Add local ip trap types: icmp and icmpv6

[wendani]

This enables fine policing ICMPv4 and ICMPv6 packets destined to local IPs. Earlier, they are matched as general IP2ME trap type, and are subject to the policer under the IP2ME type.

Another benefit of introducing the trap types is the flexibility to direct ICMPv4 and ICMPv6 to the CPU queue index as desired.

Most importantly, if we have attack leveraging ICMPv4 or ICMPv6 packets, they will not consume the IP2ME bandwidth to sacrifice other normal IP2ME flows as victims, but are isolated to their own rate limiter domain as an attack defense to minimize the impact.

Signed-off-by: Wenda Ni [email protected]

[wendani]

Updated the justification as per yesterday's SAI community meeting discussion @JaiOCP

[lguohan]

it is better to define it as user defined acl trap as not many asic support this packet type as native trap.

[JaiOCP]

it is better to define it as user defined acl trap as not many asic support this packet type as native trap.

ICMP is very standard trap for host processing and needs direct mapping to CPU cosq. HostIF trap is a better place for it.

[JaiOCP]

@rlhui Please merge this PR (its a blocking issue for next SAI release)