4updfUlk6hU344ziTsECYdNJYKOsbkgYUc7sEWvoj3sgCpIOLbmF1Sq4WCIj3azFpQ4FhIenOw5FkaNhm2GggvC3wXx9VoMkONAbHFf3EbHlkKWZaW69roZRcD7GAMqCKMWU6DS4J2LII7qsbC6whPxxBuQujIVm4BMlPeDD2uSDOatdmoSr4yh+2KTfDGGoRb2pB7KfW2I54oN8Yj64AYRw50ujJccwh8yMdbSgJXK3WsDJoQyovOtxX5dPVy/vf7f73fno+nirz/97/8ub74C3vj1xbuz/OeIRmmZDr+fjAmiVGgu4gCBkSODFdZggkA+yH6hrFK11UnZPJ62PCO6NED880y4GoPiZz6PNeaMwuW0sqV72K+2IZVK8HtivaSqeE9AgNb2StycEXf71tirzXjC3i7SNGtOZxo+fZ+OcpC//D8=</diagram></mxfile>
diff --git a/docs/drawio/vrfs.drawio.png b/docs/drawio/vrfs.drawio.png
-Original file line number
+Diff line change
@@ Expand Up / @@ -20,6 +20,7 @@ test/vagrant/.vagrant @@
     # macOS
     .DS_Store
+    *.bkp
     # build artefacts
     calico-vpp-agent/version
@@ Expand Down @@
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		<mxfile host="Electron" modified="2023-10-11T15:40:42.257Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/20.8.10 Chrome/106.0.5249.199 Electron/21.3.5 Safari/537.36" etag="J7iTVJT6-A_H6t-E5FFg" version="20.8.10" type="device"><diagram id="RxcxJ1UT-itXMrFT2446" name="archi">7V1rc9o4F/41mdn9gMfWxZePTZps+27b7ba76Xa/dBww4NTBDDhp0l//ysE3SQdhQDKGTTqzC7IQ+Fyec9HR8Rm+uHv8bRHOp+/TUZScIXv0eIZfnyHkYNtl/8tHnlYjvhesBiaLeFRMqgc+xz+jYtAuRu/jUbTkJmZpmmTxnB8cprNZNMy4sXCxSH/w08Zpwn/rPJxE0sDnYZjIo1/iUTYt7oLa9fibKJ5My2927OLKXVhOLgaW03CU/mgM4cszfLFI02z16u7xIkpy4pV0WX3uas3V6octolnW5gPXf15OLq8uXl+RL/6n73hM58QZlGR+CJP74o6n6TIbZOF8cP3pqvjl2VNJjkV6PxtF+YrOGT7/MY2z6PM8HOZXfzABYGPT7C4pLodJPJmx10P2C6MFG3iIFlnMaPuquJCl+SfGcZJcpEm6eP4KPKKRPyJsfJkt0u9R44qPbrDrsivyrRfUyL8gemwMFaT4LUrvomzxxKYUV93ixguxRLh4/6NmskOKsWmTwSU7w0KwJtXSNe3Zi4L8MCtc/3r4x5enW+f9N3I9vEujb0/fB0jiRDx/IM9cwK/Yl7oJ+wnnNwv2apI9E0Ee0cGtJBpnAK/u4tEoX7cX7MKezC4UQOwKTLELS+z6+OarzJNcm95+PMulhmmTjYiCSfZmJgnEH48jdziEiD/yghs7X3CRZmEWp7NifQ28QB7PDIpkZnjIojI3XFPMIBIz3sWz+0c29EvOgF/304x2sBVG/hhkhTv0o5uxHtpTnvQOgFoupAa+KcpTifLpIp7EszD/5Cy8i3IeRNnU/rUNgjGzYyt4ZURBNHDFty3b4RnjA5yxAc5Q1xBjXIkxTILjYTqYp6PlIJ6rgOjIbXulFirjjjo17p7Ejfn9LHezbpKoA2bcpFmW3h2KH5j6FqIcS4gLIZdjeYDVqPRGO1cc2W5IjBjeLx4qPkSz0as8qMhpnYTLZTzkGRE9xtk/OVAx67d697Vx5fVjgWHPb57KNzN2K/8033ytV8jf1h97fld+bi1jlun9YhipMLu47SxcTKJMNbFwcqIRFyTJjG5wkUIgV4wtooT5Ig98aAVxtfiGj2nM7q2SIxIIjodPrcAjQfXHL7iiQ7FGMzDasKyHazks11qRSlqLCUP41Jg2zycs199BZRZKP9bnYjb2YrViLdIVkfeQctlGM3uV/2PLyeY2Z/a78IbF8dthTBUgLKJl/DMHtkJQC6Kwxen5GX3NRpJ8+fNw+H3yDHMl7MzSWcR7rANCQUlXa7MITFV2oPhRZ80AHAIs23ICijhOlf7+niJMfX5VKshsOh4vo0yQCS1SUJo2fVi3I26VGOk0ELLGSxgj98A62hbregV1HhEwyQksAZLawpsnxM7E84xgmyt4XdS2lb/LRcJ8Vz2fYn5++X3r5vvbTRd/Dd1qOrI7AHJSel61Cmf3DNiSpRxJ/RLP43ku9yn7T5pNGWSzeCwdRapYuM/xlR0EoqFX5B8cB9BNc+kHZAxbazj9yqGpGlu38T/3wNa2fmQpuD0BVyIiiWtbgV3/CQu2BVrHFWIcMbbXBLTYFpzIDcDpUNEAdIFVcn70jxyFPqT5dg66AhKhvXI8A1g11OqvwfG0XdfT40HwTB+4Pr+COU+Tyqy/egtsTkzTu5v75WaTo8GAIEHjCZARInWSAsIc/ZlTOflwcDIRavl8hIJKUDskpeQA9tCUIpRYLuFlCkj5dk2p0sPRntDaJlhrOC/YJ033ZcDwLaeq2ofJ332MFjEjSY73+zopuKWT0q9cFwpyn5dWPgnmha0CtG2dlKog46l6z1R+re+jy2UR8bcLF8SVw6VjyXttk/aqdL7Haa8B4qVOWECLLwLWt8j7Loe2HI4t2Vjid2k4QDr5huyG9kBUxeUjy/E5gRUETYQXkBn7Ft4xFMWULS1HtKW8OZRpuj7M1620gSSMTE6WWTyb5ERP77M8gmRLA0VRy2jxEA+ji7evP62mzNPR6k01eRQ/lLMf4pBd+BA9Zm/SeXmd/eTGlP6ZCVlNlBrdY6vAS2VVi2jeKjiyZ7An3O25F9INTDptXeGe7fsiX6ofoMRTua1tcRJ5bBnSWIb/FpeZYder085CCkXXprCQqsFUr3MMy0KZszoZ51it6T2GwQHm9zMGrpA3NgiE/UvVPfvHHkeQjnNQMKW0lwrVWRLUjz2e/WxGv0yGk1O1xnUG9JxEEX/HzXQaWAQ1HGt+WWp7lkeMGAkxgaK5cAjmvZx3vVmk4WgYLrP+WYi2FuEIqoQGvFgxRghCZc4ilLAGldKzWOp0KuldImXwS6zjzgBRC7syTGmpFIYZ0D+T7CHfCjBHKowsFzUrMg5voZF2C10a2l32PpyzrQLB3Q006pfhRThXKyoGZhWSIaH4rK3hdV1JXanHyaC/b3SmHUqPrO62pQFFR2BAHWFVQei0mM9v+N+/w6+3zuMw+TaeZI+3//72YSAnlv471rNEkDbmE2ML4/0NAcgD2YPpoQF1AtSlxQQJJXsaJ2YwVeLRDGjBee4R2VWUq1Nzv0fQra2sLF5XaItYeBtQ6eohDC7IMdkBPDJ7q9TSF3Mr00b2sIBdvo/pyLphs577Wdi/3EV38fgMnWf3M8WZ5A27gBrstiRoBzmbCRSygYYcPFVu0orL55cZwxR86OvZBeoT0fYjm0gE9gH6Ig1nw0HaylUxgNokab0nXusH82LPymYWGGnQnx34RvN/oIf7/Jd/Ip1ljfHVnz5+CgqDyg2cQ/FTLpg4tMdLPFnqy9D/gB4v0O7odOMzMWVnw/FZuYehPb0Jc0COkA8tq2B6s9NabphSchwrkekEw7NSQDbGZ06/qvnyAC3A6wI0Rzx7uE1EFjSznLyc5mkY1N+IDKgvOIWQrFLNl5gMIA60DwMGZcM6KLu+ePcSkjVCsja2GwzJzBluOdY+mYAMU1x1fDmUD+/IAe82QVmuTFeHCsg645sQeEFuWrdMkyPpI7Nv2uojKaVMrUgOQV5AiM2bH5rTxSZO4LqBT7F4GHkXhtz+Fb+J4g+3lyNv/DG9jIc/k3G5/ybQ/HPxNl1k03SSzsLksh4950W/nvMu17UVh26jLHsqmhOH91kKO9a7HZLczrHWGE1udsULLm12xdvulbT2afbTSvk006FjTCAfgrs9gw5TSs4cSWTq5CDEkslYVq5cgNUuatWlepSFEEe2kyj2UXJE6WpfC6vaLHQ9dpFf+ODhKNADrek69d9aq5W4T+1HGK2FLWpxT9pcBAqUUBabfqfg9Dpevet2KL8XKG07jN3YzfUaXcXJGrbqshite1EoTUtPTAbyfP44BSeQhO56mAKpcpvIMdOnUOz+JfRglU9eCO1hEd9IcO+jF0oBaFqqm0Q2UUkSz5fRZvAKl/PV01HG8WOulBKa+cMIRrMbnxKqCc0IkyNfSIxDXXNs6OEB9ah+OIM2xF/cYM1ucM8q1SlGlu/X4MMf/UX2zifElKAm1r8f3ieWg+X5qmDqmH3iSqN77hMjfg2DPnFfIv0T9djKnFNPwG3VMmGtx+buCG4EMcwM1uxxS5Cpy2ETGkuTLhywEvuMt/R1TktfgHbrYKIe/TfUJc/6NuryhQ5PLrUaFw313is7mZvqvQerj5yCOYFMWwUKe3sVA9vyEJ/X0eNjYOEBE+WXmPcwsLGc0Ja1Z7vUubVCPFXt7eaeSv1K6eTQtD557wn7s+27ixLLwRKi1VUsHeAdFh/t6XaBd3L1xpEVAqh1WgfgMfbzO6BVTdG+smyicRxMD2OJol5jHFQIcBQg59RP8qrQQAi5jwrahE5xqBNXTk4Q9RraGp3iMCz2atXuNdRhXpqxEJgYRD7tneU7bJkpRMCRM6KRB0XAgevh0K2ulE98VxYBaUTPnp1oMBQUC/4ZFYVYV9pIeExOue/Xdp+Pan6kF6xWUCdaqeo3f1bssbQnbj5EZyv81dbGnuEvcgI+1VLlv/fUCaEz5cBEdA0/3BIqDz8k/u6xHWkOf/d7AkjP8Ne1+QQRzUvq0I6oy2J9S1jP95EVBCKMG3JVyYbnKYpRe/lQP7NPxm11EP6Y0FfWEjWa9BpsB8LGj5EG8eDuBAE5+3KMYBP+qrZ6Nm4JtS0P2U6qtt8uEUKsQA1c8nxfK3CBpKK9kc9TlM79jpsbFk/CZ+pxUZtiVNyQZCZPoBiROsQSOu9XTktHxYgqGDyR4nXx0BMbMnbQNr25zeUK2cnKBXt2Z/Mzymwp7NQ3VZL/8mv2x3BylT0Ogr8vrqOHd5+fXg2at1Swq0kE0SstvhPmL/gFsjKtOR6fP5uoOB7/fBc24xGyn4Xh9E7Jr+fFvt3MgKbexk7Og3ehvc3m4SL3nSyxirVNswvO61dIvjoIwcnX7qcfhOgG43qzynAqdOORB18IvLDeYBzkNHDiYQWCR1IxpNT9XpUhl/SsjmCYOJmn0ua+9RDRY3yAs3pieybgMQmmzu2B97Rfj5GzU2r8aIznHrWw/EDXTtl8WlUqKk41w3twXtAr/0E6e+i4luOLVr/10wsDVUkKCgSHVldmX8zKbtpXFeqPEe3AmTjempW8SUFrLTiKmhVHqBwYiM+uN+dvGG+MqylsFTfL5JhVX2cYKEvSyDCV9MSvJz9uf0Zfvi2fLjD++C18fPVmJW+bkiP2Q7yMeblrmzABvxR6NjmUMOHSJaeXIVnPkG1ETaqOBroQmcuPgPdwzCcTt2NTM9sBziub3/bEXTnSdIco41jzCQCYdWBvoaPJXig1s1fZC4/3UlxhBS3OhFI5+5a90GMYiNjmxHWqBl4dxLEwxVEb0//fyFeY4XIegHaYrYC5bGyD5CDpChWjmukKmBb92u84iXyF4fwDzMejfxaZWlV7nXCo+jyWGSoTp2SU6msu4aApCvRFY99pL1qYdvLmRE8KXww5WL53eAdL904B2MBsx3hct2kFjmEpBbEnNtilniXE4AGydj0H4BF5tUBarcuuZEpmGSs5bG9adRQnakIQRMR0zBoQIYA4iqfkd0wVPwwLNqj5FzTupLNMMdDf+SVVzLPkyHPFSM7B7Gew1rXlsjcYJ4PJ4pJRTUPlX/7uJv/8RYbJ+bf3aDl4lQSo9YGJl2SxKjwUXeGgg/CwlNpTShbre5SMzmwxFbLFgidtLhQEmtD3N1u8vW3oY7rYXFf6/iQSS05tDHfKfnI9sQ4vmcRdhfroO4updfUlk6hU344ziTsECYdNJYKOsbkgYUc7sEWvoj3sgCpIOLbmF1Sq4WCIj3azFpQ4FhIenOw5FkaNhm2GggvC3wXx9VoMkONAbHFf3EbHlkKWZaW69roZRcD7GAMqCKMWU6DS4J2LII7qsbC6whPxxBuQujIVm4BMlPeDD2uSDOatdmoSr4yh+2KTfDGGoRb2pB7KfW2I54oN8Yj64AYRw50ujJccwh8yMdbSgJXK3WsDJoQyovOtxX5dPVy/vf7f73fno+nirz/97/8ub74C3vj1xbuz/OeIRmmZDr+fjAmiVGgu4gCBkSODFdZggkA+yH6hrFK11UnZPJ62PCO6NED880y4GoPiZz6PNeaMwuW0sqV72K+2IZVK8HtivaSqeE9AgNb2StycEXf71tirzXjC3i7SNGtOZxo+fZ+OcpC//D8=</diagram></mxfile>