FD.io VPP  v21.06-3-gbb25fbf28
Vector Packet Processing
det44.c
Go to the documentation of this file.
1 /*
2  * det44.c - deterministic NAT
3  *
4  * Copyright (c) 2020 Cisco and/or its affiliates.
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at:
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 /**
18  * @file
19  * @brief deterministic NAT (CGN)
20  */
21 
22 #include <vnet/vnet.h>
23 #include <vnet/ip/ip.h>
24 #include <vnet/ip/ip4.h>
25 #include <vpp/app/version.h>
26 #include <vnet/plugin/plugin.h>
27 
28 #include <nat/det44/det44.h>
29 
31 
32 /* *INDENT-OFF* */
33 VNET_FEATURE_INIT (ip4_det44_in2out, static) = {
34  .arc_name = "ip4-unicast",
35  .node_name = "det44-in2out",
36  .runs_after = VNET_FEATURES ("acl-plugin-in-ip4-fa",
37  "ip4-sv-reassembly-feature"),
38 };
39 VNET_FEATURE_INIT (ip4_det44_out2in, static) = {
40  .arc_name = "ip4-unicast",
41  .node_name = "det44-out2in",
42  .runs_after = VNET_FEATURES ("acl-plugin-in-ip4-fa",
43  "ip4-sv-reassembly-feature",
44  "ip4-dhcp-client-detect"),
45 };
47  .version = VPP_BUILD_VER,
48  .description = "Deterministic NAT (CGN)",
49 };
50 /* *INDENT-ON* */
51 
52 void
54  int is_add)
55 {
56  det44_main_t *dm = &det44_main;
58  .fp_len = p_len,
59  .fp_proto = FIB_PROTOCOL_IP4,
60  .fp_addr = {
61  .ip4.as_u32 = addr->as_u32,
62  },
63  };
65 
66  if (is_add)
67  {
69  &prefix,
70  dm->fib_src_low,
75  NULL,
77  ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
78  }
79  else
80  {
81  fib_table_entry_delete (fib_index, &prefix, dm->fib_src_low);
82  }
83 }
84 
85 /**
86  * @brief Add/delete deterministic NAT mapping.
87  *
88  * Create bijective mapping of inside address to outside address and port range
89  * pairs, with the purpose of enabling deterministic NAT to reduce logging in
90  * CGN deployments.
91  *
92  * @param in_addr Inside network address.
93  * @param in_plen Inside network prefix length.
94  * @param out_addr Outside network address.
95  * @param out_plen Outside network prefix length.
96  * @param is_add If 0 delete, otherwise add.
97  */
98 int
99 snat_det_add_map (ip4_address_t * in_addr, u8 in_plen,
100  ip4_address_t * out_addr, u8 out_plen, int is_add)
101 {
102  static snat_det_session_t empty_snat_det_session = { 0 };
103  det44_main_t *dm = &det44_main;
104  ip4_address_t in_cmp, out_cmp;
106  snat_det_map_t *mp;
107  u8 found = 0;
108 
109  in_cmp.as_u32 = in_addr->as_u32 & ip4_main.fib_masks[in_plen];
110  out_cmp.as_u32 = out_addr->as_u32 & ip4_main.fib_masks[out_plen];
111  vec_foreach (mp, dm->det_maps)
112  {
113  /* Checking for overlapping addresses to be added here */
114  if (mp->in_addr.as_u32 == in_cmp.as_u32 &&
115  mp->in_plen == in_plen &&
116  mp->out_addr.as_u32 == out_cmp.as_u32 && mp->out_plen == out_plen)
117  {
118  found = 1;
119  break;
120  }
121  }
122 
123  /* If found, don't add again */
124  if (found && is_add)
125  return VNET_API_ERROR_VALUE_EXIST;
126 
127  /* If not found, don't delete */
128  if (!found && !is_add)
129  return VNET_API_ERROR_NO_SUCH_ENTRY;
130 
131  if (is_add)
132  {
133  pool_get (dm->det_maps, mp);
134  clib_memset (mp, 0, sizeof (*mp));
135  mp->in_addr.as_u32 = in_cmp.as_u32;
136  mp->in_plen = in_plen;
137  mp->out_addr.as_u32 = out_cmp.as_u32;
138  mp->out_plen = out_plen;
139  mp->sharing_ratio = (1 << (32 - in_plen)) / (1 << (32 - out_plen));
140  mp->ports_per_host = (65535 - 1023) / mp->sharing_ratio;
141 
143  DET44_SES_PER_USER * (1 << (32 - in_plen)) -
144  1, empty_snat_det_session);
145  }
146  else
147  {
148  vec_free (mp->sessions);
149  vec_del1 (dm->det_maps, mp - dm->det_maps);
150  }
151 
152  /* Add/del external address range to FIB */
153  /* *INDENT-OFF* */
154  pool_foreach (i, dm->interfaces) {
156  continue;
157  det44_add_del_addr_to_fib(out_addr, out_plen, i->sw_if_index, is_add);
158  goto out;
159  }
160  /* *INDENT-ON* */
161 out:
162  return 0;
163 }
164 
165 int
167 {
168  det44_main_t *dm = &det44_main;
169  if (timeouts->udp)
170  dm->timeouts.udp = timeouts->udp;
171  if (timeouts->tcp.established)
172  dm->timeouts.tcp.established = timeouts->tcp.established;
173  if (timeouts->tcp.transitory)
174  dm->timeouts.tcp.transitory = timeouts->tcp.transitory;
175  if (timeouts->icmp)
176  dm->timeouts.icmp = timeouts->icmp;
177  return 0;
178 }
179 
182 {
183  det44_main_t *dm = &det44_main;
184  return dm->timeouts;
185 }
186 
187 void
189 {
190  det44_main_t *dm = &det44_main;
192 }
193 
194 int
195 det44_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del)
196 {
197  det44_main_t *dm = &det44_main;
198  det44_interface_t *tmp, *i = 0;
199  const char *feature_name;
200  int rv;
201 
202  // TODO: if plugin is not enabled do not register nodes on interfaces
203  // rather make a structure and when enable call is used
204  // then register nodes
205 
206  /* *INDENT-OFF* */
207  pool_foreach (tmp, dm->interfaces) {
208  if (tmp->sw_if_index == sw_if_index)
209  {
210  i = tmp;
211  goto out;
212  }
213  }
214  /* *INDENT-ON* */
215 out:
216 
217  feature_name = is_inside ? "det44-in2out" : "det44-out2in";
218 
219  if (is_del)
220  {
221  if (!i)
222  {
223  det44_log_err ("det44 is not enabled on this interface");
224  return VNET_API_ERROR_INVALID_VALUE;
225  }
226 
228  if (rv)
229  return rv;
230 
231  rv = vnet_feature_enable_disable ("ip4-unicast", feature_name,
232  sw_if_index, 1, 0, 0);
233  if (rv)
234  return rv;
235 
236  pool_put (dm->interfaces, i);
237  }
238  else
239  {
240  if (i)
241  {
242  det44_log_err ("det44 is already enabled on this interface");
243  return VNET_API_ERROR_INVALID_VALUE;
244  }
245 
247  if (rv)
248  return rv;
249 
250  rv = vnet_feature_enable_disable ("ip4-unicast", feature_name,
251  sw_if_index, 1, 0, 0);
252  if (rv)
253  return rv;
254 
255  pool_get (dm->interfaces, i);
256  clib_memset (i, 0, sizeof (*i));
257 
258  i->sw_if_index = sw_if_index;
259 
260  if (is_inside)
262  else
264  }
265 
266  if (!is_inside)
267  {
269  sw_if_index);
270  // add/del outside interface fib to registry
271  u8 found = 0;
272  det44_fib_t *outside_fib;
273  /* *INDENT-OFF* */
274  vec_foreach (outside_fib, dm->outside_fibs)
275  {
276  if (outside_fib->fib_index == fib_index)
277  {
278  if (!is_del)
279  {
280  outside_fib->refcount++;
281  }
282  else
283  {
284  outside_fib->refcount--;
285  if (!outside_fib->refcount)
286  {
287  vec_del1 (dm->outside_fibs,
288  outside_fib - dm->outside_fibs);
289  }
290  }
291  found = 1;
292  break;
293  }
294  }
295  /* *INDENT-ON* */
296  if (!is_del && !found)
297  {
298  vec_add2 (dm->outside_fibs, outside_fib, 1);
299  outside_fib->fib_index = fib_index;
300  outside_fib->refcount = 1;
301  }
302  // add/del outside address to FIB
303  snat_det_map_t *mp;
304  /* *INDENT-OFF* */
305  pool_foreach (mp, dm->det_maps) {
307  mp->out_plen, sw_if_index, !is_del);
308  }
309  /* *INDENT-ON* */
310  }
311  return 0;
312 }
313 
314 /**
315  * @brief The 'det44-expire-walk' process's main loop.
316  *
317  * Check expire time for active sessions.
318  */
319 static uword
321  vlib_frame_t * f)
322 {
323  det44_main_t *dm = &det44_main;
324  snat_det_session_t *ses;
325  snat_det_map_t *mp;
326 
328  vlib_process_get_events (vm, NULL);
329  u32 now = (u32) vlib_time_now (vm);
330  /* *INDENT-OFF* */
331  pool_foreach (mp, dm->det_maps) {
332  vec_foreach(ses, mp->sessions)
333  {
334  /* Delete if session expired */
335  if (ses->in_port && (ses->expire < now))
336  snat_det_ses_close (mp, ses);
337  }
338  }
339  /* *INDENT-ON* */
340  return 0;
341 }
342 
343 void
345 {
346  det44_main_t *dm = &det44_main;
347 
348  if (dm->expire_walk_node_index)
349  return;
350 
352  "det44-expire-walk",
354  16 /* stack_bytes */ );
355 }
356 
357 int
359 {
360  det44_main_t *dm = &det44_main;
361 
362  if (plugin_enabled () == 1)
363  {
364  det44_log_err ("plugin already enabled!");
365  return 1;
366  }
367 
368  det44_log_err ("inside %u, outside %u", c.inside_vrf_id, c.outside_vrf_id);
369 
371  c.outside_vrf_id,
372  dm->fib_src_hi);
374  c.inside_vrf_id,
375  dm->fib_src_hi);
376 
378  dm->mss_clamping = 0;
379  dm->config = c;
380  dm->enabled = 1;
381  return 0;
382 }
383 
384 int
386 {
387  det44_main_t *dm = &det44_main;
388  det44_interface_t *i, *interfaces;
389  snat_det_map_t *mp;
390  int rv = 0;
391 
392  if (plugin_enabled () == 0)
393  {
394  det44_log_err ("plugin already disabled!");
395  return 1;
396  }
397 
398  // DET44 cleanup (order dependent)
399  // 1) remove interfaces (det44_interface_add_del) removes map ranges from fib
400  // 2) free sessions
401  // 3) free maps
402 
403  interfaces = vec_dup (dm->interfaces);
404  vec_foreach (i, interfaces)
405  {
406  vnet_main_t *vnm = vnet_get_main ();
407 
408  if (i->flags & DET44_INTERFACE_FLAG_IS_INSIDE)
409  {
410  rv = det44_interface_add_del (i->sw_if_index, i->flags, 1);
411  if (rv)
412  {
413  det44_log_err ("inside interface %U del failed",
414  unformat_vnet_sw_interface, vnm, i->sw_if_index);
415  }
416  }
417 
418  if (i->flags & DET44_INTERFACE_FLAG_IS_OUTSIDE)
419  {
420  rv = det44_interface_add_del (i->sw_if_index, i->flags, 1);
421  if (rv)
422  {
423  det44_log_err ("outside interface %U del failed",
424  unformat_vnet_sw_interface, vnm, i->sw_if_index);
425  }
426 
427  }
428  }
429  vec_free (interfaces);
430 
431  /* *INDENT-OFF* */
432  pool_foreach (mp, dm->det_maps)
433  {
434  vec_free (mp->sessions);
435  }
436  /* *INDENT-ON* */
437 
439  dm->enabled = 0;
440 
441  pool_free (dm->interfaces);
442  pool_free (dm->det_maps);
443 
444  return rv;
445 }
446 
447 static void
449  uword opaque,
450  u32 sw_if_index, u32 new_fib_index,
451  u32 old_fib_index)
452 {
453  det44_main_t *dm = &det44_main;
454 
455  det44_fib_t *outside_fib;
457 
458  u8 is_add = 1;
459  u8 match = 0;
460 
461  if (plugin_enabled () == 0)
462  return;
463 
464  if (new_fib_index == old_fib_index)
465  return;
466 
467  if (!vec_len (dm->outside_fibs))
468  return;
469 
470  /* *INDENT-OFF* */
471  pool_foreach (i, dm->interfaces)
472  {
473  if (i->sw_if_index == sw_if_index)
474  {
475  if (!(det44_interface_is_outside (i)))
476  return;
477  match = 1;
478  }
479  }
480  /* *INDENT-ON* */
481 
482  if (!match)
483  return;
484 
485  vec_foreach (outside_fib, dm->outside_fibs)
486  {
487  if (outside_fib->fib_index == old_fib_index)
488  {
489  outside_fib->refcount--;
490  if (!outside_fib->refcount)
491  vec_del1 (dm->outside_fibs, outside_fib - dm->outside_fibs);
492  break;
493  }
494  }
495 
496  vec_foreach (outside_fib, dm->outside_fibs)
497  {
498  if (outside_fib->fib_index == new_fib_index)
499  {
500  outside_fib->refcount++;
501  is_add = 0;
502  break;
503  }
504  }
505 
506  if (is_add)
507  {
508  vec_add2 (dm->outside_fibs, outside_fib, 1);
509  outside_fib->refcount = 1;
510  outside_fib->fib_index = new_fib_index;
511  }
512 }
513 
514 static clib_error_t *
516 {
517  det44_main_t *dm = &det44_main;
519  vlib_node_t *node;
520 
521  clib_memset (dm, 0, sizeof (*dm));
522 
523  dm->ip4_main = &ip4_main;
524  dm->log_class = vlib_log_register_class ("det44", 0);
525 
526  node = vlib_get_node_by_name (vm, (u8 *) "det44-in2out");
527  dm->in2out_node_index = node->index;
528  node = vlib_get_node_by_name (vm, (u8 *) "det44-out2in");
529  dm->out2in_node_index = node->index;
530 
531  dm->fib_src_hi = fib_source_allocate ("det44-hi",
534  dm->fib_src_low = fib_source_allocate ("det44-low",
537 
539  cb.function_opaque = 0;
541 
543  return det44_api_hookup (vm);
544 }
545 
547 
548 u8 *
549 format_det44_session_state (u8 * s, va_list * args)
550 {
551  u32 i = va_arg (*args, u32);
552  u8 *t = 0;
553 
554  switch (i)
555  {
556 #define _(v, N, str) case DET44_SESSION_##N: t = (u8 *) str; break;
558 #undef _
559  default:
560  t = format (t, "unknown");
561  }
562  s = format (s, "%s", t);
563  return s;
564 }
565 
566 u8 *
567 format_det_map_ses (u8 * s, va_list * args)
568 {
569  snat_det_map_t *det_map = va_arg (*args, snat_det_map_t *);
570  ip4_address_t in_addr, out_addr;
571  u32 in_offset, out_offset;
572  snat_det_session_t *ses = va_arg (*args, snat_det_session_t *);
573  u32 *i = va_arg (*args, u32 *);
574 
575  u32 user_index = *i / DET44_SES_PER_USER;
576  in_addr.as_u32 =
577  clib_host_to_net_u32 (clib_net_to_host_u32 (det_map->in_addr.as_u32) +
578  user_index);
579  in_offset =
580  clib_net_to_host_u32 (in_addr.as_u32) -
581  clib_net_to_host_u32 (det_map->in_addr.as_u32);
582  out_offset = in_offset / det_map->sharing_ratio;
583  out_addr.as_u32 =
584  clib_host_to_net_u32 (clib_net_to_host_u32 (det_map->out_addr.as_u32) +
585  out_offset);
586  s =
587  format (s,
588  "in %U:%d out %U:%d external host %U:%d state: %U expire: %d\n",
589  format_ip4_address, &in_addr, clib_net_to_host_u16 (ses->in_port),
590  format_ip4_address, &out_addr,
591  clib_net_to_host_u16 (ses->out.out_port), format_ip4_address,
592  &ses->out.ext_host_addr,
593  clib_net_to_host_u16 (ses->out.ext_host_port),
595 
596  return s;
597 }
598 
599 /*
600  * fd.io coding-style-patch-verification: ON
601  *
602  * Local Variables:
603  * eval: (c-set-style "gnu")
604  * End:
605  */
det44_interface_is_inside
#define det44_interface_is_inside(i)
Check if Deterministic NAT interface is inside.
Definition: det44.h:213
tmp
u32 * tmp
Definition: interface_output.c:1078
det44.h
Deterministic NAT (CGN) definitions.
im
vnet_interface_main_t * im
Definition: interface_output.c:395
det44_main_s::enabled
u32 enabled
Definition: det44.h:174
nat_timeouts_t::udp
u32 udp
Definition: lib.h:84
nat_timeouts_t::icmp
u32 icmp
Definition: lib.h:85
snat_det_session_t
Definition: det44.h:98
det44_add_del_addr_to_fib
void det44_add_del_addr_to_fib(ip4_address_t *addr, u8 p_len, u32 sw_if_index, int is_add)
Definition: det44.c:53
snat_det_session_t::out
snat_det_out_key_t out
Definition: det44.h:103
format_ip4_address
format_function_t format_ip4_address
Definition: format.h:73
nat_timeouts_t::tcp
struct nat_timeouts_t::@732 tcp
det44_main_s::fib_src_low
fib_source_t fib_src_low
Definition: det44.h:157
fib_table_entry_delete
void fib_table_entry_delete(u32 fib_index, const fib_prefix_t *prefix, fib_source_t source)
Delete a FIB entry.
Definition: fib_table.c:895
snat_det_add_map
int snat_det_add_map(ip4_address_t *in_addr, u8 in_plen, ip4_address_t *out_addr, u8 out_plen, int is_add)
Add/delete deterministic NAT mapping.
Definition: det44.c:99
ip4_main_t::table_bind_callbacks
ip4_table_bind_callback_t * table_bind_callbacks
Functions to call when interface to table biding changes.
Definition: ip4.h:148
snat_det_out_key_t::ext_host_port
u16 ext_host_port
Definition: det44.h:91
ip4_main
ip4_main_t ip4_main
Global ip4 main structure.
Definition: ip4_forward.c:1105
det44_get_timeouts
nat_timeouts_t det44_get_timeouts()
Definition: det44.c:181
fib_table_entry_update_one_path
fib_node_index_t fib_table_entry_update_one_path(u32 fib_index, const fib_prefix_t *prefix, fib_source_t source, fib_entry_flag_t flags, dpo_proto_t next_hop_proto, const ip46_address_t *next_hop, u32 next_hop_sw_if_index, u32 next_hop_fib_index, u32 next_hop_weight, fib_mpls_label_t *next_hop_labels, fib_route_path_flags_t path_flags)
Update the entry to have just one path.
Definition: fib_table.c:814
det44_api_hookup
clib_error_t * det44_api_hookup(vlib_main_t *vm)
Definition: det44_api.c:620
f
vlib_frame_t * f
Definition: interface_output.c:1080
snat_det_out_key_t::ext_host_addr
ip4_address_t ext_host_addr
Definition: det44.h:90
nat_timeouts_t
Definition: lib.h:76
vlib_log_register_class
vlib_log_class_t vlib_log_register_class(char *class, char *subclass)
Definition: log.c:339
node
vlib_main_t vlib_node_runtime_t * node
Definition: nat44_ei.c:3047
ip4_address_t::as_u32
u32 as_u32
Definition: ip4_packet.h:57
snat_det_session_t::in_port
u16 in_port
Definition: det44.h:101
det44_config_t
Definition: det44.h:134
ip4_fib_table_get_index_for_sw_if_index
u32 ip4_fib_table_get_index_for_sw_if_index(u32 sw_if_index)
Definition: pnat_test_stubs.h:21
snat_det_out_key_t::out_port
u16 out_port
Definition: det44.h:92
pool_put
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:305
vm
vlib_main_t * vm
X-connect all packets from the HOST to the PHY.
Definition: nat44_ei.c:3047
VNET_FEATURE_INIT
VNET_FEATURE_INIT(ip4_det44_in2out, static)
snat_det_session_t::expire
u32 expire
Definition: det44.h:107
det44_main_s::interfaces
det44_interface_t * interfaces
Definition: det44.h:182
snat_det_map_t::in_addr
ip4_address_t in_addr
Definition: det44.h:113
ip4_table_bind_callback_t::function_opaque
uword function_opaque
Definition: ip4.h:95
ip4_main_t::fib_masks
u32 fib_masks[33]
Definition: ip4.h:120
det44_main_s::inside_fib_index
u32 inside_fib_index
Definition: det44.h:151
nat_timeouts_t::transitory
u32 transitory
Definition: lib.h:81
FIB_ENTRY_FLAG_EXCLUSIVE
@ FIB_ENTRY_FLAG_EXCLUSIVE
Definition: fib_entry.h:116
addr
vhost_vring_addr_t addr
Definition: vhost_user.h:130
vlib_frame_t
Definition: node.h:372
ip4_sv_reass_enable_disable_with_refcnt
int ip4_sv_reass_enable_disable_with_refcnt(u32 sw_if_index, int is_enable)
Definition: pnat_test_stubs.h:43
det44_main_s::ip4_main
ip4_main_t * ip4_main
Definition: det44.h:185
det44_plugin_disable
int det44_plugin_disable()
Definition: det44.c:385
det44_main_s::outside_fib_index
u32 outside_fib_index
Definition: det44.h:150
det44_interface_t
Definition: det44.h:128
det44_fib_t
Definition: det44.h:140
vlib_process_get_events
static uword vlib_process_get_events(vlib_main_t *vm, uword **data_vector)
Return the first event type which has occurred and a vector of per-event data of that type,...
Definition: node_funcs.h:583
snat_det_map_t::out_addr
ip4_address_t out_addr
Definition: det44.h:116
pool_foreach
#define pool_foreach(VAR, POOL)
Iterate through pool.
Definition: pool.h:534
vec_len
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
Definition: vec_bootstrap.h:142
nat_timeouts_t::established
u32 established
Definition: lib.h:80
vec_add2
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:644
vec_add1
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
Definition: vec.h:606
det44_main_s::det_maps
snat_det_map_t * det_maps
Definition: det44.h:163
det44_plugin_enable
int det44_plugin_enable(det44_config_t c)
Definition: det44.c:358
vec_dup
#define vec_dup(V)
Return copy of vector (no header, no alignment)
Definition: vec.h:444
vnet_get_main
vnet_main_t * vnet_get_main(void)
Definition: pnat_test_stubs.h:56
snat_det_map_t::out_plen
u8 out_plen
Definition: det44.h:117
vlib_process_create
u32 vlib_process_create(vlib_main_t *vm, char *name, vlib_node_function_t *f, u32 log2_n_stack_bytes)
Create a vlib process.
Definition: node.c:795
fib_table_find_or_create_and_lock
u32 fib_table_find_or_create_and_lock(fib_protocol_t proto, u32 table_id, fib_source_t src)
Get the index of the FIB for a Table-ID.
Definition: fib_table.c:1165
det44_main
det44_main_t det44_main
Definition: det44.c:30
det44_main_s::outside_fibs
det44_fib_t * outside_fibs
Definition: det44.h:154
c
svmdb_client_t * c
Definition: vpp_get_metrics.c:48
snat_det_map_t::sharing_ratio
u32 sharing_ratio
Definition: det44.h:119
uword
u64 uword
Definition: types.h:112
det44_reset_timeouts
void det44_reset_timeouts()
Definition: det44.c:188
DET44_INTERFACE_FLAG_IS_OUTSIDE
#define DET44_INTERFACE_FLAG_IS_OUTSIDE
Definition: det44.h:207
VLIB_PLUGIN_REGISTER
VLIB_PLUGIN_REGISTER()
i
sll srl srl sll sra u16x4 i
Definition: vector_sse42.h:261
det44_log_err
#define det44_log_err(...)
Definition: det44.h:194
DET44_INTERFACE_FLAG_IS_INSIDE
#define DET44_INTERFACE_FLAG_IS_INSIDE
Definition: det44.h:206
pool_get
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:255
snat_det_session_t::state
u8 state
Definition: det44.h:105
ip4_address_t
Definition: ip4_packet.h:50
det44_fib_t::refcount
u32 refcount
Definition: det44.h:143
FIB_PROTOCOL_IP4
@ FIB_PROTOCOL_IP4
Definition: fib_types.h:36
FIB_ENTRY_FLAG_LOCAL
@ FIB_ENTRY_FLAG_LOCAL
Definition: fib_entry.h:117
fib_source_allocate
fib_source_t fib_source_allocate(const char *name, fib_source_priority_t prio, fib_source_behaviour_t bh)
Definition: fib_source.c:118
ip4_table_bind_callback_t
Definition: ip4.h:92
plugin.h
det44_update_outside_fib
static void det44_update_outside_fib(ip4_main_t *im, uword opaque, u32 sw_if_index, u32 new_fib_index, u32 old_fib_index)
Definition: det44.c:448
FIB_SOURCE_PRIORITY_HI
#define FIB_SOURCE_PRIORITY_HI
Some priority values that plugins might use when they are not to concerned where in the list they'll ...
Definition: fib_source.h:284
det44_main_s::timeouts
nat_timeouts_t timeouts
Definition: det44.h:169
det44_main_s
Definition: det44.h:146
vnet_main_t
Definition: vnet.h:76
vec_free
#define vec_free(V)
Free vector's memory (no header).
Definition: vec.h:395
snat_det_ses_close
static_always_inline void snat_det_ses_close(snat_det_map_t *dm, snat_det_session_t *ses)
Definition: det44.h:414
vlib_get_node_by_name
vlib_node_t * vlib_get_node_by_name(vlib_main_t *vm, u8 *name)
Definition: node.c:45
det44_interface_add_del
int det44_interface_add_del(u32 sw_if_index, u8 is_inside, int is_del)
Definition: det44.c:195
det44_main_s::config
det44_config_t config
Definition: det44.h:148
snat_det_map_t
Definition: det44.h:110
FIB_ENTRY_FLAG_CONNECTED
@ FIB_ENTRY_FLAG_CONNECTED
Definition: fib_entry.h:113
unformat_vnet_sw_interface
unformat_function_t unformat_vnet_sw_interface
Definition: interface_funcs.h:459
vlib_process_wait_for_event_or_clock
static f64 vlib_process_wait_for_event_or_clock(vlib_main_t *vm, f64 dt)
Suspend a cooperative multi-tasking thread Waits for an event, or for the indicated number of seconds...
Definition: node_funcs.h:755
format
description fragment has unexpected format
Definition: map.api:433
foreach_det44_session_state
@ foreach_det44_session_state
Definition: det44.h:60
vec_validate_init_empty
#define vec_validate_init_empty(V, I, INIT)
Make sure vector is long enough for given index and initialize empty space (no header,...
Definition: vec.h:570
nat_reset_timeouts
static_always_inline void nat_reset_timeouts(nat_timeouts_t *timeouts)
Definition: lib.h:90
fib_table_get_index_for_sw_if_index
u32 fib_table_get_index_for_sw_if_index(fib_protocol_t proto, u32 sw_if_index)
Get the index of the FIB bound to the interface.
Definition: fib_table.c:998
FIB_ROUTE_PATH_FLAG_NONE
@ FIB_ROUTE_PATH_FLAG_NONE
Definition: fib_types.h:332
snat_det_map_t::in_plen
u8 in_plen
Definition: det44.h:114
ip.h
u32
unsigned int u32
Definition: types.h:88
VLIB_INIT_FUNCTION
#define VLIB_INIT_FUNCTION(x)
Definition: init.h:172
format_det44_session_state
u8 * format_det44_session_state(u8 *s, va_list *args)
Definition: det44.c:549
det44_set_timeouts
int det44_set_timeouts(nat_timeouts_t *timeouts)
Definition: det44.c:166
vec_foreach
#define vec_foreach(var, vec)
Vector iterator.
Definition: vec_bootstrap.h:213
ip4_table_bind_callback_t::function
ip4_table_bind_function_t * function
Definition: ip4.h:94
snat_det_map_t::sessions
snat_det_session_t * sessions
Definition: det44.h:125
vnet_feature_enable_disable
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)
Definition: pnat_test_stubs.h:50
ip4.h
now
f64 now
Definition: nat44_ei_out2in.c:710
clib_memset
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
vlib_main_t
Definition: main.h:102
vlib_node_t
Definition: node.h:247
det44_main_s::log_class
vlib_log_class_t log_class
Definition: det44.h:180
vlib_get_main
static vlib_main_t * vlib_get_main(void)
Definition: global_funcs.h:38
VNET_FEATURES
#define VNET_FEATURES(...)
Definition: feature.h:470
u8
unsigned char u8
Definition: types.h:56
clib_error_t
Definition: clib_error.h:21
rt
vnet_interface_output_runtime_t * rt
Definition: interface_output.c:399
vlib_init_function_t
clib_error_t *() vlib_init_function_t(struct vlib_main_t *vm)
Definition: init.h:51
det44_main_s::expire_walk_node_index
u32 expire_walk_node_index
Definition: det44.h:172
FIB_SOURCE_BH_SIMPLE
@ FIB_SOURCE_BH_SIMPLE
add paths without path extensions
Definition: fib_source.h:210
DPO_PROTO_IP4
@ DPO_PROTO_IP4
Definition: dpo.h:64
pool_free
#define pool_free(p)
Free a pool.
Definition: pool.h:447
FIB_SOURCE_PRIORITY_LOW
#define FIB_SOURCE_PRIORITY_LOW
Definition: fib_source.h:285
det44_main_s::mss_clamping
u16 mss_clamping
Definition: det44.h:166
plugin_enabled
static_always_inline u8 plugin_enabled()
Definition: nat44_ei_ha.c:906
DET44_SES_PER_USER
#define DET44_SES_PER_USER
Definition: det44.h:64
det44_interface_is_outside
#define det44_interface_is_outside(i)
Check if Deterministic NAT interface is outside.
Definition: det44.h:219
det44_fib_t::fib_index
u32 fib_index
Definition: det44.h:142
rv
int __clib_unused rv
Definition: application.c:491
snat_det_map_t::ports_per_host
u16 ports_per_host
Definition: det44.h:121
det44_expire_walk_fn
static uword det44_expire_walk_fn(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
The 'det44-expire-walk' process's main loop.
Definition: det44.c:320
format_det_map_ses
u8 * format_det_map_ses(u8 *s, va_list *args)
Definition: det44.c:567
det44_init
static clib_error_t * det44_init(vlib_main_t *vm)
Definition: det44.c:515
vlib_time_now
static f64 vlib_time_now(vlib_main_t *vm)
Definition: main.h:325
vnet.h
vlib_node_runtime_t
Definition: node.h:454
det44_main_s::fib_src_hi
fib_source_t fib_src_hi
Definition: det44.h:156
ip4_main_t
IPv4 main type.
Definition: ip4.h:107
sw_if_index
vl_api_interface_index_t sw_if_index
Definition: wireguard.api:34
fib_prefix_t_
Aggregate type for a prefix.
Definition: fib_types.h:202
det44_create_expire_walk_process
void det44_create_expire_walk_process()
Definition: det44.c:344
vec_del1
#define vec_del1(v, i)
Delete the element at index I.
Definition: vec.h:896
det44_main_s::in2out_node_index
u32 in2out_node_index
Definition: det44.h:160
det44_main_s::out2in_node_index
u32 out2in_node_index
Definition: det44.h:159
prefix
vl_api_prefix_t prefix
Definition: ip.api:146