FD.io VPP  v16.09
Vector Packet Processing
snat.h
Go to the documentation of this file.
1 
2 /*
3  * snat.h - simple nat definitions
4  *
5  * Copyright (c) 2016 Cisco and/or its affiliates.
6  * Licensed under the Apache License, Version 2.0 (the "License");
7  * you may not use this file except in compliance with the License.
8  * You may obtain a copy of the License at:
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  */
18 #ifndef __included_snat_h__
19 #define __included_snat_h__
20 
21 #include <vnet/vnet.h>
22 #include <vnet/ip/ip.h>
23 #include <vnet/ethernet/ethernet.h>
24 #include <vnet/ip/icmp46_packet.h>
25 #include <vnet/api_errno.h>
26 #include <vppinfra/bihash_8_8.h>
27 #include <vppinfra/dlist.h>
28 #include <vppinfra/error.h>
29 #include <vlibapi/api.h>
30 
31 /* Key */
32 typedef struct {
33  union
34  {
35  struct
36  {
37  ip4_address_t addr;
38  u16 port;
39  u16 protocol:3,
40  fib_index:13;
41  };
42  u64 as_u64;
43  };
44 } snat_session_key_t;
45 
46 typedef struct {
47  union
48  {
49  struct
50  {
51  ip4_address_t addr;
52  u32 fib_index;
53  };
54  u64 as_u64;
55  };
56 } snat_user_key_t;
57 
58 
59 typedef enum {
60  SNAT_PROTOCOL_UDP = 0,
61  SNAT_PROTOCOL_TCP,
62  SNAT_PROTOCOL_ICMP,
63 } snat_protocol_t;
64 
65 
66 typedef CLIB_PACKED(struct {
67  snat_session_key_t out2in; /* 0-15 */
68 
69  snat_session_key_t in2out; /* 16-31 */
70 
71  u32 flags; /* 32-35 */
72 
73  /* per-user translations */
74  u32 per_user_index; /* 36-39 */
75 
76  u32 per_user_list_head_index; /* 40-43 */
77 
78  /* Last heard timer */
79  f64 last_heard; /* 44-51 */
80 
81  u64 total_bytes; /* 52-59 */
82 
83  u32 total_pkts; /* 60-63 */
84 
85  /* Outside address */
86  u32 outside_address_index; /* 64-67 */
87 
88 }) snat_session_t;
89 
90 #define SNAT_SESSION_STATIC (1<<0)
91 
92 typedef struct {
93  ip4_address_t addr;
94  u32 sessions_per_user_list_head_index;
95  u32 nsessions;
96 } snat_user_t;
97 
98 typedef struct {
99  ip4_address_t addr;
100  u32 busy_ports;
101  uword * busy_port_bitmap;
102 } snat_address_t;
103 
104 typedef struct {
105  /* Main lookup tables */
106  clib_bihash_8_8_t out2in;
107  clib_bihash_8_8_t in2out;
108 
109  /* Find-a-user => src address lookup */
110  clib_bihash_8_8_t user_hash;
111 
112  /* User pool */
113  snat_user_t * users;
114 
115  /* Session pool */
116  snat_session_t * sessions;
117 
118  /* Vector of outside addresses */
119  snat_address_t * addresses;
120 
121  /* Pool of doubly-linked list elements */
122  dlist_elt_t * list_pool;
123 
124  /* Randomize port allocation order */
125  u32 random_seed;
126 
127  /* ip4 feature path indices */
128  u32 rx_feature_in2out;
129  u32 rx_feature_out2in;
130 
131  /* Config parameters */
132  u32 translation_buckets;
133  u32 translation_memory_size;
134  u32 user_buckets;
135  u32 user_memory_size;
136  u32 max_translations_per_user;
137  u32 outside_vrf_id;
138  u32 outside_fib_index;
139 
140  /* API message ID base */
141  u16 msg_id_base;
142 
143  /* convenience */
144  vlib_main_t * vlib_main;
145  vnet_main_t * vnet_main;
146  ip4_main_t * ip4_main;
147  ip_lookup_main_t * ip4_lookup_main;
148  ethernet_main_t * ethernet_main;
149  api_main_t * api_main;
150 } snat_main_t;
151 
152 extern snat_main_t snat_main;
153 extern vlib_node_registration_t snat_in2out_node;
154 extern vlib_node_registration_t snat_out2in_node;
155 
156 void snat_free_outside_address_and_port (snat_main_t * sm,
157  snat_session_key_t * k,
158  u32 address_index);
159 
160 int snat_alloc_outside_address_and_port (snat_main_t * sm,
161  snat_session_key_t * k,
162  u32 * address_indexp);
163 format_function_t format_snat_user;
164 
165 typedef struct {
166  u32 cached_sw_if_index;
167  u32 cached_ip4_address;
168 } snat_runtime_t;
169 
170 /*
171  * Why is this here? Because we don't need to touch this layer to
172  * simply reply to an icmp. We need to change id to a unique
173  * value to NAT an echo request/reply.
174  */
175 
176 typedef struct {
177  u16 identifier;
178  u16 sequence;
179 } icmp_echo_header_t;
180 
181 #endif /* __included_snat_h__ */
snat_main_t::translation_memory_size
u32 translation_memory_size
Definition: snat.h:133
CLIB_PACKED
typedef CLIB_PACKED(struct{snat_session_key_t out2in;snat_session_key_t in2out;u32 flags;u32 per_user_index;u32 per_user_list_head_index;f64 last_heard;u64 total_bytes;u32 total_pkts;u32 outside_address_index;}) snat_session_t
snat_user_t::sessions_per_user_list_head_index
u32 sessions_per_user_list_head_index
Definition: snat.h:94
snat_main_t::max_translations_per_user
u32 max_translations_per_user
Definition: snat.h:136
snat_user_t
Definition: snat.h:92
snat_main_t::vlib_main
vlib_main_t * vlib_main
Definition: snat.h:144
snat_address_t::busy_ports
u32 busy_ports
Definition: snat.h:100
snat_alloc_outside_address_and_port
int snat_alloc_outside_address_and_port(snat_main_t *sm, snat_session_key_t *k, u32 *address_indexp)
Definition: snat.c:379
snat_user_t::nsessions
u32 nsessions
Definition: snat.h:95
snat_main_t::out2in
clib_bihash_8_8_t out2in
Definition: snat.h:106
snat_main_t::ip4_lookup_main
ip_lookup_main_t * ip4_lookup_main
Definition: snat.h:147
vlib_node_registration_t
struct _vlib_node_registration vlib_node_registration_t
snat_main_t::rx_feature_in2out
u32 rx_feature_in2out
Definition: snat.h:128
snat_runtime_t::cached_sw_if_index
u32 cached_sw_if_index
Definition: snat.h:166
icmp_echo_header_t::identifier
u16 identifier
Definition: snat.h:177
snat_main_t::random_seed
u32 random_seed
Definition: snat.h:125
icmp_echo_header_t
Definition: snat.h:176
snat_address_t
Definition: snat.h:98
snat_user_t::addr
ip4_address_t addr
Definition: snat.h:93
api_errno.h
snat_main_t::ip4_main
ip4_main_t * ip4_main
Definition: snat.h:146
snat_in2out_node
vlib_node_registration_t snat_in2out_node
(constructor) VLIB_REGISTER_NODE (snat_in2out_node)
Definition: in2out.c:28
u64
unsigned long u64
Definition: types.h:89
ethernet_main_t
Definition: ethernet.h:201
snat_session_key_t::as_u64
u64 as_u64
Definition: snat.h:42
snat_main_t::users
snat_user_t * users
Definition: snat.h:113
format_snat_user
format_function_t format_snat_user
Definition: snat.h:163
ip4_address_t
Definition: ip4_packet.h:49
snat_session_key_t
Definition: snat.h:32
icmp_echo_header_t::sequence
u16 sequence
Definition: snat.h:178
snat_main_t::translation_buckets
u32 translation_buckets
Definition: snat.h:132
snat_free_outside_address_and_port
void snat_free_outside_address_and_port(snat_main_t *sm, snat_session_key_t *k, u32 address_index)
Definition: snat.c:361
api_main_t
Definition: api.h:112
dlist_elt_t
Definition: dlist.h:28
snat_out2in_node
vlib_node_registration_t snat_out2in_node
(constructor) VLIB_REGISTER_NODE (snat_out2in_node)
Definition: out2in.c:28
snat_session_key_t::port
u16 port
Definition: snat.h:38
snat_main_t::api_main
api_main_t * api_main
Definition: snat.h:149
snat_main_t::user_hash
clib_bihash_8_8_t user_hash
Definition: snat.h:110
snat_main_t::addresses
snat_address_t * addresses
Definition: snat.h:119
snat_main_t::msg_id_base
u16 msg_id_base
Definition: snat.h:141
ip_lookup_main_t
Definition: lookup.h:399
snat_runtime_t
Definition: snat.h:165
snat_session_key_t::addr
ip4_address_t addr
Definition: snat.h:37
snat_protocol_t
snat_protocol_t
Definition: snat.h:59
vnet_main_t
Definition: vnet.h:59
u32
unsigned int u32
Definition: types.h:88
snat_main_t::list_pool
dlist_elt_t * list_pool
Definition: snat.h:122
ip4_main_t
IPv4 main type.
Definition: ip4.h:114
snat_user_key_t::as_u64
u64 as_u64
Definition: snat.h:54
snat_main
snat_main_t snat_main
Definition: snat.c:27
snat_main_t::in2out
clib_bihash_8_8_t in2out
Definition: snat.h:107
snat_user_key_t::addr
ip4_address_t addr
Definition: snat.h:51
format_function_t
u8 *( format_function_t)(u8 *s, va_list *args)
Definition: format.h:48
snat_address_t::addr
ip4_address_t addr
Definition: snat.h:99
snat_main_t::sessions
snat_session_t * sessions
Definition: snat.h:116
uword
u64 uword
Definition: types.h:112
bihash_8_8.h
snat_main_t::user_buckets
u32 user_buckets
Definition: snat.h:134
u16
unsigned short u16
Definition: types.h:57
snat_main_t::vnet_main
vnet_main_t * vnet_main
Definition: snat.h:145
snat_address_t::busy_port_bitmap
uword * busy_port_bitmap
Definition: snat.h:101
snat_main_t::outside_fib_index
u32 outside_fib_index
Definition: snat.h:138
icmp46_packet.h
f64
double f64
Definition: types.h:142
snat_main_t
Definition: snat.h:104
vlib_main_t
Definition: main.h:59
snat_user_key_t::fib_index
u32 fib_index
Definition: snat.h:52
snat_main_t::user_memory_size
u32 user_memory_size
Definition: snat.h:135
snat_main_t::rx_feature_out2in
u32 rx_feature_out2in
Definition: snat.h:129
snat_user_key_t
Definition: snat.h:46
snat_main_t::ethernet_main
ethernet_main_t * ethernet_main
Definition: snat.h:148
flags
u32 flags
Definition: vhost-user.h:76
snat_runtime_t::cached_ip4_address
u32 cached_ip4_address
Definition: snat.h:167
snat_main_t::outside_vrf_id
u32 outside_vrf_id
Definition: snat.h:137