FD.io VPP  v16.09
Vector Packet Processing
cnat_config.h
Go to the documentation of this file.
1 /*
2  *------------------------------------------------------------------
3  * cnat_config.h - configuration database definitions
4  *
5  * Copyright (c) 2007-2013 Cisco and/or its affiliates.
6  * Licensed under the Apache License, Version 2.0 (the "License");
7  * you may not use this file except in compliance with the License.
8  * You may obtain a copy of the License at:
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  *------------------------------------------------------------------
18  */
19 
20 #ifndef __CNAT_CONFIG_H__
21 #define __CNAT_CONFIG_H__
22 
23 #include <vlib/vlib.h>
24 #include <vnet/vnet.h>
25 
26 #include "cnat_bulk_port_defs.h"
27 
28 /* default policy value */
29 #define V4_DEF_ICMP_S_TO 60 /*icmp session timeout */
30 #define V4_DEF_UDP_IS_TO 30 /*udp init session timeout */
31 #define V4_DEF_UDP_AS_TO 120 /*udp active session timeout */
32 #define V4_DEF_TCP_IS_TO 120 /*tcp init session timeout */
33 #define V4_DEF_TCP_AS_TO 1800 /*tcp active session timeout, 30 min */
34 #define V4_DEF_TCP_MSS 1460 /*tcp mss */
35 #define V4_DEF_MAX_PORTS 100 /*max port limit per user */
36 #define DEF_RATE_LIMIT PLATFORM_MAX_CORES /* No of packets/sec icmp generated */
37 #define DEF_RATE_LIMIT_CORE 1 /* No of packets/sec icmp generated (per core) */
38 #define RATE_LIMIT_UDP_CORE 1000 /* Max allowed udp crc zero packets/sec/core */
39 
40 #define NAT44_RESERVED_INST_ID 1
41 #define DSLITE_START_ID (NAT44_RESERVED_INST_ID + 1)
42 #define V4_DEF_VRF_MAX_PORTS 0 /*max port limit per vrf user;
43  0 means use the global port limit for user*/
44 /*Hardcoded . TBD - can be made configurable */
45 
46 #define V4_DEF_ENABLE 1 /* feature enable */
47 #define V4_DEF_DISABLE 0 /* feature disable */
48 
49 #define CNAT_DEF_STATIC_PORT_RANGE 1024 /* Default range for static ports */
50 /*
51  * If TCP MSS is not configured, store the maximum possible value
52  */
53 #define V4_TCP_MSS_NOT_CONFIGURED_VALUE 0xffff
54 
55 /* default timeout for fragments in seconds set to 2
56  * in case its not configured
57  */
58 #define CNAT_IPV4_FRAG_TIMEOUT_DEF 2
59 /* other */
60 /* max db entries to be scaned */
61 #define MAX_DB_ENTRY_PER_SCAN PLATFORM_MAX_DB_ENTRY_PER_SCAN
62 /* max db entries selected per scan */
63 #define MAX_DB_ENTRY_SELECTED_PER_SCAN PLATFORM_MAX_DB_ENTRY_SELECTED_PER_SCAN
64 
65 #define ICMP_MSG_RATE_LIMIT 3 /* rate limit for icmp message */
66 #define V4_CONFIG_DELETE_TO 600 /* timeout for entry to be deleted */
67 
68 /* session timeout */
69 
71 extern u16 tcp_active_timeout;
75 
76 extern u8 timeout_dirty_flag;
77 
78 /* mapping refresh direction,
79  * 0 outbound only refresh,
80  * 1 inbound and outbound refresh
81  */
83 
84 
89 
91 
92 typedef enum {
96  LOG_FORMAT_MAX, /* keep this as last */
97 } log_format_t;
98 
99 typedef enum {
103 
104 extern u8 ftp_alg_enabled;
105 extern u16 rtsp_alg_port_num;
106 
107 /*
108  * load balancing debug mode
109  */
110 extern u8 lb_debug_enable;
111 
112 /* good or evil mode
113  * 0 endpoint-independnet filter, good mode
114  * 1 address depedent filter, evil mode
115  */
117 
119 
120 /* vrfmap or portmap holding time
121  * after delete
122  */
124 
125 /*
126  * Bit map for various configuration in the POLICY KNOB case
127  */
128 #define BIDIR_REFRESH_ENABLE 0x01
129 #define BIDIR_REFRESH_DISABLE 0x02
130 #define FTP_ALG_ENABLE 0x04
131 #define FTP_ALG_DISABLE 0x08
132 #define DEFAULT_NFV9_LOGGING_SERVER_ENABLE 0x10
133 #define DEFAULT_NFV9_LOGGING_SERVER_DISABLE 0x20
134 
135 
136 /*
137  * This structure contains a single VRF map configuration
138  * from a bulk message. This structure is in conformanace
139  * with the following structures defined in cnat_config_api.h
140  * - spp_api_cnat_v4_bulk_vrf_map_t
141  *
142  * Any change in the above structures should be propagated here
143  */
144 typedef struct _spp_api_cnat_v4_single_vrf_map_req {
145  u32 i_vrf_id;
146  u32 o_vrf_id;
147 
148  u16 i_vrf;
149  u16 o_vrf;
150 
151  u32 start_addr;
152  u32 end_addr;
153 
154  u16 vrf_policy_enable;
155 #define TCP_MSS_ENABLE 0x0001
156 #define TCP_MSS_DISABLE 0x0002
157 #define NFV9_LOGGING_ENABLE 0x0004
158 #define NFV9_LOGGING_DISABLE 0x0008
159 #define VRF_MAP_DELETE 0x0010
160 #define VRF_MAP_ADD 0x0020
161 #define BULK_ALLOC_CHANGE 0x0040
162 
163  u16 tcp_mss_value;
164  u32 vrf_nfv9_logging_ipv4_address;
165  u16 vrf_nfv9_logging_udp_port;
166  u16 vrf_nfv9_refresh_rate;
167  u16 vrf_nfv9_timeout_rate;
168  u16 vrf_nfv9_path_mtu;
169 #ifndef NO_BULK_LOGGING
170  bulk_alloc_size_t bulk_size;
171 #endif /* NO_BULK_LOGGING */
173 
174 typedef struct _spp_api_cnat_v4_single_vrf_map_rc {
175  u8 vrf_map_rc;
176  u8 tcp_mss_rc;
177  u8 nfv9_logging_rc;
178  u8 pad;
180 
181 /*
182  * Bulk Response for the VRF map request
183  */
184 typedef struct _spp_api_cnat_v4_bulk_vrf_map_resp {
185  u16 _spp_msg_id;
186  u8 bulk_rc;
187  u8 pad;
188 
189  u32 num_vrfmap_entries;
190 
192 
194 
195 /*
196  * Bulk Response for the Policy Knob request
197  */
198 typedef struct _spp_api_cnat_v4_bulk_policy_knob_resp {
199  u16 _spp_msg_id;
200  u8 bulk_rc; /* Global rc code */
201  u8 pad;
202 
203  u8 port_limit_rc;
204  u8 icmp_timeout_rc;
205  u8 udp_init_timeout_rc;
206  u8 udp_act_timeout_rc;
207 
208  u8 tcp_init_timeout_rc;
209  u8 tcp_act_timeout_rc;
210  u8 nfv9_logging_rc;
211  u8 pad2;
213 
214 
215 /* PPTP ALG defs and structures */
216 
217 /* dont change the order..
218  maintened at offset mapped to msg ids */
219 
220 typedef struct pptp_ctrl_msg_ctrs_t {
238 
239 #define PPTP_INCR(ctr) pptp_cfg.counters.pptp_##ctr++
240 #define PPTP_DECR(ctr) pptp_cfg.counters.pptp_##ctr--
241 
242 typedef struct pptp_counters_t {
243 
252 
254 
255 #define CNAT_PPTP_ENABLE 1
256 #define CNAT_PPTP_DEF_TIMEOUT 60 /* secs */
257 
258 typedef struct cnat_pptp_config_t {
262 
264 
265 
266 #define CNAT_PPTP_ENABLE_FLAG 0x01
267 #define CNAT_PPTP_TIMEOUT_FLAG 0x02
268 
269 /* pptp config msg resp */
270 typedef struct _spp_api_cnat_v4_config_pptp_alg_resp {
271  u16 _spp_msg_id;
272  u8 bulk_rc;
273  u8 pad;
274 
276 
277 typedef struct {
280  u8 pad[5];
281 
282  /* better to have a group structures rather than individual
283  variables, any change in counters is will automatically
284  reflect here */
287 
288 
290 
291 
292 /* ========= 6RD declarations =============================== */
293 
294 #define V6RD_ENTRY_DELETE 0x00
295 #define IPV4_TUNNEL_SRC_CONFIG 0x04
296 #define TUNNEL_MTU_CONFIG 0x08
297 #define IPV4_PREFIXMASK_LEN_CONFIG 0x10
298 #define IPV4_SUFFIXMASK_LEN_CONFIG 0x20
299 #define TTL_CONFIG 0x40
300 #define TOS_CONFIG 0x80
301 #define V6RD_IPV6_PREFIX_CONFIG 0x100
302 #define V6RD_RESET_DF_BIT_CONFIG 0x200
303 #define V6RD_UNICAST_ADDR_CONFIG 0x400
304 #define V6RD_REASSEMB_CONFIG 0x800
305 
306 #define TTL_ENABLE 0x1
307 #define TOS_ENABLE 0x2
308 #define RESET_DF_BIT 0x4
309 #define REASSEMBLY_ENABLE 0x8
310 
311 /* ========= 6RD declarations =============================== */
312 
313 /*
314  * Single Request for XLAT config
315  */
316 typedef struct _spp_api_cnat_v4_single_xlat_config_req {
317 
318  /*
319  * Indicates the xlat instance id - How big will this value be
320  * Can we restrict it between 0..255, that way the APP code
321  * can use an array to store the xlat instances.
322  */
323  u32 xlat_id;
324 
325 #define XLAT_ENTRY_DELETE 0x0000
326 #define IPV6_SVI_IF_NUM_CONFIG 0x0001
327 #define IPV4_SVI_IF_NUM_CONFIG 0x0002
328 #define IPV4_TO_IPV6_TCP_MSS_CONFIG 0x0004
329 #define IPV6_TO_IPV4_TCP_MSS_CONFIG 0x0008
330 #define IPV6_PREFIX_CONFIG 0x0010
331 #define IPV6_UBIT_ON_CONFIG 0x0020
332 #define IPV6_NON_TRANSLATABLE_PREFIX_MAP_CONFIG 0x0040
333 #define IPV4_TOS_SETTING_CONFIG 0x0080
334 #define IPV6_TOS_SETTING_CONFIG 0x0100
335 #define IPV4_DFBIT_CLEAR_CONFIG 0x0200
336 #define ICMPV6_PTB_MTU_SET_CONFIG 0x0400
337 #define IPV6_NON_TRANSLATABLE_PREFIX_MAP_ALG_CONFIG 0x0800
338 #define CPE_V4_PREFIX_CONFIG 0x1000 /* for map-t */
339 #define CPE_V6_PREFIX_CONFIG 0x2000 /* for map-t */
340 #define EXTERNAL_V6_PREFIX_CONFIG 0x4000 /* for map-t */
341 #define PORT_SHARING_RATIO_CONFIG 0x8000 /* for map-t */
342 #define CONSECUTIVE_PORTS_CONFIG 0x10000 /* for map-t */
343 
344  u32 xlat_config_fields_enable;
345 
346  /*
347  * If numbers of the IPv6 and IPv4 SVI interfaces
348  */
349  u32 ipv6_svi_if_num;
350  u32 ipv4_svi_if_num;
351 
352  /*
353  * TCP MSS values for the 2 XLAT directions
354  */
355  u16 v4_to_v6_tcp_mss;
356  u16 v6_to_v4_tcp_mss;
357 
358  /*
359  * XLAT IPv6 prefix
360  */
361  u32 v6_prefix[4];
362 
363  /*
364  * XLAT IPv6 prefix mask
365  */
366  u8 v6_prefix_mask_len;
367 
368  /*
369  * Set to non-zero if UBITs are reserved
370  */
371 #define UBITS_ON 0x01
372 #define IPV4_DF_BIT_CLEAR 0x02
373 #define ICMPV6_MTU_SET 0x04
374 #define IPV4_TOS_SET_ENABLED 0x08
375 #define IPV6_TC_SET_ENABLED 0x10
376 
377  u8 feature_enable_bits;
378 
379  u8 v4_prefix_mask_len;
380 
381 #define IPV6_NON_TRANSLATABLE_PREFIX_MAP_ALG_HASH 0x1
382 #define IPV6_NON_TRANSLATABLE_PREFIX_MAP_ALG_TTL 0x2
383 #define IPV6_NON_TRANSLATABLE_PREFIX_MAP_ALG_RANDOM 0x3
384  u8 non_translatable_v6_prefix_v4_map_prefix_alg;
385 
386  u8 ipv6_tos_value;
387 
388  u8 ipv4_tos_value;
389 
390  u8 pad2;
391 
392  u8 pad3;
393 
394  u32 v4_prefix;
395 
396  /*
397  * MAP-T/MAP-E specific parameters
398  */
399  u8 xlat_type;
400 
401  u32 cpe_domain_v6_prefix[4];
402  u8 cpe_domain_v6_prefix_len;
403 
404  u32 cpe_domain_v4_prefix;
405  u8 cpe_domain_v4_prefix_len;
406 
407  u32 external_domain_v6_prefix[4];
408  u8 external_domain_v6_prefix_len;
409 
410  u8 port_sharing_ratio_bits;
411  u8 consecutive_ports_bits;
412 
414 
415 /*
416  * Single Response for the xlat config request
417  */
418 typedef struct _spp_api_cnat_v4_single_xlat_config_resp {
419  u8 v4_if_num_rc;
420  u8 v6_if_num_rc;
421  u8 v4_to_v6_tcp_mss_rc;
422  u8 v6_to_v4_tcp_mss_rc;
423 
424  u8 v6_prefix_rc;
425  u8 ubit_on_rc;
426  u8 v4_prefix_rc;
427  u8 xlat_id_rc;
428 
429  u8 non_translatable_v6_prefix_v4_map_alg_rc;
430  u8 ipv4_dfbit_clear_rc;
431  u8 icmpv6_ptb_mtu_set_rc;
432  u8 ipv4_tos_set_rc;
433 
434  u8 ipv6_tos_set_rc;
435  u8 pad1;
436  u8 pad2;
437  u8 pad3;
439 
440 /*
441  * Bulk Response for the xlat config request
442  */
443 typedef struct _spp_api_cnat_v4_bulk_xlat_config_resp {
444  u16 _spp_msg_id;
445  u16 pad;
446 
447  u32 bulk_rc;
448 
449  u32 num_xlat_entries;
450 
452 
454 
455 typedef struct _spp_api_v6rd_v4_single_v6rd_config_resp {
456  u8 v6rd_id_rc;
457  u8 v4_if_num_rc;
458  u8 v6_if_num_rc;
459  u8 tunnel_source_rc;
460  u8 tunnel_mtu_rc;
461  u8 ipv4masklen_prefix_rc;
462  u8 ipv4masklen_suffix_rc;
463  u8 ttl_rc;
464  u8 tos_rc;
465  u8 anycast_rc;
466  u8 v6_prefix_rc;
467  u8 v6_br_unicast_rc;
468  u8 reassembly_rc;
469  u8 pad1;
470  u8 pad2;
471  u8 pad3;
473 
474 typedef struct _spp_api_v6rd_v4_bulk_v6rd_config_resp {
475  u16 _spp_msg_id;
476  u16 pad;
477  u32 bulk_rc;
478  u32 num_v6rd_entries;
479  spp_api_v6rd_v4_single_v6rd_config_resp_t v6rd_config_resp[0];
481 
482 /*
483  * Single Request for MAPE config
484  */
485 typedef struct _spp_api_mape_single_config_req {
486 
487  /*
488  * Indicates the mape instance id - How big will this value be
489  * Can we restrict it between 0..255, that way the APP code
490  * can use an array to store the xlat instances.
491  */
492  u32 mape_id;
493 
494 #define MAPE_ENTRY_DELETE 0x0000
495 #define MAPE_IPV4_SVI_IF_NUM_CONFIG 0x0001
496 #define MAPE_IPV6_SVI_IF_NUM_CONFIG 0x0002
497 #define MAPE_IPV4_TO_IPV6_TCP_MSS_CONFIG 0x0004
498 #define MAPE_IPV6_TO_IPV4_TCP_MSS_CONFIG 0x0008
499 #define MAPE_CPE_V4_PREFIX_CONFIG 0x0010
500 #define MAPE_CPE_V6_PREFIX_CONFIG 0x0020
501 #define MAPE_PORT_SHARING_RATIO_CONFIG 0x0040
502 #define MAPE_CONSECUTIVE_PORTS_CONFIG 0x0080
503 #define MAPE_PATH_MTU 0x0100
504 #define MAPE_TUNNEL_ENDPOINT_V6_CONFIG 0x0200
505 
506  u32 mape_config_fields_enable;
507 
508  /*
509  * If numbers of the IPv6 and IPv4 SVI interfaces
510  */
511  u32 ipv6_svi_if_num;
512  u32 ipv4_svi_if_num;
513 
514  /*
515  * TCP MSS values for the 2 XLAT directions
516  */
517  u16 v4_to_v6_tcp_mss;
518  u16 v6_to_v4_tcp_mss;
519 
520  /*
521  * Path v6 MTU.
522  */
523  u32 path_mtu;
524 
525  /*
526  * CPE IPv6 prefix and mask len.
527  */
528  u32 cpe_domain_v6_prefix[4];
529  u8 cpe_domain_v6_prefix_len;
530 
531  /*
532  * CPE IPv4 prefix and mask len.
533  */
534  u32 cpe_domain_v4_prefix;
535  u8 cpe_domain_v4_prefix_len;
536 
537  /*
538  * BR IPv6 tunnel end point V6 prefix and mask len.
539  */
540  u32 aftr_tunnel_endpoint_address_v6[4];
541  u8 aftr_tunnel_endpoint_address_v6_len;
542 
543  /*
544  * BR IPv6 tunnel end point V6 prefix and mask len.
545  */
546  u8 port_sharing_ratio_bits;
547  u8 consecutive_ports_bits;
548 
550 
551 
552 /*
553  * Single Response for the mape config response
554  */
555 typedef struct _spp_api_mape_single_config_resp {
556  u8 v4_if_num_rc;
557  u8 v6_if_num_rc;
558  u8 v4_to_v6_tcp_mss_rc;
559  u8 v6_to_v4_tcp_mss_rc;
560  u8 mape_id_rc;
561  u8 path_mtu_rc;
562  u8 cpe_v6_prefix_rc;
563  u8 cpe_v4_prefix_rc;
564  u8 tunnel_endpoint_prefix_rc;
565  u8 port_sharing_ratio_rc;
566  u8 port_contiguous_rc;
567  u8 pad1;
569 
570 /*
571  * Bulk Response for the mape config request
572  */
573 typedef struct _spp_api_mape_bulk_config_resp {
574  u16 _spp_msg_id;
575  u16 pad;
576  u32 bulk_rc;
577  u32 num_mape_entries;
578  spp_api_mape_single_config_resp mape_config_resp;
580 
581 
582 #endif /* __CNAT_CONFIG_H__ */
u64 pptp_in2out_gre_fwds
Definition: cnat_config.h:249
u8 pad[3]
log2 (size of the packing page block)
Definition: bihash_doc.h:61
pptp_ctrl_msg_ctrs_t ctrl_ctrs
Definition: cnat_config.h:251
u16 udp_init_session_timeout
Definition: cnat_config.c:28
u16 tcp_initial_setup_timeout
Definition: cnat_config.c:26
struct _spp_api_v6rd_v4_bulk_v6rd_config_resp spp_api_v6rd_v4_bulk_v6rd_config_resp_t
struct _spp_api_cnat_v4_bulk_vrf_map_resp spp_api_cnat_v4_bulk_vrf_map_resp
u8 address_dependent_filtering
Definition: cnat_config.c:72
pptp_counters_t counters
Definition: cnat_config.h:261
u8 lb_debug_enable
Definition: cnat_config.c:65
struct _spp_api_cnat_v4_bulk_xlat_config_resp spp_api_cnat_v4_bulk_xlat_config_resp
u64 pptp_out2in_gre_fwds
Definition: cnat_config.h:250
u8 mapping_refresh_both_direction
Definition: cnat_config.c:46
u8 ftp_alg_enabled
Definition: cnat_config.c:59
struct pptp_ctrl_msg_ctrs_t pptp_ctrl_msg_ctrs_t
u64 pptp_active_channels
Definition: cnat_config.h:246
u32 cnat_main_db_icmp_rate_limit
Definition: cnat_config.c:50
unsigned long u64
Definition: types.h:89
u16 rtsp_alg_port_num
Definition: cnat_config.c:60
struct _spp_api_mape_bulk_config_resp spp_api_mape_bulk_config_resp
u16 cnat_main_db_max_ports_per_user
Definition: cnat_config.c:48
u16 tcp_active_timeout
Definition: cnat_config.c:27
struct pptp_counters_t pptp_counters_t
u32 cnat_main_db_icmp_rate_limit_core
Definition: cnat_config.c:51
u8 timeout_dirty_flag
Definition: cnat_config.c:41
pptp_counters_t counters
Definition: cnat_config.h:285
struct _spp_api_cnat_v4_bulk_policy_knob_resp spp_api_cnat_v4_bulk_policy_knob_resp
struct _spp_api_v6rd_v4_single_v6rd_config_resp spp_api_v6rd_v4_single_v6rd_config_resp_t
cnat_op_flag_t
Definition: cnat_config.h:99
u64 pptp_out2in_gre_drops
Definition: cnat_config.h:248
struct _spp_api_cnat_v4_single_vrf_map_rc spp_api_cnat_v4_single_vrf_map_rc
struct _spp_api_mape_single_config_resp spp_api_mape_single_config_resp
unsigned int u32
Definition: types.h:88
u16 icmp_session_timeout
Definition: cnat_config.c:30
u16 config_delete_timeout
Definition: cnat_config.c:76
u16 cnat_static_port_range
Definition: cnat_config.c:53
u64 pptp_in2out_gre_drops
Definition: cnat_config.h:247
struct cnat_pptp_config_t cnat_pptp_config_t
unsigned short u16
Definition: types.h:57
log_format_t
Definition: cnat_config.h:92
unsigned char u8
Definition: types.h:56
u16 per_user_icmp_msg_limit
Definition: cnat_config.c:74
bulk_alloc_size_t
struct _spp_api_cnat_v4_single_vrf_map_req spp_api_cnat_v4_single_vrf_map_req
struct _spp_api_mape_single_config_req spp_api_mape_single_config_req
u32 crc_zero_udp_rate_limit_core
Definition: cnat_config.c:52
cnat_pptp_config_t pptp_cfg
Definition: cnat_config.c:32
struct _spp_api_cnat_v4_config_pptp_alg_resp spp_api_cnat_v4_config_pptp_alg_resp_t
struct _spp_api_cnat_v4_single_xlat_config_req spp_api_cnat_v4_single_xlat_config_req
u16 udp_act_session_timeout
Definition: cnat_config.c:29
struct _spp_api_cnat_v4_single_xlat_config_resp spp_api_cnat_v4_single_xlat_config_resp