cnat: Destination based NAT

Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I64a99a4fbc674212944247793fd5c1fb701408cb
author: Neale Ranns <nranns@cisco.com> 2020-05-19 07:17:19 +0000
committer: Andrew Yourtchenko <ayourtch@gmail.com> 2020-08-31 09:23:32 +0000
commit: 29f3c7d2ecac2f9d80bb33e91bd5d1f9d434768a (patch)
tree: 66d7c69f2c24959ef4f6ef67b7c56dba11d8be29 /src/plugins/cnat/cnat_session.h
parent: 133c91c1c06e7c773ba675181901ba0dcf955ae6 (diff)
1 files changed, 157 insertions, 0 deletions
diff --git a/src/plugins/cnat/cnat_session.h b/src/plugins/cnat/cnat_session.h
new file mode 100644
index 00000000000..9e1e89342a8
--- /dev/null
+++ b/src/plugins/cnat/cnat_session.h
@@ -0,0 +1,157 @@
+/*
+ * Copyright (c) 2020 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __CNAT_SESSION_H__
+#define __CNAT_SESSION_H__
+
+#include <vnet/udp/udp.h>
+
+#include <cnat/cnat_types.h>
+#include <cnat/cnat_client.h>
+#include <cnat/bihash_40_48.h>
+
+
+/**
+ * A session represents the memory of a translation.
+ * In the tx direction (from behind to in front of the NAT), the
+ * session is preserved so subsequent packets follow the same path
+ * even if the translation has been updated. In the tx direction
+ * the session represents the swap from the VIP to the server address
+ * In the RX direction the swap is from the server address/port to VIP.
+ *
+ * A session exists only as key and value in the bihash, there is no
+ * pool for this object. If there were a pool, one would need to be
+ * concerned about what worker is using it.
+ */
+typedef struct cnat_session_t_
+{
+  /**
+   * this key sits in the same memory location a 'key' in the bihash kvp
+   */
+  struct
+  {
+    /**
+     * IP 4/6 address in the rx/tx direction
+     */
+    ip46_address_t cs_ip[VLIB_N_DIR];
+
+    /**
+     * ports in rx/tx
+     */
+    u16 cs_port[VLIB_N_DIR];
+
+    /**
+     * The IP protocol TCP or UDP only supported
+     */
+    ip_protocol_t cs_proto;
+
+    /**
+     * The address family describing the IP addresses
+     */
+    u8 cs_af;
+
+    /**
+     * spare space
+     */
+    u8 __cs_pad[2];
+  } key;
+  /**
+   * this value sits in the same memory location a 'value' in the bihash kvp
+   */
+  struct
+  {
+    /**
+     * The IP address to translate to.
+     */
+    ip46_address_t cs_ip[VLIB_N_DIR];
+
+    /**
+     * the port to translate to.
+     */
+    u16 cs_port[VLIB_N_DIR];
+
+    /**
+     * The load balance object to use to forward
+     */
+    index_t cs_lbi;
+
+    /**
+     * Timestamp index this session was last used
+     */
+    u32 cs_ts_index;
+    /**
+     * Indicates a return path session that was source NATed
+     * on the way in.
+     */
+    u32 flags;
+  } value;
+} cnat_session_t;
+
+typedef enum cnat_session_flag_t_
+{
+  CNAT_SESSION_FLAG_HAS_SNAT = (1 << 0),
+  CNAT_SESSION_FLAG_ALLOC_PORT = (1 << 1),
+  CNAT_SESSION_FLAG_NO_CLIENT = (1 << 2),
+} cnat_session_flag_t;
+
+extern u8 *format_cnat_session (u8 * s, va_list * args);
+
+/**
+ * Ensure the session object correctly overlays the bihash key/value pair
+ */
+STATIC_ASSERT (STRUCT_OFFSET_OF (cnat_session_t, key) ==
+	       STRUCT_OFFSET_OF (clib_bihash_kv_40_48_t, key),
+	       "key overlaps");
+STATIC_ASSERT (STRUCT_OFFSET_OF (cnat_session_t, value) ==
+	       STRUCT_OFFSET_OF (clib_bihash_kv_40_48_t, value),
+	       "value overlaps");
+STATIC_ASSERT (sizeof (cnat_session_t) == sizeof (clib_bihash_kv_40_48_t),
+	       "session kvp");
+
+/**
+ * The DB of sessions
+ */
+extern clib_bihash_40_48_t cnat_session_db;
+
+/**
+ * Callback function invoked during a walk of all translations
+ */
+typedef walk_rc_t (*cnat_session_walk_cb_t) (const cnat_session_t *
+					     session, void *ctx);
+
+/**
+ * Walk/visit each of the cnat session
+ */
+extern void cnat_session_walk (cnat_session_walk_cb_t cb, void *ctx);
+
+/**
+ * Scan the session DB for expired sessions
+ */
+extern u64 cnat_session_scan (vlib_main_t * vm, f64 start_time, int i);
+
+/**
+ * Purge all the sessions
+ */
+extern int cnat_session_purge (void);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
+
+#endif
author	Neale Ranns <nranns@cisco.com>	2020-05-19 07:17:19 +0000
committer	Andrew Yourtchenko <ayourtch@gmail.com>	2020-08-31 09:23:32 +0000
commit	29f3c7d2ecac2f9d80bb33e91bd5d1f9d434768a (patch)
tree	66d7c69f2c24959ef4f6ef67b7c56dba11d8be29 /src/plugins/cnat/cnat_session.h
parent	133c91c1c06e7c773ba675181901ba0dcf955ae6 (diff)