FD.io VPP  v16.09
Vector Packet Processing
nat64_db.h
Go to the documentation of this file.
1 /*
2  *------------------------------------------------------------------
3  * nat64_db.h - Stateful NAT64 translation database definitions
4  *
5  * Copyright (c) 2010-2013 Cisco and/or its affiliates.
6  * Licensed under the Apache License, Version 2.0 (the "License");
7  * you may not use this file except in compliance with the License.
8  * You may obtain a copy of the License at:
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  *------------------------------------------------------------------
18  */
19 #ifndef __NAT64_DB_H__
20 #define __NAT64_DB_H__
21 
22 #include "cnat_cli.h"
23 #include "index_list.h"
24 #include "cnat_ports.h"
25 #include "cnat_db.h"
26 #include "nat64_defs.h"
27 #include "cnat_bulk_port_defs.h"
28 
30 
31 #define SESSION_OPT
32 
33 #define HASH_ENHANCE 4
34 
35 
36 #define NAT64_MAIN_DB_SIZE \
37  (PLATFORM_NAT64_MAX_SESSIONS / PLATFORM_CNAT_INSTS)
38 #define NAT64_MAIN_HASH_SIZE \
39  (HASH_ENHANCE * PLATFORM_CNAT_MAIN_PRELIM_HASH_SIZE)
40 
41 #define NAT64_MAIN_HASH_MASK (NAT64_MAIN_HASH_SIZE-1)
42 
43 
44 /* nb: 200000 users / 64 CNAT = 3125, 76% occupancy */
45 #define NAT64_USER_HASH_SIZE CNAT_USER_HASH_SIZE
46 #define NAT64_USER_HASH_MASK (NAT64_USER_HASH_SIZE-1)
47 
48 /* Number of sessions per BIB entry/NAT64 translation
49  - nsessions is u16 type. So selected 0xFFFF
50  - Ideally Sessions per transltion will not reach the limit
51  - Only DoS can possible. It can take care of it */
52 #define NAT64_MAX_SESSIONS_PER_BIB 0xFFFF
53 
54 /* No. of per ip/port config will be limited to 1000 */
55 /* totally 25K across all instances) */
56 #define NAT64_TIMEOUT_HASH_SIZE \
57  PLATFORM_NAT64_TIMEOUT_HASH_SIZE
58 
59 #define NAT64_TIMEOUT_HASH_MASK (NAT64_TIMEOUT_HASH_SIZE - 1)
60 #define NAT64_TIMEOUT_FULL_MASK 0xFFFFFFFFFFFFFFFF
61 
62 
63 #define FORCE_DEL 1 /* Delete static BIB entries as well */
64 
65 /* default timeout values */
66 #define NAT64_UDP_DEFAULT 300 /* 5 min */
67 #define NAT64_UDP_MIN 120 /* 2 min */
68 #define NAT64_TCP_TRANS 240 /* 4 min */
69 #define NAT64_TCP_EST 7200 /* 2 hrs */
70 #define NAT64_TCP_V4_SYN 6 /* 6 sec */
71 #define NAT64_FRAG_MIN 2 /* 2 sec */
72 #define NAT64_ICMP_DEFAULT 60 /* 1 min */
73 
74 
75 #define NAT64_V6_GET_HASH(in_key, hash, mask) \
76  a = in_key->ipv6[0] ^ in_key->ipv6[1] ^ in_key->ipv6[2] ^ in_key->ipv6[3] \
77  ^ ((in_key->port << 16) | in_key->vrf); \
78  b = c = 0x9e3779b9;\
79  /* Jenkins hash, arbitrarily use c as the "answer" */ \
80  hash_mix32(a, b, c); \
81  hash = c & mask; \
82 
83 
84 #define NAT64_V4_GET_HASH(in_key, hash, mask) \
85  a = in_key.ipv4 ^ ((in_key.port << 16) | in_key.vrf); \
86  b = c = 0x9e3779b9; \
87  /* Jenkins hash, arbitrarily use c as the "answer" */ \
88  hash_mix32(a, b, c); \
89  hash = c & mask;
90 
91 
92 
93 #define NAT64_V6_GET_SESSION_HASH(bib_index, in_addr, port, vrf, hash, mask) \
94  a = bib_index ^ in_addr[0] ^ in_addr[1] ^ in_addr[2] ^ in_addr[3] \
95  ^ port ^ vrf; \
96  b = c = 0x9e3779b9; \
97  /* Jenkins hash, arbitrarily use c as the "answer" */ \
98  hash_mix32(a, b, c); \
99  hash = c & mask;
100 
101 #define NAT64_V4_GET_SESSION_HASH(bib_index, in_addr, port, vrf, hash, mask) \
102  a = bib_index ^ in_addr ^ port ^ vrf; \
103  b = c = 0x9e3779b9; \
104  /* Jenkins hash, arbitrarily use c as the "answer" */ \
105  hash_mix32(a, b, c); \
106  hash = c & mask;
107 
108 
113 #ifndef SESSION_OPT
115 #endif
119 
120 
121 /*
122  * nat64_ bib_entry_t
123  * This structure depicts Binding Information Base of NAT64 sessions.
124  * It stores information about the inside v6 source transport address and
125  * corresponding outside v4 source transport address for each protocol.
126  */
127 
128 typedef struct {
129 
132 
133  /* 0x08 */
134  u16 flags; /* flags in cnat_db.h (cnat_main_db_entry_t) */
135 #define NAT64_DB_FLAG_STATIC_PORT CNAT_DB_FLAG_STATIC_PORT
136 #define NAT64_DB_NAT64_FLAG CNAT_DB_NAT64_FLAG
137 #define NAT64_DB_FLAG_ALG_ENTRY CNAT_DB_FLAG_ALG_ENTRY
138 #define NAT64_DB_FLAG_PCPI CNAT_DB_FLAG_PCPI
139 #define NAT64_DB_FLAG_PCPE CNAT_DB_FLAG_PCPE
140 
141  /* 0x0A */
143  /* 0x0C */
145 
146  /* 0x10 */
148 
149  /* 0x18 */
151 
152  /* 0x2C */
154  /* 0x34 */
156  /* 0x38 - 56B*/
159 
160  /* 0x3C - 60B */
163  /* 0x44 - 68B */
164 
165  /* 0x42 - 70B */
166  union { /* used by FTP ALG, pkt len delta due to FTP PORT cmd */
168  i8 alg_dlt[2]; /* two delta values, 0 for previous, 1 for current */
169  u16 il; /* Used to indicate if interleaved mode is used
170  in case of RTSP ALG */
171  } alg;
172 
174 
176 
178  /* unused, temp1 ,temp2 and temp3 put to make it in sync with nat44 main db entry size */
179  /* size of = 0x54 = 84 B */
181 
183 
184 /*
185  * nat64_bib_user_entry_t
186  * This structure stores information about translations of a particular user
187  * (User here refers to a same inside source address)
188  */
189 typedef struct {
190  /* 0x00 */
192  /* 0x04 */
194  /* 0x06 */
196  /* 0x07 */
198 #define NAT64_USER_DB_NAT64_FLAG CNAT_USER_DB_NAT64_FLAG
199 
200  /* 0x08 */
202  /* 0x0C */
204  /* 0x10 */
206  /* 0x24 = 36 B */
207 
208  u32 align1; /* Make it 8B boundary and in sync with nat44 user db entry size */
209 #ifndef NO_BULK_LOGGING
210  /* size of = 0x28 = 40 B */
211  /* Now adding 8 more bytes for bulk allocation.. This makes it
212  * 0x30 (48). For nat64 stful, we may support bulk allocation
213  * later */
214  /* Indicates the currently used bulk port range */
215  i16 bulk_port_range_cache[BULK_RANGE_CACHE_SIZE];
216 #endif /* NO_BULK_LOGGING */
218 
219 /*
220  * nat64_session_entry_t
221  * This structure represents the session table. It maintains the information
222  * about the flow of the packets. It would consist of source and destination
223  * (inside and outside) ipv4 and ipv4 transport addresses.
224  */
225 typedef struct {
226 
227  /* 0x00 */
229 
230  /* 0x04 */
231  u32 bib_index; /* would point to v4/v6 src transport address */
232 
233  /* 0x08 */
235 
236 #ifndef SESSION_OPT
238  nat64_v6_key_t v6_dest_key;
239 #endif
240 
241  /* 0x10 */
242  u16 flags;/* Will be used for flags same as nat44 session */
243 
244  /* 0x12 */
246 
247  /* 0x14 */
249  /* 0x18 */
251  /* 0x20 = 32 B */
252 
253  union { /* alg same as cnat_main_db_t */
255  i8 alg_dlt[2];
257  } alg;
258 
259  /* 0x22 */
260  u16 tcp_flags; /* Mainly TCP events - check nat64_tcp_sm.h */
261 
262  /* 0x24 */
264 
265  /* 0x28 */ /* unused1, unused2 and unused3 are put to make it in sync with
266  * cnat_session_db */
268 
269  /* 0x2C */
271 
272  /* 0x30 */
274 
275  /* 0x32 - 50B */
276 
278 
279 /*
280  * nat64_session_tcp_init_entry_t
281  * This structure will be used to store information about v4 initiation
282  * tcp entries.
283  */
284 typedef struct {
288 
289 /*
290  * nat64_in_v6_frag_entry_t
291  * This structure will be used to store information about fragment flows
292  * that are coming from inside v6 hosts.
293  */
294 typedef struct {
296 
297  u32 v6_src_addr[4];
298  u32 v6_destn_addr[4];
303 
304 /*
305  * nat64_out_v4_frag_entry_t
306  * This structure will be used to store information about fragment flows
307  * that are coming from outside v4 machines.
308  */
309 typedef struct {
311 
317 
318 /*
319  * nat64_timeout _t
320  * These following structures will be used to store information destination
321  * timeouts configured.
322  */
323 typedef struct {
327 
328 /*
329  * nat64_timeout_db_entry_t
330  */
331 typedef struct {
335 
336 
337 typedef union {
341 
342 typedef union {
346 
347 typedef union {
351 
360 
368 
369 extern nat64_table_entry_t nat64_table_array[NAT64_MAX_NAT64_ENTRIES];
371 
375 
377 
380  u32 portmap_index);
381 
384 
385 
388 
390 
392 
395  nat64_v4_key_t *ko,
397 
398 
400 
403 
406  port_pair_t port_pair_type,
407  port_type_t port_type,
408  cnat_gen_icmp_info *info);
409 
410 
413  nat64_v4_key_t *ko,
414  nat64_table_entry_t *my_table,
415  cnat_gen_icmp_info *info);
416 
417 
418 
419 //void nat64_session_db_in2out_hash_delete (nat64_session_entry_t *ep);
421 
422 /*nat64_session_entry_t *
423 nat64_session_db_lookup_entry(nat64_v6_key_t *ki, u32 bib_index); */
424 
425 
428 
429 /*
430 nat64_session_entry_t *
431 nat64_create_session_db_entry(nat64_v6_key_t *ki,
432  nat64_v4_key_t *ko,
433  nat64_bib_entry_t *bdb);
434 */
437  nat64_bib_entry_t *bdb);
438 
439 
440 //void nat64_delete_session_db_entry (nat64_session_entry_t *ep);
442 
444 
446 
448 
450 
452 
453 #define NAT64_CMP_V6_KEY(key1, key2) \
454  memcmp(key1, key2, sizeof(nat64_v6_key_t))
455 
456 #define NAT64_CMP_V4_KEY(key1, key2) \
457  memcmp(key1, key2, sizeof(nat64_v4_key_t))
458 
459 
460 #define NAT64_CMP_V6_IP(ip1, ip2) \
461  memcmp(ip1, ip2, (sizeof(u32) * 4))
462 
463 
464 #define NAT64_CMP_V6_KEY1(key1, key2) \
465  (key1.ipv6[0] == key2.ipv6[0]) && (key1.ipv6[1] == key2.ipv6[1]) && \
466  (key1.ipv6[2] == key2.ipv6[2]) && (key1.ipv6[3] == key2.ipv6[3]) && \
467  (key1.port == key2.port) && (key1.vrf == key2.vrf)
468 
469 
470 #define NAT64_CMP_V6_IP1(ip1, ip2) \
471  ((ip1[0] == ip2[0]) && (ip1[1] == ip2[1]) && \
472  (ip1[2] == ip2[2]) && (ip1[3] == ip2[3]))
473 
474 #define NAT64_CMP_V4_KEY1(key1, key2) \
475  (key1.key64 == key2.key64)
476 
477 
479 
480 #endif
void nat64_bib_db_in2out_hash_delete(nat64_bib_entry_t *ep)
index_slist_t nat64_frag_out2in_hash
Definition: nat64_db.h:310
void nat64_bib_db_out2in_hash_delete(nat64_bib_entry_t *ep)
u32 tcp_seq_num
Definition: nat64_db.h:263
nat64_session_entry_t * nat64_session_db
void nat64_delete_bib_db_entry(nat64_bib_entry_t *ep, u8 force)
u32 portmap_index
Definition: nat64_db.h:203
u32 v4_src_addr
Definition: nat64_db.h:312
nat64_vrfmap_t * nat64_map_by_vrf
Definition: nat64_db.h:29
u8 flags
Definition: nat64_db.h:197
u32 temp3
Definition: nat64_db.h:177
nat64_v4_key_t timeout_key
Definition: nat64_db.h:324
nat64_bib_entry_t * nat64_bib_db_lookup_entry_out2in(nat64_v4_key_t *ko)
u16 vrf
Definition: nat64_db.h:300
index_slist_t * nat64_bib_in2out_hash
Definition: nat64_db.h:353
u32 in2outpkts
Definition: nat64_db.h:161
u32 user_index
Definition: nat64_db.h:144
Definition: cnat_db.h:153
nat64_v6_key_t v6_in_key
Definition: nat64_db.h:150
u32 entry_expires
Definition: nat64_db.h:248
Definition: nat64_db.h:189
index_slist_t * nat64_bib_out2in_hash
Definition: nat64_db.h:352
u32 entry_expires
Definition: nat64_db.h:175
Definition: nat64_db.h:128
port_type_t
Definition: cnat_ports.h:89
Definition: nat64_db.h:294
nat64_v4_key_t v4_out_key
Definition: nat64_db.h:147
nat64_session_entry_t * nat64_session_db_lookup_entry_out2in(nat64_v4_key_t *ko, u32 bib_index)
index_slist_t * nat64_session_out2in_hash
Definition: nat64_db.h:355
nat64_bib_entry_t nat64_bib_db
Definition: nat64_db.h:339
u16 il
Definition: nat64_db.h:169
u16 pad1
Definition: nat64_db.h:301
nat64_bib_entry_t * nat64_create_static_bib_db_entry(nat64_v6_key_t *ki, nat64_v4_key_t *ko, nat64_table_entry_t *my_table, cnat_gen_icmp_info *info)
u32 bib_index
Definition: nat64_db.h:231
#define BULK_RANGE_CACHE_SIZE
u16 pad2
Definition: nat64_db.h:158
nat64_table_entry_t * nat64_table_ptr
u16 delta
Definition: nat64_db.h:254
char i8
Definition: types.h:45
u32 unused2
Definition: nat64_db.h:270
Definition: nat64_db.h:225
u8 icmp_msg_count
Definition: nat64_db.h:195
nat64_bib_entry_t * nat64_bib_db_lookup_entry(nat64_v6_key_t *ki)
void nat64_delete_session_db_entry_v2(nat64_session_entry_t *ep, u8 force)
nat64_bib_user_entry_t * nat64_bib_user_db_create_entry(nat64_v6_key_t *uki, u32 bucket, u32 portmap_index)
cnat_main_db_entry_t nat44_main_db
Definition: nat64_db.h:338
u16 temp1
Definition: nat64_db.h:173
nat64_v6_key_t v6_in_key
Definition: nat64_db.h:205
index_slist_t * nat64_timeout_hash
Definition: nat64_db.h:359
u32 translation_list_head_index
Definition: nat64_db.h:201
u32 unused1
Definition: nat64_db.h:267
cnat_user_db_entry_t nat44_user_db
Definition: nat64_db.h:348
u32 frag_iden
Definition: nat64_db.h:299
nat64_session_entry_t * nat64_create_session_db_entry_v2(nat64_v4_key_t *ko, nat64_bib_entry_t *bdb)
Definition: nat64_defs.h:306
nat64_session_entry_t nat64_session_db
Definition: nat64_db.h:344
Definition: nat64_db.h:284
index_slist_t * nat64_bib_user_hash
Definition: nat64_db.h:354
u16 delta
Definition: nat64_db.h:167
u16 il
Definition: nat64_db.h:256
index_slist_t nat64_frag_in2out_hash
Definition: nat64_db.h:295
nat64_bib_entry_t * nat64_create_bib_db_entry_and_hash(nat64_v6_key_t *ki, nat64_v4_key_t *ko, nat64_bib_user_entry_t *udb)
u32 align1
Definition: nat64_db.h:208
nat64_timeout_t t_key
Definition: nat64_db.h:332
u8 nat64_timeout_dirty_flag[NAT64_MAX_NAT64_ENTRIES]
u32 session_head_index
Definition: nat64_db.h:155
cgse_nat_session_db_entry_t * cgse_session_db
Definition: cnat_db_v2.c:208
u16 flags
Definition: nat64_db.h:134
u16 tcp_flags
Definition: nat64_db.h:260
void nat64_session_db_out2in_hash_delete(nat64_session_entry_t *ep)
nat64_bib_entry_t * nat64_get_bib_db_entry(nat64_v6_key_t *ki, port_pair_t port_pair_type, port_type_t port_type, cnat_gen_icmp_info *info)
u16 query_and_update_db_timeout_nat64(nat64_session_entry_t *db)
u16 flags
Definition: nat64_db.h:242
index_slist_t user_hash
Definition: nat64_db.h:191
cgse_nat_db_entry_t * cgse_nat_db
Definition: cnat_db_v2.c:206
void nat64_bib_user_db_delete(nat64_bib_user_entry_t *up)
index_slist_t nat64_bib_out2in_hash
Definition: nat64_db.h:130
Definition: cnat_db.h:285
unsigned int u32
Definition: types.h:88
cgse_nat_user_db_entry_t * cgse_user_db
Definition: cnat_db_v2.c:207
index_dlist_t user_ports
Definition: nat64_db.h:153
index_slist_t * nat64_frag_in2out_hash
Definition: nat64_db.h:358
port_pair_t
Definition: cnat_ports.h:82
nat64_in_v6_frag_entry_t * nat64_in_frag_db
u32 unused
Definition: nat64_db.h:180
nat64_bib_user_entry_t * nat64_bib_user_db_lookup_entry(nat64_v6_key_t *uki, u32 *bucket)
nat64_v4_key_t v4_dest_key
Definition: nat64_db.h:234
nat64_bib_user_entry_t nat64_user_db
Definition: nat64_db.h:349
nat64_bib_user_entry_t * nat64_bib_user_db
Definition: cnat_db.h:336
nat64_session_tcp_init_entry_t * nat64_tcp_init_db
unsigned short u16
Definition: types.h:57
u16 timeout
Definition: nat64_db.h:245
u16 frag_iden
Definition: nat64_db.h:314
#define NAT64_MAX_NAT64_ENTRIES
Definition: nat64_defs.h:36
unsigned char u8
Definition: types.h:56
Definition: nat64_db.h:309
index_slist_t nat64_session_out2in_hash
Definition: nat64_db.h:228
u16 unused3
Definition: nat64_db.h:273
index_dlist_t bib_list
Definition: nat64_db.h:250
Definition: nat64_db.h:331
u16 nat64_timeout_db_create(nat64_timeout_t t_entry)
void nat64_timeout_db_delete(nat64_v4_key_t t_key)
u16 ntranslations
Definition: nat64_db.h:193
u16 nat64_inst_id
Definition: nat64_db.h:142
nat64_bib_entry_t * nat64_bib_db
u32 v4_destn_addr
Definition: nat64_db.h:313
short i16
Definition: types.h:46
void nat64_timeout_db_hash_add(nat64_timeout_db_entry_t *t_entry)
index_slist_t nat64_bib_in2out_hash
Definition: nat64_db.h:131
u32 nat64_timeout_db_hash_lookup(nat64_v4_key_t t_key)
u16 vrf
Definition: nat64_db.h:315
nat64_timeout_db_entry_t * nat64_timeout_db
nat64_v4_key_t v4_out_key
Definition: nat64_db.h:286
nat64_v6_key_t v6_in_key
Definition: nat64_db.h:285
index_slist_t t_hash
Definition: nat64_db.h:333
Definition: nat64_db.h:337
index_slist_t * nat64_frag_out2in_hash
Definition: nat64_db.h:357
Definition: nat64_db.h:342
nat64_out_v4_frag_entry_t * nat64_out_frag_db
index_slist_t * nat64_session_in2out_hash
Definition: nat64_db.h:347
u16 nsessions
Definition: nat64_db.h:157
cnat_session_entry_t nat44_session_db
Definition: nat64_db.h:343
u32 out2inpkts
Definition: nat64_db.h:162