From 7968e6cad5fac28568162945e2e57556740013fd Mon Sep 17 00:00:00 2001
From: Matus Fabian <matfabia@cisco.com>
Date: Thu, 6 Jul 2017 05:37:49 -0700
Subject: SNAT: Fallback to 3-tuple key for non TCP/UDP sessions (VPP-884)

Change-Id: I4868ff6e81c579b29d3ea066976ae145f8b83e9e
Signed-off-by: Matus Fabian <matfabia@cisco.com>
---
 src/plugins/snat/snat.h | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

(limited to 'src/plugins/snat/snat.h')

diff --git a/src/plugins/snat/snat.h b/src/plugins/snat/snat.h
index 016c2ff55df..1bc5fcd7545 100644
--- a/src/plugins/snat/snat.h
+++ b/src/plugins/snat/snat.h
@@ -24,6 +24,7 @@
 #include <vnet/ip/icmp46_packet.h>
 #include <vnet/api_errno.h>
 #include <vppinfra/bihash_8_8.h>
+#include <vppinfra/bihash_16_8.h>
 #include <vppinfra/dlist.h>
 #include <vppinfra/error.h>
 #include <vlibapi/api.h>
@@ -51,6 +52,21 @@ typedef struct {
   };
 } snat_session_key_t;
 
+typedef struct {
+  union
+  {
+    struct
+    {
+      ip4_address_t l_addr;
+      ip4_address_t r_addr;
+      u32 fib_index;
+      u8 proto;
+      u8 rsvd[3];
+    };
+    u64 as_u64[2];
+  };
+} snat_unk_proto_ses_key_t;
+
 typedef struct {
   union
   {
@@ -120,6 +136,7 @@ typedef enum {
 
 
 #define SNAT_SESSION_FLAG_STATIC_MAPPING 1
+#define SNAT_SESSION_FLAG_UNKNOWN_PROTO  2
 
 typedef CLIB_PACKED(struct {
   snat_session_key_t out2in;    /* 0-15 */
@@ -143,6 +160,9 @@ typedef CLIB_PACKED(struct {
   /* Outside address */
   u32 outside_address_index;    /* 64-67 */
 
+  /* External host address */
+  ip4_address_t ext_host_addr;  /* 68-71 */
+
 }) snat_session_t;
 
 
@@ -240,6 +260,10 @@ typedef struct snat_main_s {
   clib_bihash_8_8_t out2in;
   clib_bihash_8_8_t in2out;
 
+  /* Unknown protocol sessions lookup tables */
+  clib_bihash_16_8_t out2in_unk_proto;
+  clib_bihash_16_8_t in2out_unk_proto;
+
   /* Find-a-user => src address lookup */
   clib_bihash_8_8_t user_hash;
 
@@ -374,6 +398,12 @@ typedef struct {
 */
 #define snat_is_session_static(s) s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING
 
+/** \brief Check if SNAT session for unknown protocol.
+    @param s SNAT session
+    @return 1 if SNAT session for unknown protocol otherwise 0
+*/
+#define snat_is_unk_proto_session(s) s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO
+
 /* 
  * Why is this here? Because we don't need to touch this layer to
  * simply reply to an icmp. We need to change id to a unique
-- 
cgit 1.2.3-korg