diff options
author | Matus Fabian <matfabia@cisco.com> | 2016-08-26 05:45:27 -0700 |
---|---|---|
committer | Ole Trøan <otroan@employees.org> | 2016-10-05 11:41:51 +0000 |
commit | db6498848126839010eaad0bc79571a9ccbfc1bc (patch) | |
tree | ed1ad922173bc6187bc7da77b8596f7164272ed2 /plugins/snat-plugin/snat/snat.h | |
parent | b8602b595fc89fe8b8fb00cef4820eedf225a93e (diff) |
VPP-339: SNAT static mapping
1:1 NAT
1:1 NAT with ports
1:1 NAT static mapping only - add "static mapping only [connection tracking]"
to snat startup config
Change-Id: I37cd06a9d71d1943eb6618034d7c547c4a9348c4
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'plugins/snat-plugin/snat/snat.h')
-rw-r--r-- | plugins/snat-plugin/snat/snat.h | 56 |
1 files changed, 55 insertions, 1 deletions
diff --git a/plugins/snat-plugin/snat/snat.h b/plugins/snat-plugin/snat/snat.h index e3aa56276fb..823b8608b1a 100644 --- a/plugins/snat-plugin/snat/snat.h +++ b/plugins/snat-plugin/snat/snat.h @@ -55,6 +55,19 @@ typedef struct { }; } snat_user_key_t; +typedef struct { + union + { + struct + { + ip4_address_t addr; + u16 port; + u16 pad; + }; + u64 as_u64; + }; +} snat_static_mapping_key_t; + typedef enum { SNAT_PROTOCOL_UDP = 0, @@ -63,6 +76,8 @@ typedef enum { } snat_protocol_t; +#define SNAT_SESSION_FLAG_STATIC_MAPPING 1 + typedef CLIB_PACKED(struct { snat_session_key_t out2in; /* 0-15 */ @@ -87,12 +102,12 @@ typedef CLIB_PACKED(struct { }) snat_session_t; -#define SNAT_SESSION_STATIC (1<<0) typedef struct { ip4_address_t addr; u32 sessions_per_user_list_head_index; u32 nsessions; + u32 nstaticsessions; } snat_user_t; typedef struct { @@ -102,6 +117,16 @@ typedef struct { } snat_address_t; typedef struct { + ip4_address_t local_addr; + ip4_address_t external_addr; + u16 local_port; + u16 external_port; + u8 addr_only; + u32 vrf_id; + u32 fib_index; +} snat_static_mapping_t; + +typedef struct { /* Main lookup tables */ clib_bihash_8_8_t out2in; clib_bihash_8_8_t in2out; @@ -109,12 +134,21 @@ typedef struct { /* Find-a-user => src address lookup */ clib_bihash_8_8_t user_hash; + /* Find a static mapping by local */ + clib_bihash_8_8_t static_mapping_by_local; + + /* Find a static mapping by external */ + clib_bihash_8_8_t static_mapping_by_external; + /* User pool */ snat_user_t * users; /* Session pool */ snat_session_t * sessions; + /* Static mapping pool */ + snat_static_mapping_t * static_mappings; + /* Vector of outside addresses */ snat_address_t * addresses; @@ -127,8 +161,12 @@ typedef struct { /* ip4 feature path indices */ u32 rx_feature_in2out; u32 rx_feature_out2in; + u32 rx_feature_in2out_fast; + u32 rx_feature_out2in_fast; /* Config parameters */ + u8 static_mapping_only; + u8 static_mapping_connection_tracking; u32 translation_buckets; u32 translation_memory_size; u32 user_buckets; @@ -136,6 +174,8 @@ typedef struct { u32 max_translations_per_user; u32 outside_vrf_id; u32 outside_fib_index; + u32 inside_vrf_id; + u32 inside_fib_index; /* API message ID base */ u16 msg_id_base; @@ -152,6 +192,8 @@ typedef struct { extern snat_main_t snat_main; extern vlib_node_registration_t snat_in2out_node; extern vlib_node_registration_t snat_out2in_node; +extern vlib_node_registration_t snat_in2out_fast_node; +extern vlib_node_registration_t snat_out2in_fast_node; void snat_free_outside_address_and_port (snat_main_t * sm, snat_session_key_t * k, @@ -160,6 +202,12 @@ void snat_free_outside_address_and_port (snat_main_t * sm, int snat_alloc_outside_address_and_port (snat_main_t * sm, snat_session_key_t * k, u32 * address_indexp); + +int snat_static_mapping_match (snat_main_t * sm, + snat_session_key_t match, + snat_session_key_t * mapping, + u8 by_external); + format_function_t format_snat_user; typedef struct { @@ -167,6 +215,12 @@ typedef struct { u32 cached_ip4_address; } snat_runtime_t; +/** \brief Check if SNAT session is created from static mapping. + @param s SNAT session + @return 1 if SNAT session is created from static mapping otherwise 0 +*/ +#define snat_is_session_static(s) s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING + /* * Why is this here? Because we don't need to touch this layer to * simply reply to an icmp. We need to change id to a unique |