FD.io VPP  v19.04.4-rc0-5-ge88582fac
Vector Packet Processing
nat_reass.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 /**
16  * @file
17  * @brief NAT plugin virtual fragmentation reassembly
18  */
19 #ifndef __included_nat_reass_h__
20 #define __included_nat_reass_h__
21 
22 #include <vnet/vnet.h>
23 #include <vnet/ip/ip.h>
24 #include <vppinfra/bihash_16_8.h>
25 #include <vppinfra/bihash_48_8.h>
26 #include <vppinfra/dlist.h>
27 
28 #define NAT_REASS_TIMEOUT_DEFAULT 2
29 #define NAT_MAX_REASS_DEAFULT 1024
30 #define NAT_MAX_FRAG_DEFAULT 5
31 #define NAT_REASS_HT_LOAD_FACTOR (0.75)
32 
33 #define NAT_REASS_FLAG_MAX_FRAG_DROP 1
34 #define NAT_REASS_FLAG_CLASSIFY_ED_CONTINUE 2
35 #define NAT_REASS_FLAG_ED_DONT_TRANSLATE 4
36 
37 typedef struct
38 {
39  union
40  {
41  struct
42  {
45  /* align by making this 4 octets even though its a 2 octets field */
47  /* align by making this 4 octets even though its a 1 octet field */
49  };
50  u64 as_u64[2];
51  };
53 
54 enum
55 {
59 };
60 
61 /* *INDENT-OFF* */
62 typedef CLIB_PACKED(struct
63 {
65  u32 lru_list_index;
66  u32 sess_index;
67  u32 thread_index;
68  f64 last_heard;
69  u32 frags_per_reass_list_head_index;
70  u8 frag_n;
71  u8 flags;
72  u8 classify_next;
73 }) nat_reass_ip4_t;
74 /* *INDENT-ON* */
75 
76 typedef struct
77 {
78  union
79  {
80  struct
81  {
85  /* align by making this 4 octets even though its a 1 octet field */
88  };
89  u64 as_u64[6];
90  };
92 
93 /* *INDENT-OFF* */
94 typedef CLIB_PACKED(struct
95 {
97  u32 lru_list_index;
98  u32 sess_index;
99  f64 last_heard;
100  u32 frags_per_reass_list_head_index;
101  u8 frag_n;
102  u8 flags;
103 }) nat_reass_ip6_t;
104 /* *INDENT-ON* */
105 
106 typedef struct
107 {
108  /* IPv4 config */
113 
114  /* IPv6 config */
119 
120  /* IPv4 runtime */
121  nat_reass_ip4_t *ip4_reass_pool;
122  clib_bihash_16_8_t ip4_reass_hash;
128 
129  /* IPv6 runtime */
130  nat_reass_ip6_t *ip6_reass_pool;
131  clib_bihash_48_8_t ip6_reass_hash;
137 
138  /* convenience */
142 
143 /**
144  * @brief Set NAT virtual fragmentation reassembly configuration.
145  *
146  * @param timeout Reassembly timeout.
147  * @param max_reass Maximum number of concurrent reassemblies.
148  * @param max_frag Maximum number of fragmets per reassembly
149  * @param drop_frag If zero translate fragments, otherwise drop fragments.
150  * @param is_ip6 1 if IPv6, 0 if IPv4.
151  *
152  * @returns 0 on success, non-zero value otherwise.
153  */
154 int nat_reass_set (u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag,
155  u8 is_ip6);
156 
157 /**
158  * @brief Get reassembly timeout.
159  *
160  * @param is_ip6 1 if IPv6, 0 if IPv4.
161  *
162  * @returns reassembly timeout.
163  */
164 u32 nat_reass_get_timeout (u8 is_ip6);
165 
166 /**
167  * @brief Get maximum number of concurrent reassemblies.
168  *
169  * @param is_ip6 1 if IPv6, 0 if IPv4.
170  *
171  * @returns maximum number of concurrent reassemblies.
172  */
174 
175 /**
176  * @brief Get maximum number of fragmets per reassembly.
177  *
178  * @param is_ip6 1 if IPv6, 0 if IPv4.
179  *
180  * @returns maximum number of fragmets per reassembly.
181  */
182 u8 nat_reass_get_max_frag (u8 is_ip6);
183 
184 /**
185  * @brief Get status of virtual fragmentation reassembly.
186  *
187  * @param is_ip6 1 if IPv6, 0 if IPv4.
188  *
189  * @returns zero if translate fragments, non-zero value if drop fragments.
190  */
191 u8 nat_reass_is_drop_frag (u8 is_ip6);
192 
193 /**
194  * @brief Initialize NAT virtual fragmentation reassembly.
195  *
196  * @param vm vlib main.
197  *
198  * @return error code.
199  */
201 
202 /**
203  * @brief Find reassembly.
204  *
205  * @param src Source IPv4 address.
206  * @param dst Destination IPv4 address.
207  * @param frag_id Fragment ID.
208  * @param proto L4 protocol.
209  *
210  * @returns Reassembly data or 0 if not found.
211  */
212 nat_reass_ip4_t *nat_ip4_reass_find (ip4_address_t src,
214  u16 frag_id, u8 proto);
215 
216 /**
217  * @brief Create reassembly.
218  *
219  * @param src Source IPv4 address.
220  * @param dst Destination IPv4 address.
221  * @param frag_id Fragment ID.
222  * @param proto L4 protocol.
223  *
224  * @returns Reassembly data or 0 on failure.
225  */
227  u16 frag_id, u8 proto);
228 
229 /**
230  * @brief Find or create reassembly.
231  *
232  * @param src Source IPv4 address.
233  * @param dst Destination IPv4 address.
234  * @param frag_id Fragment ID.
235  * @param proto L4 protocol.
236  * @param reset_timeout If non-zero value reset timeout.
237  * @param bi_to_drop Fragments to drop.
238  *
239  * @returns Reassembly data or 0 on failure.
240  */
243  u16 frag_id, u8 proto,
244  u8 reset_timeout,
245  u32 ** bi_to_drop);
246 
247 /**
248  * @brief Cache fragment.
249  *
250  * @param reass Reassembly data.
251  * @param bi Buffer index.
252  * @param bi_to_drop Fragments to drop.
253  *
254  * @returns 0 on success, non-zero value otherwise.
255  */
256 int nat_ip4_reass_add_fragment (u32 thread_index, nat_reass_ip4_t * reass,
257  u32 bi, u32 ** bi_to_drop);
258 
259 /**
260  * @brief Get cached fragments.
261  *
262  * @param reass Reassembly data.
263  * @param bi Vector of buffer indexes.
264  */
265 void nat_ip4_reass_get_frags (nat_reass_ip4_t * reass, u32 ** bi);
266 
267 /**
268  * @breif Call back function when walking IPv4 reassemblies, non-zero return
269  * value stop walk.
270  */
271 typedef int (*nat_ip4_reass_walk_fn_t) (nat_reass_ip4_t * reass, void *ctx);
272 
273 /**
274  * @brief Walk IPv4 reassemblies.
275  *
276  * @param fn The function to invoke on each entry visited.
277  * @param ctx A context passed in the visit function.
278  */
280 
281 /**
282  * @brief Find or create reassembly.
283  *
284  * @param src Source IPv6 address.
285  * @param dst Destination IPv6 address.
286  * @param frag_id Fragment ID.
287  * @param proto L4 protocol.
288  * @param reset_timeout If non-zero value reset timeout.
289  * @param bi_to_drop Fragments to drop.
290  *
291  * @returns Reassembly data or 0 on failure.
292  */
295  u32 frag_id, u8 proto,
296  u8 reset_timeout,
297  u32 ** bi_to_drop);
298 /**
299  * @brief Cache fragment.
300  *
301  * @param reass Reassembly data.
302  * @param bi Buffer index.
303  * @param bi_to_drop Fragments to drop.
304  *
305  * @returns 0 on success, non-zero value otherwise.
306  */
307 int nat_ip6_reass_add_fragment (u32 thread_index, nat_reass_ip6_t * reass,
308  u32 bi, u32 ** bi_to_drop);
309 
310 /**
311  * @brief Get cached fragments.
312  *
313  * @param reass Reassembly data.
314  * @param bi Vector of buffer indexes.
315  */
316 void nat_ip6_reass_get_frags (nat_reass_ip6_t * reass, u32 ** bi);
317 
318 /**
319  * @breif Call back function when walking IPv6 reassemblies, non-zero return
320  * value stop walk.
321  */
322 typedef int (*nat_ip6_reass_walk_fn_t) (nat_reass_ip6_t * reass, void *ctx);
323 
324 /**
325  * @brief Walk IPv6 reassemblies.
326  *
327  * @param fn The function to invoke on each entry visited.
328  * @param ctx A context passed in the visit function.
329  */
331 
332 #endif /* __included_nat_reass_h__ */
333 
334 /*
335  * fd.io coding-style-patch-verification: ON
336  *
337  * Local Variables:
338  * eval: (c-set-style "gnu")
339  * End:
340  */
ip4_address_t src
Definition: nat_reass.h:43
typedef CLIB_PACKED(struct { nat_reass_ip4_key_t key;u32 lru_list_index;u32 sess_index;u32 thread_index;f64 last_heard;u32 frags_per_reass_list_head_index;u8 frag_n;u8 flags;u8 classify_next;}) nat_reass_ip4_t
u32 flags
Definition: vhost_user.h:115
u16 nat_reass_get_max_reass(u8 is_ip6)
Get maximum number of concurrent reassemblies.
Definition: nat_reass.c:146
clib_error_t * nat_reass_init(vlib_main_t *vm)
Initialize NAT virtual fragmentation reassembly.
Definition: nat_reass.c:661
int nat_ip6_reass_add_fragment(u32 thread_index, nat_reass_ip6_t *reass, u32 bi, u32 **bi_to_drop)
Cache fragment.
Definition: nat_reass.c:598
void nat_ip6_reass_get_frags(nat_reass_ip6_t *reass, u32 **bi)
Get cached fragments.
Definition: nat_reass.c:630
u64 as_u64
Definition: bihash_doc.h:63
unsigned long u64
Definition: types.h:89
void nat_ip4_reass_walk(nat_ip4_reass_walk_fn_t fn, void *ctx)
Walk IPv4 reassemblies.
Definition: nat_reass.c:436
vl_api_ip4_address_t dst
Definition: ipsec_gre.api:39
int(* nat_ip6_reass_walk_fn_t)(nat_reass_ip6_t *reass, void *ctx)
Call back function when walking IPv6 reassemblies, non-zero return value stop walk.
Definition: nat_reass.h:322
unsigned char u8
Definition: types.h:56
int nat_reass_set(u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag, u8 is_ip6)
Set NAT virtual fragmentation reassembly configuration.
Definition: nat_reass.c:85
double f64
Definition: types.h:142
u32 ip6_reass_head_index
Definition: nat_reass.h:134
dlist_elt_t * ip4_frags_list_pool
Definition: nat_reass.h:124
dlist_elt_t * ip6_reass_lru_list_pool
Definition: nat_reass.h:132
unsigned int u32
Definition: types.h:88
nat_reass_ip6_t * ip6_reass_pool
Definition: nat_reass.h:130
vnet_main_t * vnet_main
Definition: nat_reass.h:140
vlib_main_t * vlib_main
Definition: nat_reass.h:139
dlist_elt_t * ip4_reass_lru_list_pool
Definition: nat_reass.h:123
u8 nat_reass_is_drop_frag(u8 is_ip6)
Get status of virtual fragmentation reassembly.
Definition: nat_reass.c:168
long ctx[MAX_CONNS]
Definition: main.c:144
unsigned short u16
Definition: types.h:57
nat_reass_ip4_t * nat_ip4_reass_create(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto)
Create reassembly.
Definition: nat_reass.c:220
vl_api_ip4_address_t src
Definition: ipsec_gre.api:38
nat_reass_ip4_t * nat_ip4_reass_find_or_create(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
Definition: nat_reass.c:274
int(* nat_ip4_reass_walk_fn_t)(nat_reass_ip4_t *reass, void *ctx)
Call back function when walking IPv4 reassemblies, non-zero return value stop walk.
Definition: nat_reass.h:271
int nat_ip4_reass_add_fragment(u32 thread_index, nat_reass_ip4_t *reass, u32 bi, u32 **bi_to_drop)
Cache fragment.
Definition: nat_reass.c:392
u32 ip4_reass_head_index
Definition: nat_reass.h:125
vlib_main_t * vm
Definition: buffer.c:312
nat_reass_ip4_t * ip4_reass_pool
Definition: nat_reass.h:121
dlist_elt_t * ip6_frags_list_pool
Definition: nat_reass.h:133
ip6_address_t dst
Definition: nat_reass.h:83
clib_bihash_16_8_t ip4_reass_hash
Definition: nat_reass.h:122
nat_reass_ip4_t * nat_ip4_reass_find(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto)
Find reassembly.
Definition: nat_reass.c:199
nat_reass_ip6_t * nat_ip6_reass_find_or_create(ip6_address_t src, ip6_address_t dst, u32 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
Definition: nat_reass.c:480
u32 nat_reass_get_timeout(u8 is_ip6)
Get reassembly timeout.
Definition: nat_reass.c:135
ip6_address_t src
Definition: nat_reass.h:82
typedef key
Definition: ipsec.api:244
void nat_ip4_reass_get_frags(nat_reass_ip4_t *reass, u32 **bi)
Get cached fragments.
Definition: nat_reass.c:424
u8 nat_reass_get_max_frag(u8 is_ip6)
Get maximum number of fragmets per reassembly.
Definition: nat_reass.c:157
clib_bihash_48_8_t ip6_reass_hash
Definition: nat_reass.h:131
ip4_address_t dst
Definition: nat_reass.h:44
clib_spinlock_t ip6_reass_lock
Definition: nat_reass.h:136
void nat_ip6_reass_walk(nat_ip6_reass_walk_fn_t fn, void *ctx)
Walk IPv6 reassemblies.
Definition: nat_reass.c:642
clib_spinlock_t ip4_reass_lock
Definition: nat_reass.h:127