summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/dslite.c
blob: 12c813200ec4a90cd050733e97ce8519424257c1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
/*
 * Copyright (c) 2017 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
#include <nat/dslite.h>
#include <nat/dslite_dpo.h>
#include <vnet/fib/fib_table.h>

dslite_main_t dslite_main;

void
dslite_init (vlib_main_t * vm)
{
  dslite_main_t *dm = &dslite_main;
  vlib_thread_registration_t *tr;
  vlib_thread_main_t *tm = vlib_get_thread_main ();
  uword *p;
  dslite_per_thread_data_t *td;
  u32 translation_buckets = 1024;
  u32 translation_memory_size = 128 << 20;
  u32 b4_buckets = 128;
  u32 b4_memory_size = 64 << 20;

  dm->first_worker_index = 0;
  dm->num_workers = 0;

  p = hash_get_mem (tm->thread_registrations_by_name, "workers");
  if (p)
    {
      tr = (vlib_thread_registration_t *) p[0];
      if (tr)
	{
	  dm->num_workers = tr->count;
	  dm->first_worker_index = tr->first_index;
	}
    }

  if (dm->num_workers)
    dm->port_per_thread = (0xffff - 1024) / dm->num_workers;
  else
    dm->port_per_thread = 0xffff - 1024;

  vec_validate (dm->per_thread_data, tm->n_vlib_mains - 1);

  /* *INDENT-OFF* */
  vec_foreach (td, dm->per_thread_data)
    {
      clib_bihash_init_24_8 (&td->in2out, "in2out", translation_buckets,
                             translation_memory_size);

      clib_bihash_init_8_8 (&td->out2in, "out2in", translation_buckets,
                            translation_memory_size);

      clib_bihash_init_16_8 (&td->b4_hash, "b4s", b4_buckets, b4_memory_size);
    }
  /* *INDENT-ON* */

  dm->is_ce = 0;

  dslite_dpo_module_init ();
}

void
dslite_set_ce (dslite_main_t * dm, u8 set)
{
  dm->is_ce = (set != 0);
}

int
dslite_set_aftr_ip6_addr (dslite_main_t * dm, ip6_address_t * addr)
{
  dpo_id_t dpo = DPO_INVALID;

  if (dm->is_ce)
    {
      dslite_ce_dpo_create (DPO_PROTO_IP4, 0, &dpo);
      fib_prefix_t pfx = {
	.fp_proto = FIB_PROTOCOL_IP4,
	.fp_len = 0,
	.fp_addr.ip4.as_u32 = 0,
      };
      fib_table_entry_special_dpo_add (0, &pfx, FIB_SOURCE_PLUGIN_HI,
				       FIB_ENTRY_FLAG_EXCLUSIVE, &dpo);
    }
  else
    {
      dslite_dpo_create (DPO_PROTO_IP6, 0, &dpo);
      fib_prefix_t pfx = {
	.fp_proto = FIB_PROTOCOL_IP6,
	.fp_len = 128,
	.fp_addr.ip6.as_u64[0] = addr->as_u64[0],
	.fp_addr.ip6.as_u64[1] = addr->as_u64[1],
      };
      fib_table_entry_special_dpo_add (0, &pfx, FIB_SOURCE_PLUGIN_HI,
				       FIB_ENTRY_FLAG_EXCLUSIVE, &dpo);
    }

  dpo_reset (&dpo);

  dm->aftr_ip6_addr.as_u64[0] = addr->as_u64[0];
  dm->aftr_ip6_addr.as_u64[1] = addr->as_u64[1];
  return 0;
}

int
dslite_set_aftr_ip4_addr (dslite_main_t * dm, ip4_address_t * addr)
{
  dm->aftr_ip4_addr.as_u32 = addr->as_u32;
  return 0;
}

int
dslite_set_b4_ip6_addr (dslite_main_t * dm, ip6_address_t * addr)
{
  if (dm->is_ce)
    {
      dpo_id_t dpo = DPO_INVALID;

      dslite_ce_dpo_create (DPO_PROTO_IP6, 0, &dpo);
      fib_prefix_t pfx = {
	.fp_proto = FIB_PROTOCOL_IP6,
	.fp_len = 128,
	.fp_addr.ip6.as_u64[0] = addr->as_u64[0],
	.fp_addr.ip6.as_u64[1] = addr->as_u64[1],
      };
      fib_table_entry_special_dpo_add (0, &pfx, FIB_SOURCE_PLUGIN_HI,
				       FIB_ENTRY_FLAG_EXCLUSIVE, &dpo);

      dpo_reset (&dpo);

      dm->b4_ip6_addr.as_u64[0] = addr->as_u64[0];
      dm->b4_ip6_addr.as_u64[1] = addr->as_u64[1];
    }
  else
    {
      return VNET_API_ERROR_FEATURE_DISABLED;
    }

  return 0;
}

int
dslite_set_b4_ip4_addr (dslite_main_t * dm, ip4_address_t * addr)
{
  if (dm->is_ce)
    {
      dm->b4_ip4_addr.as_u32 = addr->as_u32;
    }
  else
    {
      return VNET_API_ERROR_FEATURE_DISABLED;
    }

  return 0;
}

int
dslite_add_del_pool_addr (dslite_main_t * dm, ip4_address_t * addr, u8 is_add)
{
  vlib_thread_main_t *tm = vlib_get_thread_main ();
  snat_address_t *a = 0;
  int i = 0;
  dpo_id_t dpo_v4 = DPO_INVALID;
  fib_prefix_t pfx = {
    .fp_proto = FIB_PROTOCOL_IP4,
    .fp_len = 32,
    .fp_addr.ip4.as_u32 = addr->as_u32,
  };

  for (i = 0; i < vec_len (dm->addr_pool); i++)
    {
      if (dm->addr_pool[i].addr.as_u32 == addr->as_u32)
	{
	  a = dm->addr_pool + i;
	  break;
	}
    }
  if (is_add)
    {
      if (a)
	return VNET_API_ERROR_VALUE_EXIST;
      vec_add2 (dm->addr_pool, a, 1);
      a->addr = *addr;
#define _(N, i, n, s) \
      clib_bitmap_alloc (a->busy_##n##_port_bitmap, 65535); \
      a->busy_##n##_ports = 0; \
      vec_validate_init_empty (a->busy_##n##_ports_per_thread, tm->n_vlib_mains - 1, 0);
      foreach_snat_protocol
#undef _
	dslite_dpo_create (DPO_PROTO_IP4, 0, &dpo_v4);
      fib_table_entry_special_dpo_add (0, &pfx, FIB_SOURCE_PLUGIN_HI,
				       FIB_ENTRY_FLAG_EXCLUSIVE, &dpo_v4);
      dpo_reset (&dpo_v4);
    }
  else
    {
      if (!a)
	return VNET_API_ERROR_NO_SUCH_ENTRY;
#define _(N, id, n, s) \
      clib_bitmap_free (a->busy_##n##_port_bitmap); \
      vec_free (a->busy_##n##_ports_per_thread);
      foreach_snat_protocol
#undef _
	fib_table_entry_special_remove (0, &pfx, FIB_SOURCE_PLUGIN_HI);
      vec_del1 (dm->addr_pool, i);
    }
  return 0;
}

u8 *
format_dslite_trace (u8 * s, va_list * args)
{
  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
  dslite_trace_t *t = va_arg (*args, dslite_trace_t *);

  s =
    format (s, "next index %d, session %d", t->next_index, t->session_index);

  return s;
}

u8 *
format_dslite_ce_trace (u8 * s, va_list * args)
{
  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
  dslite_ce_trace_t *t = va_arg (*args, dslite_ce_trace_t *);

  s = format (s, "next index %d", t->next_index);

  return s;
}

/*
 * fd.io coding-style-patch-verification: ON
 *
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End:
 */
"n">u32 next_node_opaque; }; u32 seq_end; u32 ack_number; u16 hdr_offset; /**< offset relative to ip hdr */ u16 data_offset; /**< offset relative to ip hdr */ u16 data_len; /**< data len */ u8 flags; } tcp; /* SNAT */ struct { u32 flags; } snat; u32 unused[6]; }; } vnet_buffer_opaque_t; /* * The opaque field of the vlib_buffer_t is interpreted as a * vnet_buffer_opaque_t. Hence it should be big enough to accommodate one. */ STATIC_ASSERT (sizeof (vnet_buffer_opaque_t) <= STRUCT_SIZE_OF (vlib_buffer_t, opaque), "VNET buffer meta-data too large for vlib_buffer"); #define vnet_buffer(b) ((vnet_buffer_opaque_t *) (b)->opaque) /* Full cache line (64 bytes) of additional space */ typedef struct { /** * QoS marking data that needs to persist from the recording nodes * (nominally in the ingress path) to the marking node (in the * egress path) */ struct { u8 bits; u8 source; } qos; u8 loop_counter; u8 __unused[1]; /* Group Based Policy */ struct { u8 __unused; u8 flags; u16 sclass; } gbp; /** * The L4 payload size set on input on GSO enabled interfaces * when we receive a GSO packet (a chain of buffers with the first one * having GSO bit set), and needs to persist all the way to the interface-output, * in case the egress interface is not GSO-enabled - then we need to perform * the segmentation, and use this value to cut the payload appropriately. */ u16 gso_size; /* size of L4 prototol header */ u16 gso_l4_hdr_sz; /* The union below has a u64 alignment, so this space is unused */ u32 __unused2[1]; union { struct { #if VLIB_BUFFER_TRACE_TRAJECTORY > 0 /* buffer trajectory tracing */ u16 *trajectory_trace; #endif }; struct { u64 pad[1]; u64 pg_replay_timestamp; }; u32 unused[8]; }; } vnet_buffer_opaque2_t; #define vnet_buffer2(b) ((vnet_buffer_opaque2_t *) (b)->opaque2) /* * The opaque2 field of the vlib_buffer_t is interpreted as a * vnet_buffer_opaque2_t. Hence it should be big enough to accommodate one. */ STATIC_ASSERT (sizeof (vnet_buffer_opaque2_t) <= STRUCT_SIZE_OF (vlib_buffer_t, opaque2), "VNET buffer opaque2 meta-data too large for vlib_buffer"); #define gso_mtu_sz(b) (vnet_buffer2(b)->gso_size + \ vnet_buffer2(b)->gso_l4_hdr_sz + \ vnet_buffer(b)->l4_hdr_offset - \ vnet_buffer (b)->l3_hdr_offset) format_function_t format_vnet_buffer; #endif /* included_vnet_buffer_h */ /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */