MAP: Add API support for MAP input feature.

Change-Id: I336919a1d3a9d1b404e375a30575cce5e5335137
Signed-off-by: Jon Loeliger <jdl@netgate.com>

4 files changed, 216 insertions, 0 deletions

diff --git a/src/plugins/map/map.api b/src/plugins/map/map.api
index 78e7bec2c0b..752d1b55d9c 100644
--- a/src/plugins/map/map.api
+++ b/src/plugins/map/map.api
@@ -125,6 +125,22 @@ define map_rule_details
   u16 psid;
 };
 
+/** \brief Enable or disable a MAP interface
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param sw_if_index - 
+    @param is_enable - 0=disable, 1=enable interface
+    @param is_translation -  0=encapsulation, 1=translation
+*/
+autoreply define map_if_enable_disable
+{
+  u32 client_index;
+  u32 context;
+  u32 sw_if_index;
+  bool is_enable;
+  bool is_translation; /* 0 - encapsulation, 1 - translation */
+};
+
 /** \brief Request for a single block of summary stats
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
@@ -264,6 +280,19 @@ autoreply define map_param_set_traffic_class
 };
 
 
+/** \brief Set MAP TCP parammeters
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @parma tcp_mss - TCP MSS clamping value
+*/
+autoreply define map_param_set_tcp
+{
+  u32 client_index;
+  u32 context;
+  u16 tcp_mss;
+};
+
+
 /** \brief Request for a single block of MAP parameters
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
diff --git a/src/plugins/map/map.c b/src/plugins/map/map.c
index 8156ec835a8..307b7a97cfc 100644
--- a/src/plugins/map/map.c
+++ b/src/plugins/map/map.c
@@ -1169,6 +1169,9 @@ show_map_stats_command_fn (vlib_main_t * vm, unformat_input_t * input,
   else
     vlib_cli_output (vm, "MAP traffic-class: %x", mm->tc);
 
+  if (mm->tcp_mss)
+    vlib_cli_output (vm, "MAP TCP MSS clamping: %u", mm->tcp_mss);
+
   vlib_cli_output (vm,
 		   "MAP IPv6 inbound security check: %s, fragmented packet security check: %s",
 		   mm->sec_check ? "enabled" : "disabled",
@@ -1329,6 +1332,56 @@ map_params_reass_command_fn (vlib_main_t * vm, unformat_input_t * input,
 }
 
 
+static clib_error_t *
+map_if_command_fn (vlib_main_t * vm,
+		   unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+  unformat_input_t _line_input, *line_input = &_line_input;
+  clib_error_t *error = NULL;
+  bool is_enable = true, is_translation = false;
+  vnet_main_t *vnm = vnet_get_main ();
+  u32 sw_if_index = ~0;
+
+  /* Get a line of input. */
+  if (!unformat_user (input, unformat_line_input, line_input))
+    return 0;
+
+  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat
+	  (line_input, "%U", unformat_vnet_sw_interface, vnm, &sw_if_index))
+	;
+      else if (unformat (line_input, "del"))
+	is_enable = false;
+      else if (unformat (line_input, "map-t"))
+	is_translation = true;
+      else
+	{
+	  error = clib_error_return (0, "unknown input `%U'",
+				     format_unformat_error, line_input);
+	  goto done;
+	}
+    }
+
+done:
+  unformat_free (line_input);
+
+  if (sw_if_index == ~0)
+    {
+      error = clib_error_return (0, "unknown interface");
+      return error;
+    }
+
+  int rv = map_if_enable_disable (is_enable, sw_if_index, is_translation);
+  if (rv)
+    {
+      error = clib_error_return (0, "failure enabling MAP on interface");
+    }
+
+  return error;
+}
+
+
 /*
  * packet trace format function
  */
@@ -1913,6 +1966,45 @@ map_ip6_reass_conf_buffers (u32 buffers)
   return 0;
 }
 
+static clib_error_t *
+map_tcp_mss_command_fn (vlib_main_t * vm,
+			unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+  unformat_input_t _line_input, *line_input = &_line_input;
+  clib_error_t *error = NULL;
+  u32 tcp_mss = 0;
+
+  /* Get a line of input. */
+  if (!unformat_user (input, unformat_line_input, line_input))
+    return 0;
+
+  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat (line_input, "%u", &tcp_mss))
+	;
+      else
+	{
+	  error = clib_error_return (0, "unknown input `%U'",
+				     format_unformat_error, line_input);
+	  goto done;
+	}
+    }
+
+  if (tcp_mss >= (0x1 << 16))
+    {
+      error = clib_error_return (0, "invalid value `%u'", tcp_mss);
+      goto done;
+    }
+
+  map_param_set_tcp (tcp_mss);
+
+done:
+  unformat_free (line_input);
+
+  return error;
+}
+
+
 /* *INDENT-OFF* */
 
 /*?
@@ -1949,6 +2041,22 @@ VLIB_CLI_COMMAND(map_traffic_class_command, static) = {
 };
 
 /*?
+ * TCP MSS clamping
+ *
+ * @cliexpar
+ * @cliexstart{map params tcp-mss}
+ *
+ * This command is used to set the TCP MSS in translated
+ * or encapsulated packets.
+ * @cliexend
+ ?*/
+VLIB_CLI_COMMAND(map_tcp_mss_command, static) = {
+  .path = "map params tcp-mss",
+  .short_help = "map params tcp-mss <value>",
+  .function = map_tcp_mss_command_fn,
+};
+
+/*?
  * Bypass IP4/IP6 lookup
  *
  * @cliexpar
@@ -2124,6 +2232,16 @@ VLIB_CLI_COMMAND(show_map_fragments_command, static) = {
   .function = show_map_fragments_command_fn,
 };
 
+/*?
+ * Enable MAP processing on interface (input feature)
+ *
+ ?*/
+VLIB_CLI_COMMAND(map_if_command, static) = {
+  .path = "map interface",
+  .short_help = "map interface <interface-name> [map-t] [del]",
+  .function = map_if_command_fn,
+};
+
 VLIB_PLUGIN_REGISTER() = {
   .version = VPP_BUILD_VER,
   .description = "Mapping of address and port (MAP)",
diff --git a/src/plugins/map/map.h b/src/plugins/map/map.h
index 21baf73678a..5b8aef4e872 100644
--- a/src/plugins/map/map.h
+++ b/src/plugins/map/map.h
@@ -40,6 +40,8 @@ int map_create_domain (ip4_address_t * ip4_prefix, u8 ip4_prefix_len,
 int map_delete_domain (u32 map_domain_index);
 int map_add_del_psid (u32 map_domain_index, u16 psid, ip6_address_t * tep,
 		      u8 is_add);
+int map_if_enable_disable (bool is_enable, u32 sw_if_index,
+			   bool is_translation);
 u8 *format_map_trace (u8 * s, va_list * args);
 
 int map_param_set_fragmentation (bool inner, bool ignore_df);
@@ -51,6 +53,7 @@ int map_param_set_reassembly (bool is_ipv6, u16 lifetime_ms,
 			      u32 * reass, u32 * packets);
 int map_param_set_security_check (bool enable, bool fragments);
 int map_param_set_traffic_class (bool copy, u8 tc);
+int map_param_set_tcp (u16 tcp_mss);
 
 
 typedef enum
@@ -265,6 +268,8 @@ typedef struct {
   bool sec_check_frag;		/* Inbound security check for (subsequent) fragments */
   bool icmp6_enabled;		/* Send destination unreachable for security check failure */
 
+  u16 tcp_mss;			/* TCP MSS clamp value */
+
   /* ICMPv6 -> ICMPv4 relay parameters */
   ip4_address_t icmp4_src_address;
   vlib_simple_counter_main_t icmp_relayed;
diff --git a/src/plugins/map/map_api.c b/src/plugins/map/map_api.c
index 5133893a11c..ac1665e5384 100644
--- a/src/plugins/map/map_api.c
+++ b/src/plugins/map/map_api.c
@@ -526,6 +526,29 @@ static void
 }
 
 
+int
+map_param_set_tcp (u16 tcp_mss)
+{
+  map_main_t *mm = &map_main;
+
+  mm->tcp_mss = tcp_mss;
+
+  return 0;
+}
+
+
+static void
+vl_api_map_param_set_tcp_t_handler (vl_api_map_param_set_tcp_t * mp)
+{
+  map_main_t *mm = &map_main;
+  vl_api_map_param_set_tcp_reply_t *rmp;
+  int rv = 0;
+
+  map_param_set_tcp (ntohs (mp->tcp_mss));
+  REPLY_MACRO (VL_API_MAP_PARAM_SET_TCP_REPLY);
+}
+
+
 static void
 vl_api_map_param_get_t_handler (vl_api_map_param_get_t * mp)
 {
@@ -581,12 +604,52 @@ vl_api_map_param_get_t_handler (vl_api_map_param_get_t * mp)
 }
 
 
+int
+map_if_enable_disable (bool is_enable, u32 sw_if_index, bool is_translation)
+{
+  if (is_translation == false)
+    {
+      vnet_feature_enable_disable ("ip4-unicast", "ip4-map", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+      vnet_feature_enable_disable ("ip6-unicast", "ip6-map", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+    }
+  else
+    {
+      vnet_feature_enable_disable ("ip4-unicast", "ip4-map-t", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+      vnet_feature_enable_disable ("ip6-unicast", "ip6-map-t", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+    }
+  return 0;
+}
+
+
+static void
+vl_api_map_if_enable_disable_t_handler (vl_api_map_if_enable_disable_t * mp)
+{
+  map_main_t *mm = &map_main;
+  vl_api_map_if_enable_disable_reply_t *rmp;
+  int rv = 0;
+
+  VALIDATE_SW_IF_INDEX (mp);
+
+  rv =
+    map_if_enable_disable (mp->is_enable, htonl (mp->sw_if_index),
+			   mp->is_translation);
+
+  BAD_SW_IF_INDEX_LABEL;
+  REPLY_MACRO (VL_API_MAP_IF_ENABLE_DISABLE_REPLY);
+}
+
+
 #define foreach_map_plugin_api_msg		\
 _(MAP_ADD_DOMAIN, map_add_domain)		\
 _(MAP_DEL_DOMAIN, map_del_domain)		\
 _(MAP_ADD_DEL_RULE, map_add_del_rule)		\
 _(MAP_DOMAIN_DUMP, map_domain_dump)		\
 _(MAP_RULE_DUMP, map_rule_dump)			\
+_(MAP_IF_ENABLE_DISABLE, map_if_enable_disable)	\
 _(MAP_SUMMARY_STATS, map_summary_stats)		\
 _(MAP_PARAM_SET_FRAGMENTATION, map_param_set_fragmentation)	\
 _(MAP_PARAM_SET_ICMP, map_param_set_icmp)	\
@@ -595,6 +658,7 @@ _(MAP_PARAM_ADD_DEL_PRE_RESOLVE, map_param_add_del_pre_resolve)	\
 _(MAP_PARAM_SET_REASSEMBLY, map_param_set_reassembly)		\
 _(MAP_PARAM_SET_SECURITY_CHECK, map_param_set_security_check)	\
 _(MAP_PARAM_SET_TRAFFIC_CLASS, map_param_set_traffic_class)	\
+_(MAP_PARAM_SET_TCP, map_param_set_tcp)	\
 _(MAP_PARAM_GET, map_param_get)
 
 #define vl_msg_name_crc_list