FD.io VPP  v21.10.1-2-g0a485f517
Vector Packet Processing
cnat_types.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2020 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef __CNAT_TYPES_H__
17 #define __CNAT_TYPES_H__
18 
19 #include <vppinfra/bihash_24_8.h>
20 #include <vnet/fib/fib_node.h>
21 #include <vnet/fib/fib_source.h>
22 #include <vnet/ip/ip_types.h>
23 #include <vnet/ip/ip.h>
24 #include <vnet/util/throttle.h>
25 
26 /* only in the default table for v4 and v6 */
27 #define CNAT_FIB_TABLE 0
28 
29 /* default lifetime of NAT sessions (seconds) */
30 #define CNAT_DEFAULT_SESSION_MAX_AGE 30
31 /* lifetime of TCP conn NAT sessions after SYNACK (seconds) */
32 #define CNAT_DEFAULT_TCP_MAX_AGE 3600
33 /* lifetime of TCP conn NAT sessions after RST/FIN (seconds) */
34 #define CNAT_DEFAULT_TCP_RST_TIMEOUT 5
35 #define CNAT_DEFAULT_SCANNER_TIMEOUT (1.0)
36 
37 #define CNAT_DEFAULT_SESSION_BUCKETS 1024
38 #define CNAT_DEFAULT_TRANSLATION_BUCKETS 1024
39 #define CNAT_DEFAULT_SNAT_BUCKETS 1024
40 #define CNAT_DEFAULT_SNAT_IF_MAP_LEN 4096
41 
42 #define CNAT_DEFAULT_SESSION_MEMORY (1 << 20)
43 #define CNAT_DEFAULT_TRANSLATION_MEMORY (256 << 10)
44 #define CNAT_DEFAULT_SNAT_MEMORY (64 << 20)
45 
46 /* Should be prime >~ 100 * numBackends */
47 #define CNAT_DEFAULT_MAGLEV_LEN 1009
48 
49 /* This should be strictly lower than FIB_SOURCE_INTERFACE
50  * from fib_source.h */
51 #define CNAT_FIB_SOURCE_PRIORITY 0x02
52 
53 /* Initial refcnt for timestamps (2 : session & rsession) */
54 #define CNAT_TIMESTAMP_INIT_REFCNT 2
55 
56 #define MIN_SRC_PORT ((u16) 0xC000)
57 
58 typedef enum cnat_trk_flag_t_
59 {
60  /* Endpoint is active (static or dhcp resolved) */
61  CNAT_TRK_ACTIVE = (1 << 0),
62  /* Don't translate this endpoint, but still
63  * forward. Used by maglev for DSR */
64  CNAT_TRK_FLAG_NO_NAT = (1 << 1),
65 } cnat_trk_flag_t;
66 
67 typedef enum
68 {
69  /* Endpoint addr has been resolved */
70  CNAT_EP_FLAG_RESOLVED = (1 << 0),
71 } cnat_ep_flag_t;
72 
73 typedef struct cnat_endpoint_t_
74 {
75  ip_address_t ce_ip;
76  u32 ce_sw_if_index;
77  u16 ce_port;
78  u8 ce_flags;
79 } cnat_endpoint_t;
80 
81 typedef struct cnat_endpoint_tuple_t_
82 {
83  cnat_endpoint_t dst_ep;
84  cnat_endpoint_t src_ep;
85  u8 ep_flags; /* cnat_trk_flag_t */
86 } cnat_endpoint_tuple_t;
87 
88 typedef struct
89 {
90  u16 identifier;
91  u16 sequence;
92 } cnat_echo_header_t;
93 
94 typedef struct cnat_main_
95 {
96  /* Memory size of the session bihash */
97  uword session_hash_memory;
98 
99  /* Number of buckets of the session bihash */
100  u32 session_hash_buckets;
101 
102  /* Memory size of the translation bihash */
103  uword translation_hash_memory;
104 
105  /* Number of buckets of the translation bihash */
106  u32 translation_hash_buckets;
107 
108  /* Memory size of the source NAT prefix bihash */
109  uword snat_hash_memory;
110 
111  /* Number of buckets of the source NAT prefix bihash */
112  u32 snat_hash_buckets;
113 
114  /* Bit map for include / exclude sw_if_index
115  * so max number of expected interfaces */
116  u32 snat_if_map_length;
117 
118  /* Timeout after which to clear sessions (in seconds) */
119  u32 session_max_age;
120 
121  /* Timeout after which to clear an established TCP
122  * session (in seconds) */
123  u32 tcp_max_age;
124 
125  /* delay in seconds between two scans of session/clients tables */
126  f64 scanner_timeout;
127 
128  /* Lock for the timestamp pool */
129  clib_rwlock_t ts_lock;
130 
131  /* Index of the scanner process node */
132  uword scanner_node_index;
133 
134  /* Did we do lazy init ? */
135  u8 lazy_init_done;
136 
137  /* Enable or Disable the scanner on startup */
138  u8 default_scanner_state;
139 
140  /* Number of buckets for maglev, should be a
141  * prime >= 100 * max num bakends */
142  u32 maglev_len;
143 } cnat_main_t;
144 
145 typedef struct cnat_timestamp_t_
146 {
147  /* Last time said session was seen */
148  f64 last_seen;
149  /* expire after N seconds */
150  u16 lifetime;
151  /* Users refcount, initially 3 (session, rsession, dpo) */
152  u16 refcnt;
153 } cnat_timestamp_t;
154 
155 typedef struct cnat_node_ctx_
156 {
157  f64 now;
158  u32 thread_index;
159  ip_address_family_t af;
160  u8 do_trace;
161 } cnat_node_ctx_t;
162 
163 cnat_main_t *cnat_get_main ();
164 extern u8 *format_cnat_endpoint (u8 * s, va_list * args);
165 extern uword unformat_cnat_ep_tuple (unformat_input_t * input,
166  va_list * args);
167 extern uword unformat_cnat_ep (unformat_input_t * input, va_list * args);
168 extern cnat_timestamp_t *cnat_timestamps;
169 extern fib_source_t cnat_fib_source;
170 extern cnat_main_t cnat_main;
171 
172 extern char *cnat_error_strings[];
173 
174 typedef enum
175 {
176 #define cnat_error(n,s) CNAT_ERROR_##n,
177 #include <cnat/cnat_error.def>
178 #undef cnat_error
179  CNAT_N_ERROR,
180 } cnat_error_t;
181 
182 typedef enum cnat_scanner_cmd_t_
183 {
184  CNAT_SCANNER_OFF,
185  CNAT_SCANNER_ON,
186 } cnat_scanner_cmd_t;
187 
188 /**
189  * Lazy initialization when first adding a translation
190  * or using snat
191  */
192 extern void cnat_lazy_init ();
193 
194 /**
195  * Enable/Disable session cleanup
196  */
197 extern void cnat_enable_disable_scanner (cnat_scanner_cmd_t event_type);
198 
199 /**
200  * Resolve endpoint address
201  */
202 extern u8 cnat_resolve_ep (cnat_endpoint_t * ep);
203 extern u8 cnat_resolve_addr (u32 sw_if_index, ip_address_family_t af,
204  ip_address_t * addr);
205 
206 
207 /*
208  * fd.io coding-style-patch-verification: ON
209  *
210  * Local Variables:
211  * eval: (c-set-style "gnu")
212  * End:
213  */
214 
215 #endif
cnat_timestamp_t_::lifetime
u16 lifetime
Definition: cnat_types.h:150
fib_source.h
cnat_main_::tcp_max_age
u32 tcp_max_age
Definition: cnat_types.h:123
cnat_main_::maglev_len
u32 maglev_len
Definition: cnat_types.h:142
cnat_main_::snat_hash_buckets
u32 snat_hash_buckets
Definition: cnat_types.h:112
cnat_main
cnat_main_t cnat_main
Definition: cnat_types.c:18
ip_address
Definition: ip_types.h:79
bihash_24_8.h
cnat_main_::snat_if_map_length
u32 snat_if_map_length
Definition: cnat_types.h:116
CNAT_EP_FLAG_RESOLVED
@ CNAT_EP_FLAG_RESOLVED
Definition: cnat_types.h:70
cnat_timestamp_t_::last_seen
f64 last_seen
Definition: cnat_types.h:148
cnat_main_::scanner_timeout
f64 scanner_timeout
Definition: cnat_types.h:126
cnat_fib_source
fib_source_t cnat_fib_source
Definition: cnat_types.c:19
cnat_endpoint_t
struct cnat_endpoint_t_ cnat_endpoint_t
cnat_main_::snat_hash_memory
uword snat_hash_memory
Definition: cnat_types.h:109
unformat_cnat_ep
uword unformat_cnat_ep(unformat_input_t *input, va_list *args)
Definition: cnat_types.c:73
cnat_resolve_ep
u8 cnat_resolve_ep(cnat_endpoint_t *ep)
Resolve endpoint address.
Definition: cnat_types.c:63
cnat_node_ctx_::now
f64 now
Definition: cnat_types.h:157
cnat_main_::session_hash_memory
uword session_hash_memory
Definition: cnat_types.h:97
CNAT_SCANNER_OFF
@ CNAT_SCANNER_OFF
Definition: cnat_types.h:184
CNAT_N_ERROR
@ CNAT_N_ERROR
Definition: cnat_types.h:179
cnat_endpoint_t_::ce_sw_if_index
u32 ce_sw_if_index
Definition: cnat_types.h:76
cnat_node_ctx_
Definition: cnat_types.h:155
cnat_scanner_cmd_t_
cnat_scanner_cmd_t_
Definition: cnat_types.h:182
format_cnat_endpoint
u8 * format_cnat_endpoint(u8 *s, va_list *args)
Definition: cnat_types.c:134
u16
unsigned short u16
Definition: types.h:57
cnat_trk_flag_t_
cnat_trk_flag_t_
Definition: cnat_types.h:58
cnat_trk_flag_t
enum cnat_trk_flag_t_ cnat_trk_flag_t
cnat_error_t
cnat_error_t
Definition: cnat_types.h:174
unformat_input_t
struct _unformat_input_t unformat_input_t
addr
vhost_vring_addr_t addr
Definition: vhost_user.h:130
fib_node.h
cnat_echo_header_t::sequence
u16 sequence
Definition: cnat_types.h:91
cnat_endpoint_t_
Definition: cnat_types.h:73
cnat_endpoint_tuple_t_
Definition: cnat_types.h:81
cnat_ep_flag_t
cnat_ep_flag_t
Definition: cnat_types.h:67
cnat_main_::default_scanner_state
u8 default_scanner_state
Definition: cnat_types.h:138
cnat_node_ctx_t
struct cnat_node_ctx_ cnat_node_ctx_t
CNAT_SCANNER_ON
@ CNAT_SCANNER_ON
Definition: cnat_types.h:185
CNAT_TRK_FLAG_NO_NAT
@ CNAT_TRK_FLAG_NO_NAT
Definition: cnat_types.h:64
cnat_main_::ts_lock
clib_rwlock_t ts_lock
Definition: cnat_types.h:129
cnat_echo_header_t::identifier
u16 identifier
Definition: cnat_types.h:90
cnat_resolve_addr
u8 cnat_resolve_addr(u32 sw_if_index, ip_address_family_t af, ip_address_t *addr)
Definition: cnat_types.c:29
clib_rw_lock_
Definition: lock.h:139
uword
u64 uword
Definition: types.h:112
cnat_main_::lazy_init_done
u8 lazy_init_done
Definition: cnat_types.h:135
cnat_main_t
struct cnat_main_ cnat_main_t
cnat_main_::translation_hash_buckets
u32 translation_hash_buckets
Definition: cnat_types.h:106
f64
double f64
Definition: types.h:142
ip_types.h
cnat_enable_disable_scanner
void cnat_enable_disable_scanner(cnat_scanner_cmd_t event_type)
Enable/Disable session cleanup.
Definition: cnat_types.c:169
cnat_endpoint_tuple_t_::dst_ep
cnat_endpoint_t dst_ep
Definition: cnat_types.h:83
cnat_timestamp_t_
Definition: cnat_types.h:145
cnat_endpoint_tuple_t_::src_ep
cnat_endpoint_t src_ep
Definition: cnat_types.h:84
cnat_get_main
cnat_main_t * cnat_get_main()
Definition: cnat_types.c:247
cnat_timestamp_t_::refcnt
u16 refcnt
Definition: cnat_types.h:152
cnat_endpoint_tuple_t_::ep_flags
u8 ep_flags
Definition: cnat_types.h:85
cnat_lazy_init
void cnat_lazy_init()
Lazy initialization when first adding a translation or using snat.
Definition: cnat_types.c:176
throttle.h
ip.h
u32
unsigned int u32
Definition: types.h:88
af
vl_api_address_family_t af
Definition: ip.api:619
cnat_node_ctx_::af
ip_address_family_t af
Definition: cnat_types.h:159
cnat_scanner_cmd_t
enum cnat_scanner_cmd_t_ cnat_scanner_cmd_t
cnat_main_::session_hash_buckets
u32 session_hash_buckets
Definition: cnat_types.h:100
cnat_main_::translation_hash_memory
uword translation_hash_memory
Definition: cnat_types.h:103
CNAT_TRK_ACTIVE
@ CNAT_TRK_ACTIVE
Definition: cnat_types.h:61
cnat_main_::scanner_node_index
uword scanner_node_index
Definition: cnat_types.h:132
cnat_echo_header_t
Definition: cnat_types.h:88
cnat_endpoint_t_::ce_port
u16 ce_port
Definition: cnat_types.h:77
cnat_error_strings
char * cnat_error_strings[]
Definition: cnat_types.c:22
cnat_endpoint_t_::ce_ip
ip_address_t ce_ip
Definition: cnat_types.h:75
u8
unsigned char u8
Definition: types.h:56
fib_source_t
enum fib_source_t_ fib_source_t
The different sources that can create a route.
cnat_endpoint_t_::ce_flags
u8 ce_flags
Definition: cnat_types.h:78
cnat_node_ctx_::do_trace
u8 do_trace
Definition: cnat_types.h:160
cnat_node_ctx_::thread_index
u32 thread_index
Definition: cnat_types.h:158
sw_if_index
vl_api_interface_index_t sw_if_index
Definition: wireguard.api:34
cnat_timestamp_t
struct cnat_timestamp_t_ cnat_timestamp_t
unformat_cnat_ep_tuple
uword unformat_cnat_ep_tuple(unformat_input_t *input, va_list *args)
Definition: cnat_types.c:115
cnat_endpoint_tuple_t
struct cnat_endpoint_tuple_t_ cnat_endpoint_tuple_t
cnat_main_::session_max_age
u32 session_max_age
Definition: cnat_types.h:119
cnat_error.def
cnat_timestamps
cnat_timestamp_t * cnat_timestamps
Definition: cnat_types.c:20
ip_address_family_t
enum ip_address_family_t_ ip_address_family_t
cnat_main_
Definition: cnat_types.h:94