diff options
author | Neale Ranns <nranns@cisco.com> | 2020-05-19 07:17:19 +0000 |
---|---|---|
committer | Andrew Yourtchenko <ayourtch@gmail.com> | 2020-08-31 09:23:32 +0000 |
commit | 29f3c7d2ecac2f9d80bb33e91bd5d1f9d434768a (patch) | |
tree | 66d7c69f2c24959ef4f6ef67b7c56dba11d8be29 /src/plugins/cnat/cnat_session.h | |
parent | 133c91c1c06e7c773ba675181901ba0dcf955ae6 (diff) |
cnat: Destination based NAT
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I64a99a4fbc674212944247793fd5c1fb701408cb
Diffstat (limited to 'src/plugins/cnat/cnat_session.h')
-rw-r--r-- | src/plugins/cnat/cnat_session.h | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/src/plugins/cnat/cnat_session.h b/src/plugins/cnat/cnat_session.h new file mode 100644 index 00000000000..9e1e89342a8 --- /dev/null +++ b/src/plugins/cnat/cnat_session.h @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2020 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __CNAT_SESSION_H__ +#define __CNAT_SESSION_H__ + +#include <vnet/udp/udp.h> + +#include <cnat/cnat_types.h> +#include <cnat/cnat_client.h> +#include <cnat/bihash_40_48.h> + + +/** + * A session represents the memory of a translation. + * In the tx direction (from behind to in front of the NAT), the + * session is preserved so subsequent packets follow the same path + * even if the translation has been updated. In the tx direction + * the session represents the swap from the VIP to the server address + * In the RX direction the swap is from the server address/port to VIP. + * + * A session exists only as key and value in the bihash, there is no + * pool for this object. If there were a pool, one would need to be + * concerned about what worker is using it. + */ +typedef struct cnat_session_t_ +{ + /** + * this key sits in the same memory location a 'key' in the bihash kvp + */ + struct + { + /** + * IP 4/6 address in the rx/tx direction + */ + ip46_address_t cs_ip[VLIB_N_DIR]; + + /** + * ports in rx/tx + */ + u16 cs_port[VLIB_N_DIR]; + + /** + * The IP protocol TCP or UDP only supported + */ + ip_protocol_t cs_proto; + + /** + * The address family describing the IP addresses + */ + u8 cs_af; + + /** + * spare space + */ + u8 __cs_pad[2]; + } key; + /** + * this value sits in the same memory location a 'value' in the bihash kvp + */ + struct + { + /** + * The IP address to translate to. + */ + ip46_address_t cs_ip[VLIB_N_DIR]; + + /** + * the port to translate to. + */ + u16 cs_port[VLIB_N_DIR]; + + /** + * The load balance object to use to forward + */ + index_t cs_lbi; + + /** + * Timestamp index this session was last used + */ + u32 cs_ts_index; + /** + * Indicates a return path session that was source NATed + * on the way in. + */ + u32 flags; + } value; +} cnat_session_t; + +typedef enum cnat_session_flag_t_ +{ + CNAT_SESSION_FLAG_HAS_SNAT = (1 << 0), + CNAT_SESSION_FLAG_ALLOC_PORT = (1 << 1), + CNAT_SESSION_FLAG_NO_CLIENT = (1 << 2), +} cnat_session_flag_t; + +extern u8 *format_cnat_session (u8 * s, va_list * args); + +/** + * Ensure the session object correctly overlays the bihash key/value pair + */ +STATIC_ASSERT (STRUCT_OFFSET_OF (cnat_session_t, key) == + STRUCT_OFFSET_OF (clib_bihash_kv_40_48_t, key), + "key overlaps"); +STATIC_ASSERT (STRUCT_OFFSET_OF (cnat_session_t, value) == + STRUCT_OFFSET_OF (clib_bihash_kv_40_48_t, value), + "value overlaps"); +STATIC_ASSERT (sizeof (cnat_session_t) == sizeof (clib_bihash_kv_40_48_t), + "session kvp"); + +/** + * The DB of sessions + */ +extern clib_bihash_40_48_t cnat_session_db; + +/** + * Callback function invoked during a walk of all translations + */ +typedef walk_rc_t (*cnat_session_walk_cb_t) (const cnat_session_t * + session, void *ctx); + +/** + * Walk/visit each of the cnat session + */ +extern void cnat_session_walk (cnat_session_walk_cb_t cb, void *ctx); + +/** + * Scan the session DB for expired sessions + */ +extern u64 cnat_session_scan (vlib_main_t * vm, f64 start_time, int i); + +/** + * Purge all the sessions + */ +extern int cnat_session_purge (void); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ + +#endif |