FD.io VPP  v21.06-3-gbb25fbf28
Vector Packet Processing
cnat_node_feature.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2020 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vlibmemory/api.h>
17 #include <cnat/cnat_node.h>
18 #include <cnat/cnat_translation.h>
19 #include <cnat/cnat_inline.h>
20 #include <cnat/cnat_src_policy.h>
21 #include <cnat/cnat_snat_policy.h>
22 
23 #include <vnet/dpo/load_balance.h>
24 #include <vnet/dpo/load_balance_map.h>
25 
26 #include <vnet/ip/ip4_inlines.h>
27 #include <vnet/ip/ip6_inlines.h>
28 
29 typedef enum cnat_feature_next_
30 {
31  CNAT_FEATURE_NEXT_DROP,
32  CNAT_FEATURE_N_NEXT,
33 } cnat_feature_next_t;
34 
35 vlib_node_registration_t cnat_input_feature_ip4_node;
36 vlib_node_registration_t cnat_input_feature_ip6_node;
37 vlib_node_registration_t cnat_output_feature_ip4_node;
38 vlib_node_registration_t cnat_output_feature_ip6_node;
39 
40 always_inline uword
41 cnat_input_feature_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
42  vlib_buffer_t *b, cnat_node_ctx_t *ctx,
43  int session_not_found, cnat_session_t *session)
44 {
45  vlib_combined_counter_main_t *cntm = &cnat_translation_counters;
46  const cnat_translation_t *ct = NULL;
47  ip4_header_t *ip4 = NULL;
48  ip_protocol_t iproto;
49  ip6_header_t *ip6 = NULL;
50  udp_header_t *udp0;
51  cnat_client_t *cc;
52  u32 next0;
53  index_t cti;
54  u8 trace_flags = 0;
55 
56  /* By default follow arc default next */
57  vnet_feature_next (&next0, b);
58 
59  if (AF_IP4 == ctx->af)
60  {
61  ip4 = vlib_buffer_get_current (b);
62  iproto = ip4->protocol;
63  udp0 = (udp_header_t *) (ip4 + 1);
64  cc = cnat_client_ip4_find (
65  &ip4->dst_address); /* TODO do this only if no session? */
66  }
67  else
68  {
69  ip6 = vlib_buffer_get_current (b);
70  iproto = ip6->protocol;
71  udp0 = (udp_header_t *) (ip6 + 1);
72  cc = cnat_client_ip6_find (&ip6->dst_address); /* TODO: same as above */
73  }
74 
75  /* Wrong session key */
76  if (session->key.cs_proto == 0)
77  goto trace;
78 
79  if (!session_not_found)
80  /* session table hit */
81  cnat_timestamp_update (session->value.cs_ts_index, ctx->now);
82  else if (!cc)
83  goto trace; /* dst address is not a vip */
84  else
85  {
86  ct = cnat_find_translation (
87  cc->parent_cci, clib_host_to_net_u16 (udp0->dst_port), iproto);
88  if (NULL == ct)
89  /* Dont translate */
90  /* TODO: create identity session to avoid slowpath ? */
91  goto trace;
92 
93  /* New flow, create the sessions */
94  const load_balance_t *lb0;
95  cnat_ep_trk_t *trk0;
96  u32 rsession_flags = CNAT_SESSION_FLAG_NO_CLIENT;
97  u32 dpoi_index = -1;
98 
99  lb0 = load_balance_get (ct->ct_lb.dpoi_index);
100  if (!lb0->lb_n_buckets)
101  /* Can't translate TODO: should drop / reject? */
102  goto trace;
103 
104  /* session table miss */
105  trk0 = cnat_load_balance (ct, ctx->af, ip4, ip6, &dpoi_index);
106  if (PREDICT_FALSE (NULL == trk0))
107  {
108  /* Dont translate & Follow the fib programming */
109  vnet_buffer (b)->ip.adj_index[VLIB_TX] = cc->cc_parent.dpoi_index;
110  next0 = cc->cc_parent.dpoi_next_node;
111  goto trace;
112  }
113 
114  ip46_address_copy (&session->value.cs_ip[VLIB_TX],
115  &trk0->ct_ep[VLIB_TX].ce_ip.ip);
116 
117  /* never source nat in this node */
118  if (AF_IP4 == ctx->af)
119  ip46_address_set_ip4 (&session->value.cs_ip[VLIB_RX],
120  &ip4->src_address);
121  else
122  ip46_address_set_ip6 (&session->value.cs_ip[VLIB_RX],
123  &ip6->src_address);
124 
125  session->value.cs_port[VLIB_TX] =
126  clib_host_to_net_u16 (trk0->ct_ep[VLIB_TX].ce_port);
127  session->value.cs_port[VLIB_RX] = udp0->src_port;
128  session->value.flags = 0;
129 
130  if (trk0->ct_flags & CNAT_TRK_FLAG_NO_NAT)
131  {
132  const dpo_id_t *dpo0;
133  const load_balance_t *lb1;
134 
135  lb1 = load_balance_get (trk0->ct_dpo.dpoi_index);
136  /* Assume backend has exactly one item in LB */
137  dpo0 = load_balance_get_bucket_i (lb1, 0);
138 
139  session->value.dpoi_next_node = dpo0->dpoi_next_node;
140  session->value.cs_lbi = dpo0->dpoi_index;
141  session->value.flags = CNAT_SESSION_FLAG_NO_NAT;
142  }
143 
144  /* refcnt session in current client */
145  cnat_client_cnt_session (cc);
146  cnat_session_create (session, ctx, CNAT_LOCATION_OUTPUT, rsession_flags);
147  trace_flags |= CNAT_TRACE_SESSION_CREATED;
148  }
149 
150  if (session->value.flags & CNAT_SESSION_FLAG_NO_NAT)
151  {
152  /* If we don't translate, directly do the lookup & bypass arc */
153  next0 = session->value.dpoi_next_node;
154  vnet_buffer (b)->ip.adj_index[VLIB_TX] = session->value.cs_lbi;
155  goto trace;
156  }
157 
158  if (AF_IP4 == ctx->af)
159  cnat_translation_ip4 (session, ip4, udp0);
160  else
161  cnat_translation_ip6 (session, ip6, udp0);
162 
163  if (NULL != ct)
164  {
165  cti = ct - cnat_translation_pool;
166  vlib_increment_combined_counter (cntm, ctx->thread_index, cti, 1,
167  vlib_buffer_length_in_chain (vm, b));
168  }
169 
170 trace:
171  if (PREDICT_FALSE (ctx->do_trace))
172  {
173  trace_flags |= session_not_found ? 0 : CNAT_TRACE_SESSION_FOUND;
174  cnat_add_trace (vm, node, b, session, ct, trace_flags);
175  }
176  return next0;
177 }
178 
179 VLIB_NODE_FN (cnat_input_feature_ip4_node)
180 (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
181 {
182  if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)))
183  return cnat_node_inline (vm, node, frame, cnat_input_feature_fn, AF_IP4,
184  CNAT_LOCATION_INPUT, 1 /* do_trace */);
185  return cnat_node_inline (vm, node, frame, cnat_input_feature_fn, AF_IP4,
186  CNAT_LOCATION_INPUT, 0 /* do_trace */);
187 }
188 
189 VLIB_REGISTER_NODE (cnat_input_feature_ip4_node) = {
190  .name = "cnat-input-ip4",
191  .vector_size = sizeof (u32),
192  .format_trace = format_cnat_trace,
193  .type = VLIB_NODE_TYPE_INTERNAL,
194  .n_errors = CNAT_N_ERROR,
195  .error_strings = cnat_error_strings,
196  .sibling_of = "ip4-lookup",
197 };
198 
199 VNET_FEATURE_INIT (cnat_in_ip4_feature, static) = {
200  .arc_name = "ip4-unicast",
201  .node_name = "cnat-input-ip4",
202  .runs_before = VNET_FEATURES ("acl-plugin-in-ip4-fa"),
203 };
204 
205 VLIB_NODE_FN (cnat_input_feature_ip6_node)
206 (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
207 {
208  if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)))
209  return cnat_node_inline (vm, node, frame, cnat_input_feature_fn, AF_IP6,
210  CNAT_LOCATION_INPUT, 1 /* do_trace */);
211  return cnat_node_inline (vm, node, frame, cnat_input_feature_fn, AF_IP6,
212  CNAT_LOCATION_INPUT, 0 /* do_trace */);
213 }
214 
215 VLIB_REGISTER_NODE (cnat_input_feature_ip6_node) = {
216  .name = "cnat-input-ip6",
217  .vector_size = sizeof (u32),
218  .format_trace = format_cnat_trace,
219  .type = VLIB_NODE_TYPE_INTERNAL,
220  .n_errors = CNAT_N_ERROR,
221  .error_strings = cnat_error_strings,
222  .sibling_of = "ip6-lookup",
223 };
224 
225 VNET_FEATURE_INIT (cnat_in_ip6_feature, static) = {
226  .arc_name = "ip6-unicast",
227  .node_name = "cnat-input-ip6",
228  .runs_before = VNET_FEATURES ("acl-plugin-in-ip6-fa"),
229 };
230 
231 /* output feature node, creates snat sessions when required and
232  * translates back for existing sessions */
233 always_inline uword
234 cnat_output_feature_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
235  vlib_buffer_t *b, cnat_node_ctx_t *ctx,
236  int session_not_found, cnat_session_t *session)
237 {
238  cnat_snat_policy_main_t *cpm = &cnat_snat_policy_main;
239  ip4_header_t *ip4 = NULL;
240  ip_protocol_t iproto;
241  ip6_header_t *ip6 = NULL;
242  udp_header_t *udp0;
243  u32 iph_offset = 0;
244  u32 next0;
245  u16 sport;
246  u8 do_snat = 0;
247  u8 trace_flags = 0;
248  int rv;
249 
250  /* By default follow arc default next */
251  vnet_feature_next (&next0, b);
252  iph_offset = vnet_buffer (b)->ip.save_rewrite_length;
253 
254  if (AF_IP4 == ctx->af)
255  {
256  ip4 = (ip4_header_t *) ((u8 *) vlib_buffer_get_current (b) + iph_offset);
257  iproto = ip4->protocol;
258  udp0 = (udp_header_t *) (ip4 + 1);
259  }
260  else
261  {
262  ip6 = (ip6_header_t *) ((u8 *) vlib_buffer_get_current (b) + iph_offset);
263  iproto = ip6->protocol;
264  udp0 = (udp_header_t *) (ip6 + 1);
265  }
266 
267  /* Wrong session key */
268  if (session->key.cs_proto == 0)
269  goto trace;
270 
271  if (!session_not_found)
272  {
273  /* session table hit */
274  cnat_timestamp_update (session->value.cs_ts_index, ctx->now);
275  }
276  else if (!cpm->snat_policy)
277  goto trace;
278  else
279  {
280  do_snat = cpm->snat_policy (b, session);
281  if (do_snat != 1)
282  goto trace;
283 
284  if (AF_IP4 == ctx->af)
285  {
286  if (ip_address_is_zero (&cpm->snat_ip4.ce_ip))
287  goto trace;
288 
289  ip46_address_set_ip4 (&session->value.cs_ip[VLIB_RX],
290  &ip_addr_v4 (&cpm->snat_ip4.ce_ip));
291  ip46_address_set_ip4 (&session->value.cs_ip[VLIB_TX],
292  &ip4->dst_address);
293  }
294  else
295  {
296  if (ip_address_is_zero (&cpm->snat_ip6.ce_ip))
297  goto trace;
298 
299  ip46_address_set_ip6 (&session->value.cs_ip[VLIB_RX],
300  &ip_addr_v6 (&cpm->snat_ip6.ce_ip));
301  ip46_address_set_ip6 (&session->value.cs_ip[VLIB_TX],
302  &ip6->dst_address);
303  }
304  sport = 0;
305  rv = cnat_allocate_port (&sport, iproto);
306  if (rv)
307  {
308  vlib_node_increment_counter (vm, cnat_output_feature_ip6_node.index,
309  CNAT_ERROR_EXHAUSTED_PORTS, 1);
310  next0 = CNAT_FEATURE_NEXT_DROP;
311  goto trace;
312  }
313  session->value.cs_port[VLIB_RX] = sport;
314  session->value.cs_port[VLIB_TX] = sport;
315  if (iproto == IP_PROTOCOL_TCP || iproto == IP_PROTOCOL_UDP)
316  session->value.cs_port[VLIB_TX] = udp0->dst_port;
317 
318  session->value.cs_lbi = INDEX_INVALID;
319  session->value.flags =
320  CNAT_SESSION_FLAG_NO_CLIENT | CNAT_SESSION_FLAG_ALLOC_PORT;
321 
322  trace_flags |= CNAT_TRACE_SESSION_CREATED;
323  cnat_session_create (session, ctx, CNAT_LOCATION_INPUT,
324  CNAT_SESSION_FLAG_NO_CLIENT);
325  }
326 
327  if (AF_IP4 == ctx->af)
328  cnat_translation_ip4 (session, ip4, udp0);
329  else
330  cnat_translation_ip6 (session, ip6, udp0);
331 
332 trace:
333  if (PREDICT_FALSE (ctx->do_trace))
334  {
335  trace_flags |= do_snat ? 0 : CNAT_TRACE_NO_NAT;
336  trace_flags |= session_not_found ? 0 : CNAT_TRACE_SESSION_FOUND;
337  cnat_add_trace (vm, node, b, session, NULL, trace_flags);
338  }
339  return next0;
340 }
341 
342 VLIB_NODE_FN (cnat_output_feature_ip4_node)
343 (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
344 {
345  if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)))
346  return cnat_node_inline (vm, node, frame, cnat_output_feature_fn, AF_IP4,
347  CNAT_LOCATION_OUTPUT, 1 /* do_trace */);
348  return cnat_node_inline (vm, node, frame, cnat_output_feature_fn, AF_IP4,
349  CNAT_LOCATION_OUTPUT, 0 /* do_trace */);
350 }
351 
352 VLIB_REGISTER_NODE (cnat_output_feature_ip4_node) = {
353  .name = "cnat-output-ip4",
354  .vector_size = sizeof (u32),
355  .format_trace = format_cnat_trace,
356  .type = VLIB_NODE_TYPE_INTERNAL,
357  .n_errors = CNAT_N_ERROR,
358  .error_strings = cnat_error_strings,
359  .n_next_nodes = CNAT_FEATURE_N_NEXT,
360  .next_nodes = {
361  [CNAT_FEATURE_NEXT_DROP] = "error-drop",
362  },
363 };
364 
365 VNET_FEATURE_INIT (cnat_out_ip4_feature, static) = {
366  .arc_name = "ip4-output",
367  .node_name = "cnat-output-ip4",
368  .runs_before = VNET_FEATURES ("gso-ip4"),
369  .runs_after = VNET_FEATURES ("acl-plugin-out-ip4-fa"),
370 };
371 
372 VLIB_NODE_FN (cnat_output_feature_ip6_node)
373 (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
374 {
375  if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)))
376  return cnat_node_inline (vm, node, frame, cnat_output_feature_fn, AF_IP6,
377  CNAT_LOCATION_OUTPUT, 1 /* do_trace */);
378  return cnat_node_inline (vm, node, frame, cnat_output_feature_fn, AF_IP6,
379  CNAT_LOCATION_OUTPUT, 0 /* do_trace */);
380 }
381 
382 VLIB_REGISTER_NODE (cnat_output_feature_ip6_node) = {
383  .name = "cnat-output-ip6",
384  .vector_size = sizeof (u32),
385  .format_trace = format_cnat_trace,
386  .type = VLIB_NODE_TYPE_INTERNAL,
387  .n_errors = CNAT_N_ERROR,
388  .error_strings = cnat_error_strings,
389  .n_next_nodes = CNAT_FEATURE_N_NEXT,
390  .next_nodes = {
391  [CNAT_FEATURE_NEXT_DROP] = "error-drop",
392  },
393 };
394 
395 VNET_FEATURE_INIT (cnat_out_ip6_feature, static) = {
396  .arc_name = "ip6-output",
397  .node_name = "cnat-output-ip6",
398  .runs_before = VNET_FEATURES ("gso-ip6"),
399  .runs_after = VNET_FEATURES ("acl-plugin-out-ip6-fa"),
400 };
401 
402 /*
403  * fd.io coding-style-patch-verification: ON
404  *
405  * Local Variables:
406  * eval: (c-set-style "gnu")
407  * End:
408  */
load_balance.h
cnat_client_ip6_find
static_always_inline cnat_client_t * cnat_client_ip6_find(const ip6_address_t *ip)
Find a client from an IP6 address.
Definition: cnat_client.h:179
dpo_id_t_::dpoi_next_node
u16 dpoi_next_node
The next VLIB node to follow.
Definition: dpo.h:186
udp_header_t::src_port
u16 src_port
Definition: udp_packet.h:48
cnat_translation.h
trace
static vlib_cli_command_t trace
(constructor) VLIB_CLI_COMMAND (trace)
Definition: vlib_api_cli.c:899
load_balance_t_::lb_n_buckets
u16 lb_n_buckets
number of buckets in the load-balance.
Definition: load_balance.h:116
api.h
cnat_add_trace
static_always_inline void cnat_add_trace(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_buffer_t *b, cnat_session_t *session, const cnat_translation_t *ct, u8 flags)
Definition: cnat_node.h:55
dpo_id_t_::dpoi_index
index_t dpoi_index
the index of objects of that type
Definition: dpo.h:190
cnat_load_balance
static_always_inline cnat_ep_trk_t * cnat_load_balance(const cnat_translation_t *ct, ip_address_family_t af, ip4_header_t *ip4, ip6_header_t *ip6, u32 *dpoi_index)
Definition: cnat_node.h:807
cnat_session_t_::cs_ip
ip46_address_t cs_ip[VLIB_N_DIR]
IP 4/6 address in the rx/tx direction.
Definition: cnat_session.h:47
cnat_output_feature_ip6_node
vlib_node_registration_t cnat_output_feature_ip6_node
(constructor) VLIB_REGISTER_NODE (cnat_output_feature_ip6_node)
Definition: cnat_node_feature.c:38
cnat_node_inline
return cnat_node_inline(vm, node, frame, cnat_input_feature_fn, AF_IP4, CNAT_LOCATION_INPUT, 0)
cnat_ep_trk_t_::ct_ep
cnat_endpoint_t ct_ep[VLIB_N_DIR]
The EP being tracked.
Definition: cnat_translation.h:37
ip4
vl_api_ip4_address_t ip4
Definition: one.api:376
load_balance_map.h
ip46_address_set_ip4
static void ip46_address_set_ip4(ip46_address_t *ip46, const ip4_address_t *ip)
Definition: ip46_address.h:67
cnat_session_t_::cs_lbi
index_t cs_lbi
The load balance object to use to forward.
Definition: cnat_session.h:89
CNAT_TRACE_NO_NAT
@ CNAT_TRACE_NO_NAT
Definition: cnat_node.h:51
ip4_inlines.h
cnat_client_cnt_session
static_always_inline u32 cnat_client_cnt_session(cnat_client_t *cc)
Add a session refcnt to this client.
Definition: cnat_client.h:195
CNAT_SESSION_FLAG_NO_CLIENT
@ CNAT_SESSION_FLAG_NO_CLIENT
This session doesn't have a client, do not attempt to free it.
Definition: cnat_session.h:124
VLIB_NODE_TYPE_INTERNAL
@ VLIB_NODE_TYPE_INTERNAL
Definition: node.h:72
ip46_address_set_ip6
static_always_inline void ip46_address_set_ip6(ip46_address_t *dst, const ip6_address_t *src)
Definition: ip46_address.h:130
CNAT_N_ERROR
@ CNAT_N_ERROR
Definition: cnat_types.h:179
CNAT_FEATURE_NEXT_DROP
@ CNAT_FEATURE_NEXT_DROP
Definition: cnat_node_feature.c:31
cnat_node_ctx_
Definition: cnat_types.h:155
cnat_error_strings
char * cnat_error_strings[]
Definition: cnat_types.c:22
u16
unsigned short u16
Definition: types.h:57
CNAT_LOCATION_INPUT
@ CNAT_LOCATION_INPUT
Definition: cnat_session.h:136
cnat_client_ip4_find
static_always_inline cnat_client_t * cnat_client_ip4_find(const ip4_address_t *ip)
Find a client from an IP4 address.
Definition: cnat_client.h:150
AF_IP4
@ AF_IP4
Definition: ip_types.h:23
cnat_session_create
static_always_inline void cnat_session_create(cnat_session_t *session, cnat_node_ctx_t *ctx, cnat_session_location_t rsession_location, u8 rsession_flags)
Create NAT sessions rsession_location is the location the (return) session will be matched at.
Definition: cnat_node.h:841
VLIB_RX
@ VLIB_RX
Definition: defs.h:46
vm
vlib_main_t * vm
Definition: cnat_node_feature.c:180
cnat_session_t_::dpoi_next_node
u32 dpoi_next_node
Persist translation->ct_lb.dpoi_next_node.
Definition: cnat_session.h:94
cnat_session_t_
A session represents the memory of a translation.
Definition: cnat_session.h:37
VNET_FEATURE_INIT
VNET_FEATURE_INIT(cnat_in_ip4_feature, static)
vlib_frame_t
Definition: node.h:372
vlib_buffer_length_in_chain
static uword vlib_buffer_length_in_chain(vlib_main_t *vm, vlib_buffer_t *b)
Get length in bytes of the buffer chain.
Definition: buffer_funcs.h:433
udp_header_t
Definition: udp_packet.h:45
ip4_header_t
Definition: ip4_packet.h:87
cnat_snat_policy_main_t_::snat_ip4
cnat_endpoint_t snat_ip4
Definition: cnat_snat_policy.h:70
cnat_node.h
sport
u16 sport
Definition: pnat.api:43
cnat_client_t_::cc_parent
dpo_id_t cc_parent
How to send packets to this client post translation.
Definition: cnat_client.h:47
CNAT_TRACE_SESSION_FOUND
@ CNAT_TRACE_SESSION_FOUND
Definition: cnat_node.h:48
VLIB_NODE_FN
#define VLIB_NODE_FN(node)
Definition: node.h:202
CNAT_TRK_FLAG_NO_NAT
@ CNAT_TRK_FLAG_NO_NAT
Definition: cnat_types.h:64
vnet_buffer
#define vnet_buffer(b)
Definition: buffer.h:437
cnat_ep_trk_t_::ct_flags
u8 ct_flags
Allows to disable if not resolved yet.
Definition: cnat_translation.h:57
ip_addr_v6
#define ip_addr_v6(_a)
Definition: ip_types.h:92
cnat_client_t_::parent_cci
index_t parent_cci
Parent cnat_client index if cloned via interpose or own index if vanilla client.
Definition: cnat_client.h:74
VLIB_NODE_FLAG_TRACE
#define VLIB_NODE_FLAG_TRACE
Definition: node.h:291
format_cnat_trace
static u8 * format_cnat_trace(u8 *s, va_list *args)
Definition: cnat_node.h:75
PREDICT_FALSE
#define PREDICT_FALSE(x)
Definition: clib.h:124
vnet_feature_next
static_always_inline void vnet_feature_next(u32 *next0, vlib_buffer_t *b0)
Definition: feature.h:322
index_t
u32 index_t
A Data-Path Object is an object that represents actions that are applied to packets are they are swit...
Definition: dpo.h:43
cnat_input_feature_ip6_node
vlib_node_registration_t cnat_input_feature_ip6_node
(constructor) VLIB_REGISTER_NODE (cnat_input_feature_ip6_node)
Definition: cnat_node_feature.c:36
node
vlib_main_t vlib_node_runtime_t * node
Definition: cnat_node_feature.c:180
uword
u64 uword
Definition: types.h:112
cnat_output_feature_fn
static uword cnat_output_feature_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_buffer_t *b, cnat_node_ctx_t *ctx, int session_not_found, cnat_session_t *session)
Definition: cnat_node_feature.c:234
cnat_translation_ip6
static_always_inline void cnat_translation_ip6(const cnat_session_t *session, ip6_header_t *ip6, udp_header_t *udp)
Definition: cnat_node.h:640
cnat_timestamp_update
static void cnat_timestamp_update(u32 index, f64 t)
Definition: cnat_inline.h:47
ip_addr_v4
#define ip_addr_v4(_a)
Definition: ip_types.h:91
vlib_node_increment_counter
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
Definition: node_funcs.h:1244
load_balance_get_bucket_i
static const dpo_id_t * load_balance_get_bucket_i(const load_balance_t *lb, u32 bucket)
Definition: load_balance.h:229
cnat_inline.h
cnat_translation_ip4
static_always_inline void cnat_translation_ip4(const cnat_session_t *session, ip4_header_t *ip4, udp_header_t *udp)
Definition: cnat_node.h:383
cnat_allocate_port
int cnat_allocate_port(u16 *port, ip_protocol_t iproto)
Definition: cnat_src_policy.c:109
vlib_node_registration_t
struct _vlib_node_registration vlib_node_registration_t
ip6_inlines.h
ip46_address_copy
static_always_inline void ip46_address_copy(ip46_address_t *dst, const ip46_address_t *src)
Definition: ip46_address.h:123
cnat_session_t_::cs_ts_index
u32 cs_ts_index
Timestamp index this session was last used.
Definition: cnat_session.h:99
cnat_session_t_::cs_proto
ip_protocol_t cs_proto
The IP protocol TCP or UDP only supported.
Definition: cnat_session.h:57
ip_address_is_zero
bool ip_address_is_zero(const ip_address_t *ip)
Definition: ip_types.c:102
cnat_session_t_::key
struct cnat_session_t_::@635 key
this key sits in the same memory location a 'key' in the bihash kvp
always_inline
#define always_inline
Definition: rdma_mlx5dv.h:23
cnat_input_feature_ip4_node
vlib_node_registration_t cnat_input_feature_ip4_node
(constructor) VLIB_REGISTER_NODE (cnat_input_feature_ip4_node)
Definition: cnat_node_feature.c:35
cnat_session_t_::value
struct cnat_session_t_::@636 value
this value sits in the same memory location a 'value' in the bihash kvp
cnat_session_t_::flags
u32 flags
session flags
Definition: cnat_session.h:104
vlib_combined_counter_main_t
A collection of combined counters.
Definition: counter.h:203
CNAT_SESSION_FLAG_NO_NAT
@ CNAT_SESSION_FLAG_NO_NAT
Definition: cnat_session.h:128
u32
unsigned int u32
Definition: types.h:88
udp_header_t::dst_port
u16 dst_port
Definition: udp_packet.h:48
CNAT_SESSION_FLAG_ALLOC_PORT
@ CNAT_SESSION_FLAG_ALLOC_PORT
This session source port was allocated, free it on cleanup.
Definition: cnat_session.h:120
ip6
vl_api_ip6_address_t ip6
Definition: one.api:424
ctx
long ctx[MAX_CONNS]
Definition: main.c:144
cnat_snat_policy_main_t_::snat_policy
cnat_snat_policy_t snat_policy
Definition: cnat_snat_policy.h:67
load_balance_get
static load_balance_t * load_balance_get(index_t lbi)
Definition: load_balance.h:220
AF_IP6
@ AF_IP6
Definition: ip_types.h:24
ip6_header_t
Definition: ip6_packet.h:294
CNAT_FEATURE_N_NEXT
@ CNAT_FEATURE_N_NEXT
Definition: cnat_node_feature.c:32
cnat_snat_policy_main_t_
Definition: cnat_snat_policy.h:58
ip_protocol_t
enum ip_protocol ip_protocol_t
cnat_input_feature_fn
static uword cnat_input_feature_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_buffer_t *b, cnat_node_ctx_t *ctx, int session_not_found, cnat_session_t *session)
Definition: cnat_node_feature.c:41
cnat_endpoint_t_::ce_port
u16 ce_port
Definition: cnat_types.h:77
vlib_main_t
Definition: main.h:102
CNAT_LOCATION_OUTPUT
@ CNAT_LOCATION_OUTPUT
Definition: cnat_session.h:137
cnat_snat_policy_main_t_::snat_ip6
cnat_endpoint_t snat_ip6
Definition: cnat_snat_policy.h:73
cnat_translation_counters
vlib_combined_counter_main_t cnat_translation_counters
Counters for each translation.
Definition: cnat_translation.c:33
cnat_endpoint_t_::ce_ip
ip_address_t ce_ip
Definition: cnat_types.h:75
b
vlib_buffer_t ** b
Definition: nat44_ei_out2in.c:717
VNET_FEATURES
#define VNET_FEATURES(...)
Definition: feature.h:470
u8
unsigned char u8
Definition: types.h:56
vlib_buffer_get_current
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:257
frame
vlib_main_t vlib_node_runtime_t vlib_frame_t * frame
Definition: cnat_node_feature.c:181
cnat_translation_t_::ct_lb
dpo_id_t ct_lb
The LB used to forward to the backends.
Definition: cnat_translation.h:127
cnat_src_policy.h
cnat_translation_pool
cnat_translation_t * cnat_translation_pool
Definition: cnat_translation.c:26
ip_address::ip
ip46_address_t ip
Definition: ip_types.h:81
dpo_id_t_
The identity of a DPO is a combination of its type and its instance number/index of objects of that t...
Definition: dpo.h:172
rv
int __clib_unused rv
Definition: application.c:491
load_balance_t_
The FIB DPO provieds;.
Definition: load_balance.h:106
vlib_node_runtime_t
Definition: node.h:454
cnat_snat_policy_main
cnat_snat_policy_main_t cnat_snat_policy_main
Definition: cnat_snat_policy.c:20
INDEX_INVALID
#define INDEX_INVALID
Invalid index - used when no index is known blazoned capitals INVALID speak volumes where ~0 does not...
Definition: dpo.h:49
cnat_feature_next_t
enum cnat_feature_next_ cnat_feature_next_t
cnat_feature_next_
cnat_feature_next_
Definition: cnat_node_feature.c:29
cnat_client_t_
A client is a representation of an IP address behind the NAT.
Definition: cnat_client.h:35
cnat_output_feature_ip4_node
vlib_node_registration_t cnat_output_feature_ip4_node
(constructor) VLIB_REGISTER_NODE (cnat_output_feature_ip4_node)
Definition: cnat_node_feature.c:37
VLIB_TX
@ VLIB_TX
Definition: defs.h:47
cnat_ep_trk_t_::ct_dpo
dpo_id_t ct_dpo
The forwarding contributed by the entry.
Definition: cnat_translation.h:52
type
vl_api_fib_path_type_t type
Definition: fib_types.api:123
vlib_increment_combined_counter
vlib_increment_combined_counter(ccm, ti, sw_if_index, n_buffers, n_bytes)
cnat_snat_policy.h
CNAT_TRACE_SESSION_CREATED
@ CNAT_TRACE_SESSION_CREATED
Definition: cnat_node.h:49
cnat_translation_t_
A Translation represents the translation of a VEP to one of a set of real server addresses.
Definition: cnat_translation.h:117
cnat_ep_trk_t_
Data used to track an EP in the FIB.
Definition: cnat_translation.h:32
vlib_buffer_t
VLIB buffer representation.
Definition: buffer.h:111
cnat_session_t_::cs_port
u16 cs_port[VLIB_N_DIR]
ports in rx/tx
Definition: cnat_session.h:52
cnat_find_translation
static_always_inline cnat_translation_t * cnat_find_translation(index_t cti, u16 port, ip_protocol_t proto)
Definition: cnat_translation.h:250
VLIB_REGISTER_NODE
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:169