diff options
Diffstat (limited to 'hicn-plugin/src/network/udp_tunnels')
-rw-r--r-- | hicn-plugin/src/network/udp_tunnels/udp_decap.h | 32 | ||||
-rw-r--r-- | hicn-plugin/src/network/udp_tunnels/udp_decap_node.c | 623 | ||||
-rw-r--r-- | hicn-plugin/src/network/udp_tunnels/udp_tunnel.c | 281 | ||||
-rw-r--r-- | hicn-plugin/src/network/udp_tunnels/udp_tunnel.h | 114 |
4 files changed, 1050 insertions, 0 deletions
diff --git a/hicn-plugin/src/network/udp_tunnels/udp_decap.h b/hicn-plugin/src/network/udp_tunnels/udp_decap.h new file mode 100644 index 000000000..9ddb8a73b --- /dev/null +++ b/hicn-plugin/src/network/udp_tunnels/udp_decap.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2020 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __UDP_DECAP_H__ +#define __UDP_DECAP_H__ + +/** + * @file udp_decap.h + * + * Implements the udp decapsulation for udp tunnels + * + * Udp decap nodes follow the ip4/6-local nodes and their purpose + * is to retrieve the udp tunnel for the incoming packet. If a tunnel does + * not exist the packet is dropped. + * The following node to the udp decap nodes are the ip4/6-lookup nodes. + */ + +extern vlib_node_registration_t udp_decap_node; + +#endif // __UDP_DECAP_H__ diff --git a/hicn-plugin/src/network/udp_tunnels/udp_decap_node.c b/hicn-plugin/src/network/udp_tunnels/udp_decap_node.c new file mode 100644 index 000000000..5603f20f9 --- /dev/null +++ b/hicn-plugin/src/network/udp_tunnels/udp_decap_node.c @@ -0,0 +1,623 @@ +/* + * Copyright (c) 2020 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include <vnet/fib/fib_table.h> + +#include "udp_tunnel.h" +#include "../mgmt.h" +#include "../hicn.h" +#include "../strategy_dpo_ctx.h" + +vlib_node_registration_t udp_decap_node; + +static char *udp_decap_error_strings[] = { +#define _(sym, string) string, + foreach_hicnfwd_error +#undef _ +}; + +/* Trace context struct */ +typedef enum +{ + UDP4_DECAP_NEXT_LOOKUP_IP4, + UDP4_DECAP_NEXT_LOOKUP_IP6, + UDP4_DECAP_N_NEXT, +} udp4_decap_next_t; + +typedef enum +{ + UDP6_DECAP_NEXT_LOOKUP_IP4, + UDP6_DECAP_NEXT_LOOKUP_IP6, + UDP6_DECAP_N_NEXT, +} udp6_decap_next_t; + +typedef struct udp4_decap_trace_t_ +{ + ip4_header_t ip; + udp_header_t udp; +} udp4_decap_trace_t; + +typedef struct udp6_decap_trace_t_ +{ + ip6_header_t ip; + udp_header_t udp; +} udp6_decap_trace_t; + +typedef struct udp_decap_trace_t_ +{ + union + { + udp4_decap_trace_t udp4; + udp6_decap_trace_t udp6; + }; + + u8 isv6; + u8 ishicn; +} udp_decap_trace_t; + + +static u8 * +format_udp_decap_trace (u8 * s, va_list * args) +{ + CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *); + CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *); + udp_decap_trace_t *t; + + t = va_arg (*args, udp_decap_trace_t *); + + if (t->isv6) + { + s = format (s, "%U\n %U \n %s", + format_ip4_header, &t->udp6.ip, sizeof (t->udp6.ip), + format_udp_header, &t->udp6.udp, sizeof (t->udp6.udp), + t->ishicn ? "hICN udp tunnel" : ""); + } + else + { + s = format (s, "%U\n %U \n %s", + format_ip4_header, &t->udp4.ip, sizeof (t->udp4.ip), + format_udp_header, &t->udp4.udp, sizeof (t->udp4.udp), + t->ishicn ? "hICN udp tunnel" : ""); + } + return (s); +} + +static_always_inline void +udp_decap_trace_buffer (vlib_main_t * vm, vlib_node_runtime_t * node, + u8 isv6, vlib_buffer_t * b) +{ + if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) && + (b->flags & VLIB_BUFFER_IS_TRACED))) + { + udp_decap_trace_t *t = + vlib_add_trace (vm, node, b, sizeof (*t)); + t->isv6 = isv6; + hicn_buffer_t *hb = hicn_get_buffer(b); + + if (isv6) + { + clib_memcpy(&(t->udp6.udp), vlib_buffer_get_current(b) + sizeof(ip6_header_t), sizeof(udp_header_t)); + clib_memcpy(&(t->udp6.ip), vlib_buffer_get_current(b), sizeof(ip6_header_t)); + t->ishicn = hb->flags & hb->flags & HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL; + } + else + { + clib_memcpy(&(t->udp4.udp), vlib_buffer_get_current(b) + sizeof(ip4_header_t), sizeof(udp_header_t)); + clib_memcpy(&(t->udp4.ip), vlib_buffer_get_current(b), sizeof(ip4_header_t)); + t->ishicn = hb->flags & HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL; + } + } +} + +static uword +udp4_decap_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, + vlib_frame_t * frame) +{ + u32 n_left_from, *from, *to_next, next_index; + + from = vlib_frame_vector_args (frame); + n_left_from = frame->n_vectors; + next_index = node->cached_next_index; + + while (n_left_from > 0) + { + u32 n_left_to_next; + vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); + + /* Dual loop, X2 */ + while (n_left_from >= 8 && n_left_to_next >= 4) + { + vlib_buffer_t *b0, *b1, *b2, *b3; + u32 bi0, bi1, bi2, bi3; + u32 next0, next1, next2, next3; + + { + vlib_buffer_t *b4, *b5, *b6, *b7; + b4 = vlib_get_buffer (vm, from[4]); + b5 = vlib_get_buffer (vm, from[5]); + b6 = vlib_get_buffer (vm, from[6]); + b7 = vlib_get_buffer (vm, from[7]); + CLIB_PREFETCH (b4, CLIB_CACHE_LINE_BYTES, STORE); + CLIB_PREFETCH (b5, CLIB_CACHE_LINE_BYTES, STORE); + CLIB_PREFETCH (b6, CLIB_CACHE_LINE_BYTES, STORE); + CLIB_PREFETCH (b7, CLIB_CACHE_LINE_BYTES, STORE); + } + + bi0 = from[0]; + bi1 = from[1]; + bi2 = from[2]; + bi3 = from[3]; + + from += 4; + n_left_from -= 4; + to_next[0] = bi0; + to_next[1] = bi1; + to_next[2] = bi2; + to_next[3] = bi3; + + to_next += 4; + n_left_to_next -= 4; + + b0 = vlib_get_buffer (vm, bi0); + b1 = vlib_get_buffer (vm, bi1); + b2 = vlib_get_buffer (vm, bi2); + b3 = vlib_get_buffer (vm, bi3); + + u8 *ptr0 = vlib_buffer_get_current (b0); + u8 *ptr1 = vlib_buffer_get_current (b1); + u8 *ptr2 = vlib_buffer_get_current (b2); + u8 *ptr3 = vlib_buffer_get_current (b3); + u8 v0 = *ptr0 & 0xf0; + u8 v1 = *ptr1 & 0xf0; + u8 v2 = *ptr2 & 0xf0; + u8 v3 = *ptr3 & 0xf0; + + u8 advance = sizeof(ip4_header_t) + sizeof(udp_header_t); + + vlib_buffer_advance(b0, -advance); + vlib_buffer_advance(b1, -advance); + vlib_buffer_advance(b2, -advance); + vlib_buffer_advance(b3, -advance); + + u8 *outer_ptr0 = vlib_buffer_get_current (b0); + u8 *outer_ptr1 = vlib_buffer_get_current (b1); + u8 *outer_ptr2 = vlib_buffer_get_current (b2); + u8 *outer_ptr3 = vlib_buffer_get_current (b3); + u8 outer_v0 = *outer_ptr0 & 0xf0; + u8 outer_v1 = *outer_ptr1 & 0xf0; + u8 outer_v2 = *outer_ptr2 & 0xf0; + u8 outer_v3 = *outer_ptr3 & 0xf0; + + ip46_address_t src0 = {0}; + ip46_address_t src1 = {0}; + ip46_address_t src2 = {0}; + ip46_address_t src3 = {0}; + + ip46_address_t dst0 = {0}; + ip46_address_t dst1 = {0}; + ip46_address_t dst2 = {0}; + ip46_address_t dst3 = {0}; + + udp_header_t * udp0 = NULL; + udp_header_t * udp1 = NULL; + udp_header_t * udp2 = NULL; + udp_header_t * udp3 = NULL; + + ip46_address_set_ip4(&src0, &((ip4_header_t *)outer_ptr0)->src_address); + ip46_address_set_ip4(&dst0, &((ip4_header_t *)outer_ptr0)->dst_address); + udp0 = (udp_header_t *)(outer_ptr0 + sizeof(ip4_header_t)); + next0 = v0 == 0x40? UDP4_DECAP_NEXT_LOOKUP_IP4 : UDP4_DECAP_NEXT_LOOKUP_IP6; + + ip46_address_set_ip4(&src1, &((ip4_header_t *)outer_ptr1)->src_address); + ip46_address_set_ip4(&dst1, &((ip4_header_t *)outer_ptr1)->dst_address); + udp1 = (udp_header_t *)(outer_ptr1 + sizeof(ip4_header_t)); + next1 = v1 == 0x40? UDP4_DECAP_NEXT_LOOKUP_IP4 : UDP4_DECAP_NEXT_LOOKUP_IP6; + + ip46_address_set_ip4(&src2, &((ip4_header_t *)outer_ptr2)->src_address); + ip46_address_set_ip4(&dst2, &((ip4_header_t *)outer_ptr2)->dst_address); + udp2 = (udp_header_t *)(outer_ptr2 + sizeof(ip4_header_t)); + next2 = v2 == 0x40? UDP4_DECAP_NEXT_LOOKUP_IP4 : UDP4_DECAP_NEXT_LOOKUP_IP6; + + ip46_address_set_ip4(&src3, &((ip4_header_t *)outer_ptr3)->src_address); + ip46_address_set_ip4(&dst3, &((ip4_header_t *)outer_ptr3)->dst_address); + udp3 = (udp_header_t *)(outer_ptr3 + sizeof(ip4_header_t)); + next3 = v3 == 0x40? UDP4_DECAP_NEXT_LOOKUP_IP4 : UDP4_DECAP_NEXT_LOOKUP_IP6; + + hicn_buffer_t *hicnb0, *hicnb1, *hicnb2, *hicnb3; + hicnb0 = hicn_get_buffer(b0); + hicnb1 = hicn_get_buffer(b1); + hicnb2 = hicn_get_buffer(b2); + hicnb3 = hicn_get_buffer(b3); + + + /* Udp encap-decap tunnels have dst and src addresses and port swapped */ + vnet_buffer (b0)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst0, &src0, udp0->dst_port, udp0->src_port); + vnet_buffer (b1)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst1, &src1, udp1->dst_port, udp1->src_port); + vnet_buffer (b2)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst2, &src2, udp2->dst_port, udp2->src_port); + vnet_buffer (b3)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst3, &src3, udp3->dst_port, udp3->src_port); + + if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb0->flags |= (outer_v0 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + if (vnet_buffer (b1)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb1->flags |= (outer_v1 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + if (vnet_buffer (b2)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb2->flags |= (outer_v2 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + if (vnet_buffer (b3)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb3->flags |= (outer_v3 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + udp_decap_trace_buffer (vm, node, 1, b0); + udp_decap_trace_buffer (vm, node, 1, b1); + udp_decap_trace_buffer (vm, node, 1, b2); + udp_decap_trace_buffer (vm, node, 1, b3); + + vlib_buffer_advance(b0, advance); + vlib_buffer_advance(b1, advance); + vlib_buffer_advance(b2, advance); + vlib_buffer_advance(b3, advance); + + vlib_validate_buffer_enqueue_x4 (vm, node, next_index, to_next, + n_left_to_next, bi0, bi1, bi2, bi3, + next0, next1, next2, next3); + } + + /* Dual loop, X1 */ + while (n_left_from > 0 && n_left_to_next > 0) + { + vlib_buffer_t *b0; + u32 bi0; + /* udp_encap_t *udp_tunnel0 = NULL; */ + u32 next0; + + if (n_left_from > 1) + { + vlib_buffer_t *b1; + b1 = vlib_get_buffer (vm, from[1]); + CLIB_PREFETCH (b1, CLIB_CACHE_LINE_BYTES, STORE); + } + + bi0 = from[0]; + from += 1; + n_left_from -= 1; + to_next[0] = bi0; + to_next += 1; + n_left_to_next -= 1; + + b0 = vlib_get_buffer (vm, bi0); + + u8 *ptr0 = vlib_buffer_get_current (b0); + u8 v0 = *ptr0 & 0xf0; + + u8 advance = sizeof(ip4_header_t) + sizeof(udp_header_t);; + + vlib_buffer_advance(b0, -advance); + + u8 *outer_ptr0 = vlib_buffer_get_current (b0); + u8 outer_v0 = *outer_ptr0 & 0xf0; + + ip46_address_t src0 = {0}; + ip46_address_t dst0 = {0}; + udp_header_t * udp0 = NULL; + + ip46_address_set_ip4(&src0, &((ip4_header_t *)outer_ptr0)->src_address); + ip46_address_set_ip4(&dst0, &((ip4_header_t *)outer_ptr0)->dst_address); + udp0 = (udp_header_t *)(outer_ptr0 + sizeof(ip4_header_t)); + next0 = v0 == 0x40 ? UDP4_DECAP_NEXT_LOOKUP_IP4: UDP4_DECAP_NEXT_LOOKUP_IP6; + + hicn_buffer_t *hicnb0 = hicn_get_buffer(b0); + + vnet_buffer (b0)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst0, &src0, udp0->dst_port, udp0->src_port); + + if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb0->flags |= (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + udp_decap_trace_buffer (vm, node, 1, b0); + + vlib_buffer_advance(b0, advance); + + vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, + n_left_to_next, bi0, next0); + + } + vlib_put_next_frame (vm, node, next_index, n_left_to_next); + } + + return (frame->n_vectors); +} + + +/* + * Node registration for the interest forwarder node + */ +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE(udp4_decap_node) = +{ + .function = udp4_decap_node_fn, + .name = "udp4-decap", + .vector_size = sizeof(u32), + .format_trace = format_udp_decap_trace, + .type = VLIB_NODE_TYPE_INTERNAL, + .n_errors = ARRAY_LEN(udp_decap_error_strings), + .error_strings = udp_decap_error_strings, + .n_next_nodes = UDP4_DECAP_N_NEXT, + /* edit / add dispositions here */ + .next_nodes = + { + [UDP4_DECAP_NEXT_LOOKUP_IP4] = "ip4-lookup", + [UDP4_DECAP_NEXT_LOOKUP_IP6] = "ip6-lookup" + }, +}; +/* *INDENT-ON* */ + +static uword +udp6_decap_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, + vlib_frame_t * frame) +{ + u32 n_left_from, *from, *to_next, next_index; + + from = vlib_frame_vector_args (frame); + n_left_from = frame->n_vectors; + next_index = node->cached_next_index; + + while (n_left_from > 0) + { + u32 n_left_to_next; + vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); + + /* Dual loop, X2 */ + while (n_left_from >= 8 && n_left_to_next >= 4) + { + vlib_buffer_t *b0, *b1, *b2, *b3; + u32 bi0, bi1, bi2, bi3; + u32 next0, next1, next2, next3; + + { + vlib_buffer_t *b4, *b5, *b6, *b7; + b4 = vlib_get_buffer (vm, from[4]); + b5 = vlib_get_buffer (vm, from[5]); + b6 = vlib_get_buffer (vm, from[6]); + b7 = vlib_get_buffer (vm, from[7]); + CLIB_PREFETCH (b4, CLIB_CACHE_LINE_BYTES, STORE); + CLIB_PREFETCH (b5, CLIB_CACHE_LINE_BYTES, STORE); + CLIB_PREFETCH (b6, CLIB_CACHE_LINE_BYTES, STORE); + CLIB_PREFETCH (b7, CLIB_CACHE_LINE_BYTES, STORE); + } + + bi0 = from[0]; + bi1 = from[1]; + bi2 = from[2]; + bi3 = from[3]; + + from += 4; + n_left_from -= 4; + to_next[0] = bi0; + to_next[1] = bi1; + to_next[2] = bi2; + to_next[3] = bi3; + + to_next += 4; + n_left_to_next -= 4; + + b0 = vlib_get_buffer (vm, bi0); + b1 = vlib_get_buffer (vm, bi1); + b2 = vlib_get_buffer (vm, bi2); + b3 = vlib_get_buffer (vm, bi3); + + u8 *ptr0 = vlib_buffer_get_current (b0); + u8 *ptr1 = vlib_buffer_get_current (b1); + u8 *ptr2 = vlib_buffer_get_current (b2); + u8 *ptr3 = vlib_buffer_get_current (b3); + u8 v0 = *ptr0 & 0xf0; + u8 v1 = *ptr1 & 0xf0; + u8 v2 = *ptr2 & 0xf0; + u8 v3 = *ptr3 & 0xf0; + + u8 advance = sizeof(ip6_header_t) + sizeof(udp_header_t); + + vlib_buffer_advance(b0, -advance); + vlib_buffer_advance(b1, -advance); + vlib_buffer_advance(b2, -advance); + vlib_buffer_advance(b3, -advance); + + u8 *outer_ptr0 = vlib_buffer_get_current (b0); + u8 *outer_ptr1 = vlib_buffer_get_current (b1); + u8 *outer_ptr2 = vlib_buffer_get_current (b2); + u8 *outer_ptr3 = vlib_buffer_get_current (b3); + u8 outer_v0 = *outer_ptr0 & 0xf0; + u8 outer_v1 = *outer_ptr1 & 0xf0; + u8 outer_v2 = *outer_ptr2 & 0xf0; + u8 outer_v3 = *outer_ptr3 & 0xf0; + + ip46_address_t src0 = {0}; + ip46_address_t src1 = {0}; + ip46_address_t src2 = {0}; + ip46_address_t src3 = {0}; + + ip46_address_t dst0 = {0}; + ip46_address_t dst1 = {0}; + ip46_address_t dst2 = {0}; + ip46_address_t dst3 = {0}; + + udp_header_t * udp0 = NULL; + udp_header_t * udp1 = NULL; + udp_header_t * udp2 = NULL; + udp_header_t * udp3 = NULL; + + ip46_address_set_ip6(&src0, &((ip6_header_t *)outer_ptr0)->src_address); + ip46_address_set_ip6(&dst0, &((ip6_header_t *)outer_ptr0)->dst_address); + udp0 = (udp_header_t *)(outer_ptr0 + sizeof(ip6_header_t)); + next0 = v0 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 : UDP6_DECAP_NEXT_LOOKUP_IP6; + + ip46_address_set_ip6(&src1, &((ip6_header_t *)outer_ptr1)->src_address); + ip46_address_set_ip6(&dst1, &((ip6_header_t *)outer_ptr1)->dst_address); + udp1 = (udp_header_t *)(outer_ptr1 + sizeof(ip6_header_t)); + next1 = v1 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 : UDP6_DECAP_NEXT_LOOKUP_IP6; + + ip46_address_set_ip6(&src2, &((ip6_header_t *)outer_ptr2)->src_address); + ip46_address_set_ip6(&dst2, &((ip6_header_t *)outer_ptr2)->dst_address); + udp2 = (udp_header_t *)(outer_ptr2 + sizeof(ip6_header_t)); + next2 = v2 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 : UDP6_DECAP_NEXT_LOOKUP_IP6; + + ip46_address_set_ip6(&src3, &((ip6_header_t *)outer_ptr3)->src_address); + ip46_address_set_ip6(&dst3, &((ip6_header_t *)outer_ptr3)->dst_address); + udp3 = (udp_header_t *)(outer_ptr3 + sizeof(ip6_header_t)); + next3 = v3 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 : UDP6_DECAP_NEXT_LOOKUP_IP6; + + hicn_buffer_t *hicnb0, *hicnb1, *hicnb2, *hicnb3; + hicnb0 = hicn_get_buffer(b0); + hicnb1 = hicn_get_buffer(b1); + hicnb2 = hicn_get_buffer(b2); + hicnb3 = hicn_get_buffer(b3); + + + /* Udp encap-decap tunnels have dst and src addresses and port swapped */ + vnet_buffer (b0)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst0, &src0, udp0->dst_port, udp0->src_port); + vnet_buffer (b1)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst1, &src1, udp1->dst_port, udp1->src_port); + vnet_buffer (b2)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst2, &src2, udp2->dst_port, udp2->src_port); + vnet_buffer (b3)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst3, &src3, udp3->dst_port, udp3->src_port); + + if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb0->flags |= (outer_v0 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + if (vnet_buffer (b1)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb1->flags |= (outer_v1 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + if (vnet_buffer (b2)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb2->flags |= (outer_v2 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + if (vnet_buffer (b3)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb3->flags |= (outer_v3 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + udp_decap_trace_buffer (vm, node, 0, b0); + udp_decap_trace_buffer (vm, node, 0, b1); + udp_decap_trace_buffer (vm, node, 0, b2); + udp_decap_trace_buffer (vm, node, 0, b3); + + vlib_buffer_advance(b0, advance); + vlib_buffer_advance(b1, advance); + vlib_buffer_advance(b2, advance); + vlib_buffer_advance(b3, advance); + + vlib_validate_buffer_enqueue_x4 (vm, node, next_index, to_next, + n_left_to_next, bi0, bi1, bi2, bi3, + next0, next1, next2, next3); + } + + /* Dual loop, X1 */ + while (n_left_from > 0 && n_left_to_next > 0) + { + vlib_buffer_t *b0; + u32 bi0; + /* udp_encap_t *udp_tunnel0 = NULL; */ + u32 next0; + + if (n_left_from > 1) + { + vlib_buffer_t *b1; + b1 = vlib_get_buffer (vm, from[1]); + CLIB_PREFETCH (b1, CLIB_CACHE_LINE_BYTES, STORE); + } + + bi0 = from[0]; + from += 1; + n_left_from -= 1; + to_next[0] = bi0; + to_next += 1; + n_left_to_next -= 1; + + b0 = vlib_get_buffer (vm, bi0); + + u8 *ptr0 = vlib_buffer_get_current (b0); + u8 v0 = *ptr0 & 0xf0; + + u8 advance = sizeof(ip6_header_t) + sizeof(udp_header_t); + + vlib_buffer_advance(b0, -advance); + + u8 *outer_ptr0 = vlib_buffer_get_current (b0); + u8 outer_v0 = *outer_ptr0 & 0xf0; + + ip46_address_t src0 = {0}; + ip46_address_t dst0 = {0}; + udp_header_t * udp0 = NULL; + + ip46_address_set_ip6(&src0, &((ip6_header_t *)outer_ptr0)->src_address); + ip46_address_set_ip6(&dst0, &((ip6_header_t *)outer_ptr0)->dst_address); + udp0 = (udp_header_t *)(outer_ptr0 + sizeof(ip6_header_t)); + next0 = v0 == 0x40? UDP6_DECAP_NEXT_LOOKUP_IP4 : UDP6_DECAP_NEXT_LOOKUP_IP6; + + hicn_buffer_t *hicnb0 = hicn_get_buffer(b0); + + vnet_buffer (b0)->ip.adj_index[VLIB_RX] = udp_tunnel_get(&dst0, &src0, udp0->dst_port, udp0->src_port); + + if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != + UDP_TUNNEL_INVALID) + hicnb0->flags |= (outer_v0 == 0x40? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL : HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL); + + udp_decap_trace_buffer (vm, node, 0, b0); + + vlib_buffer_advance(b0, advance); + + vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, + n_left_to_next, bi0, next0); + + } + vlib_put_next_frame (vm, node, next_index, n_left_to_next); + } + + return (frame->n_vectors); +} + + +/* + * Node registration for the interest forwarder node + */ +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE(udp6_decap_node) = +{ + .function = udp6_decap_node_fn, + .name = "udp6-decap", + .vector_size = sizeof(u32), + .format_trace = format_udp_decap_trace, + .type = VLIB_NODE_TYPE_INTERNAL, + .n_errors = ARRAY_LEN(udp_decap_error_strings), + .error_strings = udp_decap_error_strings, + .n_next_nodes = UDP6_DECAP_N_NEXT, + /* edit / add dispositions here */ + .next_nodes = + { + [UDP6_DECAP_NEXT_LOOKUP_IP4] = "ip4-lookup", + [UDP6_DECAP_NEXT_LOOKUP_IP6] = "ip6-lookup" + }, +}; +/* *INDENT-ON* */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/hicn-plugin/src/network/udp_tunnels/udp_tunnel.c b/hicn-plugin/src/network/udp_tunnels/udp_tunnel.c new file mode 100644 index 000000000..872e4cd82 --- /dev/null +++ b/hicn-plugin/src/network/udp_tunnels/udp_tunnel.c @@ -0,0 +1,281 @@ +/* + * Copyright (c) 2020 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include <vlib/vlib.h> +#include <vnet/vnet.h> +#include <vppinfra/bihash_40_8.h> +#include <vnet/fib/fib_table.h> + +#include "../error.h" +#include "../strategy_dpo_ctx.h" +#include "udp_tunnel.h" + +clib_bihash_40_8_t udp_tunnels_hashtb; +dpo_type_t dpo_type_udp_ip4; +dpo_type_t dpo_type_udp_ip6; + +u32 udp_tunnel_add (fib_protocol_t proto, + index_t fib_index, + const ip46_address_t * src_ip, + const ip46_address_t * dst_ip, + u16 src_port, + u16 dst_port, + udp_encap_fixup_flags_t flags) +{ + vlib_main_t *vm = vlib_get_main(); + clib_bihash_kv_40_8_t kv; + clib_memcpy(&kv.key[0], src_ip, sizeof(ip46_address_t)); + clib_memcpy(&kv.key[2], dst_ip, sizeof(ip46_address_t)); + kv.key[4] = (clib_host_to_net_u16(src_port) << 16) + clib_host_to_net_u16(dst_port); + + clib_bihash_kv_40_8_t value; + int rv = clib_bihash_search_40_8 (&udp_tunnels_hashtb, &kv, &value); + + if (rv != 0) + { + u32 uei = udp_encap_add_and_lock(proto, fib_index, src_ip, dst_ip, src_port, dst_port, flags); + kv.value = uei; + clib_bihash_add_del_40_8(&udp_tunnels_hashtb, &kv, 1); + value.value = kv.value; + if (proto == FIB_PROTOCOL_IP4) + { + udp_register_dst_port(vm, src_port, udp4_decap_node.index, 1); + } + else + { + udp_register_dst_port(vm, src_port, udp6_decap_node.index, 0); + } + } + + return value.value; +} + +void udp_tunnel_add_existing (index_t uei, dpo_proto_t proto) +{ + vlib_main_t *vm = vlib_get_main(); + udp_encap_t * udp_encap = udp_encap_get(uei); + clib_bihash_kv_40_8_t kv; + + ip46_address_t src = {0}; + ip46_address_t dst = {0}; + u16 src_port = 0, dst_port = 0; + + switch (proto) + { + case DPO_PROTO_IP4: + ip46_address_set_ip4(&src, &(udp_encap->ue_hdrs.ip4.ue_ip4.src_address)); + ip46_address_set_ip4(&dst, &(udp_encap->ue_hdrs.ip4.ue_ip4.dst_address)); + src_port = udp_encap->ue_hdrs.ip4.ue_udp.src_port; + dst_port = udp_encap->ue_hdrs.ip4.ue_udp.dst_port; + break; + case DPO_PROTO_IP6: + ip46_address_set_ip6(&src, &(udp_encap->ue_hdrs.ip6.ue_ip6.src_address)); + ip46_address_set_ip6(&dst, &(udp_encap->ue_hdrs.ip6.ue_ip6.dst_address)); + src_port = udp_encap->ue_hdrs.ip6.ue_udp.src_port; + dst_port = udp_encap->ue_hdrs.ip6.ue_udp.dst_port; + break; + default: + break; + } + + clib_memcpy(&kv.key[0], &src, sizeof(ip46_address_t)); + clib_memcpy(&kv.key[2], &dst, sizeof(ip46_address_t)); + kv.key[4] = (src_port << 16) + dst_port ; + kv.value = uei; + + clib_bihash_add_del_40_8(&udp_tunnels_hashtb, &kv, 1); + + if (proto == DPO_PROTO_IP4) + { + udp_register_dst_port(vm, clib_net_to_host_u16(src_port), udp4_decap_node.index, 1); + } + else + { + udp_register_dst_port(vm, clib_net_to_host_u16(src_port), udp6_decap_node.index, 0); + } +} + +int udp_tunnel_del (fib_protocol_t proto, + index_t fib_index, + const ip46_address_t * src_ip, + const ip46_address_t * dst_ip, + u16 src_port, + u16 dst_port, + udp_encap_fixup_flags_t flags) +{ + clib_bihash_kv_40_8_t kv; + clib_memcpy(&kv.key[0], src_ip, sizeof(ip46_address_t)); + clib_memcpy(&kv.key[2], dst_ip, sizeof(ip46_address_t)); + kv.key[4] = (clib_host_to_net_u16(src_port) << 16) + clib_host_to_net_u16(dst_port); + + clib_bihash_kv_40_8_t value; + int ret = clib_bihash_search_40_8 (&udp_tunnels_hashtb, &kv, &value); + + if (ret == 0) + { + udp_encap_unlock((u32)value.value); + clib_bihash_add_del_40_8(&udp_tunnels_hashtb, &kv, 0); + ret = HICN_ERROR_NONE; + } + else + { + ret = HICN_ERROR_UDP_TUNNEL_NOT_FOUND; + } + + return ret; +} + +u32 udp_tunnel_get(const ip46_address_t * src_ip, + const ip46_address_t * dst_ip, + u16 src_port, + u16 dst_port) +{ + clib_bihash_kv_40_8_t kv; + clib_memcpy(&kv.key[0], src_ip, sizeof(ip46_address_t)); + clib_memcpy(&kv.key[2], dst_ip, sizeof(ip46_address_t)); + kv.key[4] = (src_port << 16) + dst_port; + + clib_bihash_kv_40_8_t value; + int ret = clib_bihash_search_40_8 (&udp_tunnels_hashtb, &kv, &value); + + return ret == 0 ? (u32)value.value : UDP_TUNNEL_INVALID; +} + + +void udp_tunnel_init() +{ + clib_bihash_init_40_8(&udp_tunnels_hashtb, "udp encap table", + 2048, 256 << 20); + + /* + * Udp encap does not expose the dpo type when it registers. + * In the following we understand what is the dpo type for a udp_encap dpo. + */ + ip46_address_t src = {0}; + ip46_address_t dst = {0}; + + src.ip6.as_u8[15] = 1; + dst.ip6.as_u8[15] = 2; + + u32 fib_index = fib_table_find (FIB_PROTOCOL_IP6, HICN_FIB_TABLE); + u32 uei = udp_encap_add_and_lock(FIB_PROTOCOL_IP6, fib_index, &src, &dst, 4444, 4444, UDP_ENCAP_FIXUP_NONE); + + dpo_id_t temp = DPO_INVALID; + udp_encap_contribute_forwarding(uei, DPO_PROTO_IP6, &temp); + dpo_type_udp_ip6 = temp.dpoi_type; + udp_encap_unlock(uei); + + dpo_id_t temp2 = DPO_INVALID; + fib_index = fib_table_find (FIB_PROTOCOL_IP4, HICN_FIB_TABLE); + uei = udp_encap_add_and_lock(FIB_PROTOCOL_IP4, fib_index, &src, &dst, 4444, 4444, UDP_ENCAP_FIXUP_NONE); + udp_encap_contribute_forwarding(uei, DPO_PROTO_IP4, &temp2); + dpo_type_udp_ip4 = temp2.dpoi_type; + udp_encap_unlock(uei); +} + +static clib_error_t * +udp_tunnel_command_fn (vlib_main_t * vm, + unformat_input_t * main_input, + vlib_cli_command_t * cmd) +{ + unformat_input_t _line_input, *line_input = &_line_input; + clib_error_t *error = NULL; + ip46_address_t src_ip = {0}, dst_ip = {0}; + u32 table_id, src_port, dst_port; + fib_protocol_t fproto; + u8 is_del; + index_t uei; + + is_del = 0; + fproto = FIB_PROTOCOL_MAX; + uei = ~0; + table_id = HICN_FIB_TABLE; + + /* Get a line of input. */ + if (unformat_user (main_input, unformat_line_input, line_input)) + { + while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (line_input, "index %d", &uei)) + ; + else if (unformat (line_input, "add")) + is_del = 0; + else if (unformat (line_input, "del")) + is_del = 1; + else if (unformat (line_input, "%U %U", + unformat_ip4_address, + &src_ip.ip4, unformat_ip4_address, &dst_ip.ip4)) + fproto = FIB_PROTOCOL_IP4; + else if (unformat (line_input, "%U %U", + unformat_ip6_address, + &src_ip.ip6, unformat_ip6_address, &dst_ip.ip6)) + fproto = FIB_PROTOCOL_IP6; + else if (unformat (line_input, "%d %d", &src_port, &dst_port)) + ; + else if (unformat (line_input, "table-id %d", &table_id)) + ; + else + { + error = unformat_parse_error (line_input); + goto done; + } + } + } + + index_t fib_index = fib_table_find (fproto, table_id); + if (~0 == fib_index) + { + error = clib_error_return (0, "Nonexistent table id %d", table_id); + goto done; + } + + if (!is_del && fproto != FIB_PROTOCOL_MAX) + { + uei = udp_tunnel_add(fproto, fib_index, &src_ip, &dst_ip, src_port, dst_port, UDP_ENCAP_FIXUP_NONE); + + vlib_cli_output (vm, "udp-encap: %d\n", uei); + } + else if (is_del) + { + int ret = udp_tunnel_del(fproto, fib_index, &src_ip, &dst_ip, src_port, dst_port, UDP_ENCAP_FIXUP_NONE); + error = (ret == HICN_ERROR_NONE) ? 0 : clib_error_return (0, "%s\n", + get_error_string + (ret)); + } + else + { + error = clib_error_return (0, "specify some IP addresses"); + } + + done: + unformat_free (line_input); + return error; + +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (udp_tunnel_command, static) = + { + .path = "udp tunnel", + .short_help = "udp tunnel [add/del] src_address dst_address src_port dst_port", + .function = udp_tunnel_command_fn, + }; +/* *INDENT-ON* */ + + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: eval: (c-set-style "gnu") End: + */ diff --git a/hicn-plugin/src/network/udp_tunnels/udp_tunnel.h b/hicn-plugin/src/network/udp_tunnels/udp_tunnel.h new file mode 100644 index 000000000..2ec92056c --- /dev/null +++ b/hicn-plugin/src/network/udp_tunnels/udp_tunnel.h @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2020 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __UDP_TUNNEL__ +#define __UDP_TUNNEL__ + +#include <vlib/vlib.h> +#include <vppinfra/error.h> +#include <vnet/udp/udp_encap.h> + +/** + * @file udp_tunnel.h + * + * This file implements bidirectional udp tunnels. Udp tunnels exploit + * the udp encap functionality in vpp. In particular, a udp tunnel creates + * an udp encap object with the information for encapsulating packets and it + * implements the udp decap node. The udp decap node checks if a udp tunnel exists + * before performing the decapsulation. If the tunnel does not exist the packet + * is dropped. + */ + +#define UDP_TUNNEL_INVALID ~0 + +extern dpo_type_t dpo_type_udp_ip4; +extern dpo_type_t dpo_type_udp_ip6; + +extern vlib_node_registration_t udp4_decap_node; +extern vlib_node_registration_t udp6_decap_node; + +/** + * @brief Create a udp tunnel + * + * @param proto FIB_PROTOCOL_IP4 or FIB_PROTOCOL_IP6 + * @param fib_index fib index to add to the udp encap + * @param src_ip source address of the tunnel + * @param dst_ip destination address of the tunnel + * @param src_port source port + * @param src_port destination port + * @param flags flags for the udp encap + * + * @return return the id of the tunnel + */ +u32 udp_tunnel_add (fib_protocol_t proto, + index_t fib_index, + const ip46_address_t * src_ip, + const ip46_address_t * dst_ip, + u16 src_port, + u16 dst_port, + udp_encap_fixup_flags_t flags); + +/** + * @brief Retrieve the index of a udp tunnel (same id of the udp encap) + * + * @param src_ip source address of the tunnel + * @param dst_ip destination address of the tunnel + * @param src_port source port + * @param src_port destination port + * + * @return id of the udp tunnel/encap + */ +u32 udp_tunnel_get(const ip46_address_t * src_ip, + const ip46_address_t * dst_ip, + u16 src_port, + u16 dst_port); + +/** + * @brief Delete a udp tunnel + * + * @param proto FIB_PROTOCOL_IP4 or FIB_PROTOCOL_IP6 + * @param fib_index fib index to add to the udp encap + * @param src_ip source address of the tunnel + * @param dst_ip destination address of the tunnel + * @param src_port source port + * @param src_port destination port + * @param flags flags for the udp encap + * + * @return HICN_ERROR_UDP_TUNNEL_NOT_FOUND if the tunnel was not found + * or HICN_ERROR_NONE if the tunnel has been deleted + */ +int udp_tunnel_del (fib_protocol_t proto, + index_t fib_index, + const ip46_address_t * src_ip, + const ip46_address_t * dst_ip, + u16 src_port, + u16 dst_port, + udp_encap_fixup_flags_t flags); + +/** + * @brief Add a udp tunnel from an existing udp encap + * + * @param uei index of the udp encap object + * @param proto DPO_PROTO_IP6 or DPO_PROTO_IP4 + */ +void udp_tunnel_add_existing (index_t uei, dpo_proto_t proto); + +/** + * @brief Init the udp tunnel module + * + */ +void udp_tunnel_init(); + +#endif |