FD.io VPP  v18.01-8-g0eacf49
Vector Packet Processing
ip6_map_t.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2015 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "map.h"
16 
17 #include "../ip/ip_frag.h"
18 #include <vnet/ip/ip6_to_ip4.h>
19 #include <vnet/ip/ip4_to_ip6.h>
20 
21 #define IP6_MAP_T_DUAL_LOOP
22 
23 typedef enum
24 {
25  IP6_MAPT_NEXT_MAPT_TCP_UDP,
26  IP6_MAPT_NEXT_MAPT_ICMP,
27  IP6_MAPT_NEXT_MAPT_FRAGMENTED,
28  IP6_MAPT_NEXT_DROP,
29  IP6_MAPT_N_NEXT
30 } ip6_mapt_next_t;
31 
32 typedef enum
33 {
34  IP6_MAPT_ICMP_NEXT_IP4_LOOKUP,
35  IP6_MAPT_ICMP_NEXT_IP4_FRAG,
36  IP6_MAPT_ICMP_NEXT_DROP,
37  IP6_MAPT_ICMP_N_NEXT
38 } ip6_mapt_icmp_next_t;
39 
40 typedef enum
41 {
42  IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP,
43  IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG,
44  IP6_MAPT_TCP_UDP_NEXT_DROP,
45  IP6_MAPT_TCP_UDP_N_NEXT
46 } ip6_mapt_tcp_udp_next_t;
47 
48 typedef enum
49 {
50  IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP,
51  IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG,
52  IP6_MAPT_FRAGMENTED_NEXT_DROP,
53  IP6_MAPT_FRAGMENTED_N_NEXT
54 } ip6_mapt_fragmented_next_t;
55 
56 static_always_inline int
57 ip6_map_fragment_cache (ip6_header_t * ip6, ip6_frag_hdr_t * frag,
58  map_domain_t * d, u16 port)
59 {
60  u32 *ignore = NULL;
61  map_ip4_reass_lock ();
62  map_ip4_reass_t *r = map_ip4_reass_get (map_get_ip4 (&ip6->src_address),
63  ip6_map_t_embedded_address (d,
64  &ip6->
65  dst_address),
66  frag_id_6to4 (frag->identification),
67  (ip6->protocol ==
68  IP_PROTOCOL_ICMP6) ?
69  IP_PROTOCOL_ICMP : ip6->protocol,
70  &ignore);
71  if (r)
72  r->port = port;
73 
74  map_ip4_reass_unlock ();
75  return !r;
76 }
77 
78 /* Returns the associated port or -1 */
79 static_always_inline i32
80 ip6_map_fragment_get (ip6_header_t * ip6, ip6_frag_hdr_t * frag,
81  map_domain_t * d)
82 {
83  u32 *ignore = NULL;
84  map_ip4_reass_lock ();
85  map_ip4_reass_t *r = map_ip4_reass_get (map_get_ip4 (&ip6->src_address),
86  ip6_map_t_embedded_address (d,
87  &ip6->
88  dst_address),
89  frag_id_6to4 (frag->identification),
90  (ip6->protocol ==
91  IP_PROTOCOL_ICMP6) ?
92  IP_PROTOCOL_ICMP : ip6->protocol,
93  &ignore);
94  i32 ret = r ? r->port : -1;
95  map_ip4_reass_unlock ();
96  return ret;
97 }
98 
99 typedef struct
100 {
101  map_domain_t *d;
102  u16 sender_port;
103 } icmp6_to_icmp_ctx_t;
104 
105 static int
106 ip6_to_ip4_set_icmp_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *arg)
107 {
108  icmp6_to_icmp_ctx_t *ctx = arg;
109  u32 ip4_sadr;
110 
111  //Security check
112  //Note that this prevents an intermediate IPv6 router from answering the request
113  ip4_sadr = map_get_ip4 (&ip6->src_address);
114  if (ip6->src_address.as_u64[0] !=
115  map_get_pfx_net (ctx->d, ip4_sadr, ctx->sender_port)
116  || ip6->src_address.as_u64[1] != map_get_sfx_net (ctx->d, ip4_sadr,
117  ctx->sender_port))
118  return -1;
119 
120  ip4->dst_address.as_u32 =
121  ip6_map_t_embedded_address (ctx->d, &ip6->dst_address);
122  ip4->src_address.as_u32 = ip4_sadr;
123 
124  return 0;
125 }
126 
127 static int
128 ip6_to_ip4_set_inner_icmp_cb (ip6_header_t * ip6, ip4_header_t * ip4,
129  void *arg)
130 {
131  icmp6_to_icmp_ctx_t *ctx = arg;
132  u32 inner_ip4_dadr;
133 
134  //Security check of inner packet
135  inner_ip4_dadr = map_get_ip4 (&ip6->dst_address);
136  if (ip6->dst_address.as_u64[0] !=
137  map_get_pfx_net (ctx->d, inner_ip4_dadr, ctx->sender_port)
138  || ip6->dst_address.as_u64[1] != map_get_sfx_net (ctx->d,
139  inner_ip4_dadr,
140  ctx->sender_port))
141  return -1;
142 
143  ip4->dst_address.as_u32 = inner_ip4_dadr;
144  ip4->src_address.as_u32 =
145  ip6_map_t_embedded_address (ctx->d, &ip6->src_address);
146 
147  return 0;
148 }
149 
150 static uword
151 ip6_map_t_icmp (vlib_main_t * vm,
152  vlib_node_runtime_t * node, vlib_frame_t * frame)
153 {
154  u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
155  vlib_node_runtime_t *error_node =
156  vlib_node_get_runtime (vm, ip6_map_t_icmp_node.index);
157  from = vlib_frame_vector_args (frame);
158  n_left_from = frame->n_vectors;
159  next_index = node->cached_next_index;
160  vlib_combined_counter_main_t *cm = map_main.domain_counters;
161  u32 thread_index = vlib_get_thread_index ();
162 
163  while (n_left_from > 0)
164  {
165  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
166 
167  while (n_left_from > 0 && n_left_to_next > 0)
168  {
169  u32 pi0;
170  vlib_buffer_t *p0;
171  u8 error0;
172  ip6_mapt_icmp_next_t next0;
173  map_domain_t *d0;
174  u16 len0;
175  icmp6_to_icmp_ctx_t ctx0;
176  ip6_header_t *ip60;
177 
178  pi0 = to_next[0] = from[0];
179  from += 1;
180  n_left_from -= 1;
181  to_next += 1;
182  n_left_to_next -= 1;
183  error0 = MAP_ERROR_NONE;
184  next0 = IP6_MAPT_ICMP_NEXT_IP4_LOOKUP;
185 
186  p0 = vlib_get_buffer (vm, pi0);
187  ip60 = vlib_buffer_get_current (p0);
188  len0 = clib_net_to_host_u16 (ip60->payload_length);
189  d0 =
190  pool_elt_at_index (map_main.domains,
191  vnet_buffer (p0)->map_t.map_domain_index);
192  ctx0.sender_port = ip6_get_port (ip60, 0, p0->current_length);
193  ctx0.d = d0;
194  if (ctx0.sender_port == 0)
195  {
196  // In case of 1:1 mapping, we don't care about the port
197  if (!(d0->ea_bits_len == 0 && d0->rules))
198  {
199  error0 = MAP_ERROR_ICMP;
200  goto err0;
201  }
202  }
203 
204  if (icmp6_to_icmp
205  (p0, ip6_to_ip4_set_icmp_cb, &ctx0,
206  ip6_to_ip4_set_inner_icmp_cb, &ctx0))
207  {
208  error0 = MAP_ERROR_ICMP;
209  goto err0;
210  }
211 
212  if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
213  {
214  //Send to fragmentation node if necessary
215  vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
216  vnet_buffer (p0)->ip_frag.header_offset = 0;
217  vnet_buffer (p0)->ip_frag.next_index = IP4_FRAG_NEXT_IP4_LOOKUP;
218  next0 = IP6_MAPT_ICMP_NEXT_IP4_FRAG;
219  }
220  err0:
221  if (PREDICT_TRUE (error0 == MAP_ERROR_NONE))
222  {
223  vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX,
224  thread_index,
225  vnet_buffer (p0)->
226  map_t.map_domain_index, 1,
227  len0);
228  }
229  else
230  {
231  next0 = IP6_MAPT_ICMP_NEXT_DROP;
232  }
233 
234  p0->error = error_node->errors[error0];
235  vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
236  to_next, n_left_to_next, pi0,
237  next0);
238  }
239  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
240  }
241  return frame->n_vectors;
242 }
243 
244 static int
245 ip6_to_ip4_set_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *ctx)
246 {
247  vlib_buffer_t *p = ctx;
248 
249  ip4->dst_address.as_u32 = vnet_buffer (p)->map_t.v6.daddr;
250  ip4->src_address.as_u32 = vnet_buffer (p)->map_t.v6.saddr;
251 
252  return 0;
253 }
254 
255 static uword
256 ip6_map_t_fragmented (vlib_main_t * vm,
257  vlib_node_runtime_t * node, vlib_frame_t * frame)
258 {
259  u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
260  from = vlib_frame_vector_args (frame);
261  n_left_from = frame->n_vectors;
262  next_index = node->cached_next_index;
263  vlib_node_runtime_t *error_node =
264  vlib_node_get_runtime (vm, ip6_map_t_fragmented_node.index);
265 
266  while (n_left_from > 0)
267  {
268  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
269 
270 #ifdef IP6_MAP_T_DUAL_LOOP
271  while (n_left_from >= 4 && n_left_to_next >= 2)
272  {
273  u32 pi0, pi1;
274  vlib_buffer_t *p0, *p1;
275  u32 next0, next1;
276 
277  pi0 = to_next[0] = from[0];
278  pi1 = to_next[1] = from[1];
279  from += 2;
280  n_left_from -= 2;
281  to_next += 2;
282  n_left_to_next -= 2;
283 
284  next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
285  next1 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
286  p0 = vlib_get_buffer (vm, pi0);
287  p1 = vlib_get_buffer (vm, pi1);
288 
289  if (ip6_to_ip4_fragmented (p0, ip6_to_ip4_set_cb, p0))
290  {
291  p0->error = error_node->errors[MAP_ERROR_FRAGMENT_DROPPED];
292  next0 = IP6_MAPT_FRAGMENTED_NEXT_DROP;
293  }
294  else
295  {
296  if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
297  {
298  //Send to fragmentation node if necessary
299  vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
300  vnet_buffer (p0)->ip_frag.header_offset = 0;
301  vnet_buffer (p0)->ip_frag.next_index =
302  IP4_FRAG_NEXT_IP4_LOOKUP;
303  next0 = IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG;
304  }
305  }
306 
307  if (ip6_to_ip4_fragmented (p1, ip6_to_ip4_set_cb, p1))
308  {
309  p1->error = error_node->errors[MAP_ERROR_FRAGMENT_DROPPED];
310  next1 = IP6_MAPT_FRAGMENTED_NEXT_DROP;
311  }
312  else
313  {
314  if (vnet_buffer (p1)->map_t.mtu < p1->current_length)
315  {
316  //Send to fragmentation node if necessary
317  vnet_buffer (p1)->ip_frag.mtu = vnet_buffer (p1)->map_t.mtu;
318  vnet_buffer (p1)->ip_frag.header_offset = 0;
319  vnet_buffer (p1)->ip_frag.next_index =
320  IP4_FRAG_NEXT_IP4_LOOKUP;
321  next1 = IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG;
322  }
323  }
324 
325  vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
326  to_next, n_left_to_next, pi0, pi1,
327  next0, next1);
328  }
329 #endif
330 
331  while (n_left_from > 0 && n_left_to_next > 0)
332  {
333  u32 pi0;
334  vlib_buffer_t *p0;
335  u32 next0;
336 
337  pi0 = to_next[0] = from[0];
338  from += 1;
339  n_left_from -= 1;
340  to_next += 1;
341  n_left_to_next -= 1;
342 
343  next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
344  p0 = vlib_get_buffer (vm, pi0);
345 
346  if (ip6_to_ip4_fragmented (p0, ip6_to_ip4_set_cb, p0))
347  {
348  p0->error = error_node->errors[MAP_ERROR_FRAGMENT_DROPPED];
349  next0 = IP6_MAPT_FRAGMENTED_NEXT_DROP;
350  }
351  else
352  {
353  if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
354  {
355  //Send to fragmentation node if necessary
356  vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
357  vnet_buffer (p0)->ip_frag.header_offset = 0;
358  vnet_buffer (p0)->ip_frag.next_index =
359  IP4_FRAG_NEXT_IP4_LOOKUP;
360  next0 = IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG;
361  }
362  }
363 
364  vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
365  to_next, n_left_to_next, pi0,
366  next0);
367  }
368  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
369  }
370  return frame->n_vectors;
371 }
372 
373 static uword
374 ip6_map_t_tcp_udp (vlib_main_t * vm,
375  vlib_node_runtime_t * node, vlib_frame_t * frame)
376 {
377  u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
378  vlib_node_runtime_t *error_node =
379  vlib_node_get_runtime (vm, ip6_map_t_tcp_udp_node.index);
380 
381  from = vlib_frame_vector_args (frame);
382  n_left_from = frame->n_vectors;
383  next_index = node->cached_next_index;
384  while (n_left_from > 0)
385  {
386  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
387 
388 #ifdef IP6_MAP_T_DUAL_LOOP
389  while (n_left_from >= 4 && n_left_to_next >= 2)
390  {
391  u32 pi0, pi1;
392  vlib_buffer_t *p0, *p1;
393  ip6_mapt_tcp_udp_next_t next0, next1;
394 
395  pi0 = to_next[0] = from[0];
396  pi1 = to_next[1] = from[1];
397  from += 2;
398  n_left_from -= 2;
399  to_next += 2;
400  n_left_to_next -= 2;
401  next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
402  next1 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
403 
404  p0 = vlib_get_buffer (vm, pi0);
405  p1 = vlib_get_buffer (vm, pi1);
406 
407  if (ip6_to_ip4_tcp_udp (p0, ip6_to_ip4_set_cb, p0, 1))
408  {
409  p0->error = error_node->errors[MAP_ERROR_UNKNOWN];
410  next0 = IP6_MAPT_TCP_UDP_NEXT_DROP;
411  }
412  else
413  {
414  if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
415  {
416  //Send to fragmentation node if necessary
417  vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
418  vnet_buffer (p0)->ip_frag.header_offset = 0;
419  vnet_buffer (p0)->ip_frag.next_index =
420  IP4_FRAG_NEXT_IP4_LOOKUP;
421  next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG;
422  }
423  }
424 
425  if (ip6_to_ip4_tcp_udp (p1, ip6_to_ip4_set_cb, p1, 1))
426  {
427  p1->error = error_node->errors[MAP_ERROR_UNKNOWN];
428  next1 = IP6_MAPT_TCP_UDP_NEXT_DROP;
429  }
430  else
431  {
432  if (vnet_buffer (p1)->map_t.mtu < p1->current_length)
433  {
434  //Send to fragmentation node if necessary
435  vnet_buffer (p1)->ip_frag.mtu = vnet_buffer (p1)->map_t.mtu;
436  vnet_buffer (p1)->ip_frag.header_offset = 0;
437  vnet_buffer (p1)->ip_frag.next_index =
438  IP4_FRAG_NEXT_IP4_LOOKUP;
439  next1 = IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG;
440  }
441  }
442 
443  vlib_validate_buffer_enqueue_x2 (vm, node, next_index, to_next,
444  n_left_to_next, pi0, pi1, next0,
445  next1);
446  }
447 #endif
448 
449  while (n_left_from > 0 && n_left_to_next > 0)
450  {
451  u32 pi0;
452  vlib_buffer_t *p0;
453  ip6_mapt_tcp_udp_next_t next0;
454 
455  pi0 = to_next[0] = from[0];
456  from += 1;
457  n_left_from -= 1;
458  to_next += 1;
459  n_left_to_next -= 1;
460  next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
461 
462  p0 = vlib_get_buffer (vm, pi0);
463 
464  if (ip6_to_ip4_tcp_udp (p0, ip6_to_ip4_set_cb, p0, 1))
465  {
466  p0->error = error_node->errors[MAP_ERROR_UNKNOWN];
467  next0 = IP6_MAPT_TCP_UDP_NEXT_DROP;
468  }
469  else
470  {
471  if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
472  {
473  //Send to fragmentation node if necessary
474  vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
475  vnet_buffer (p0)->ip_frag.header_offset = 0;
476  vnet_buffer (p0)->ip_frag.next_index =
477  IP4_FRAG_NEXT_IP4_LOOKUP;
478  next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG;
479  }
480  }
481 
482  vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
483  to_next, n_left_to_next, pi0,
484  next0);
485  }
486  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
487  }
488  return frame->n_vectors;
489 }
490 
491 static_always_inline void
492 ip6_map_t_classify (vlib_buffer_t * p0, ip6_header_t * ip60,
493  map_domain_t * d0, i32 * src_port0,
494  u8 * error0, ip6_mapt_next_t * next0,
495  u32 l4_len0, ip6_frag_hdr_t * frag0)
496 {
497  if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset &&
498  ip6_frag_hdr_offset (frag0)))
499  {
500  *next0 = IP6_MAPT_NEXT_MAPT_FRAGMENTED;
501  if (d0->ea_bits_len == 0 && d0->rules)
502  {
503  *src_port0 = 0;
504  }
505  else
506  {
507  *src_port0 = ip6_map_fragment_get (ip60, frag0, d0);
508  *error0 = (*src_port0 != -1) ? *error0 : MAP_ERROR_FRAGMENT_DROPPED;
509  }
510  }
511  else
512  if (PREDICT_TRUE
513  (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_TCP))
514  {
515  *error0 =
516  l4_len0 < sizeof (tcp_header_t) ? MAP_ERROR_MALFORMED : *error0;
517  vnet_buffer (p0)->map_t.checksum_offset =
518  vnet_buffer (p0)->map_t.v6.l4_offset + 16;
519  *next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
520  *src_port0 =
521  (i32) *
522  ((u16 *) u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
523  }
524  else
525  if (PREDICT_TRUE
526  (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_UDP))
527  {
528  *error0 =
529  l4_len0 < sizeof (udp_header_t) ? MAP_ERROR_MALFORMED : *error0;
530  vnet_buffer (p0)->map_t.checksum_offset =
531  vnet_buffer (p0)->map_t.v6.l4_offset + 6;
532  *next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
533  *src_port0 =
534  (i32) *
535  ((u16 *) u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
536  }
537  else if (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_ICMP6)
538  {
539  *error0 =
540  l4_len0 < sizeof (icmp46_header_t) ? MAP_ERROR_MALFORMED : *error0;
541  *next0 = IP6_MAPT_NEXT_MAPT_ICMP;
542  if (d0->ea_bits_len == 0 && d0->rules)
543  {
544  *src_port0 = 0;
545  }
546  else
547  if (((icmp46_header_t *)
548  u8_ptr_add (ip60,
549  vnet_buffer (p0)->map_t.v6.l4_offset))->code ==
550  ICMP6_echo_reply
551  || ((icmp46_header_t *)
552  u8_ptr_add (ip60,
553  vnet_buffer (p0)->map_t.v6.l4_offset))->code ==
554  ICMP6_echo_request)
555  {
556  *src_port0 =
557  (i32) *
558  ((u16 *)
559  u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset + 6));
560  }
561  }
562  else
563  {
564  //TODO: In case of 1:1 mapping, it might be possible to do something with those packets.
565  *error0 = MAP_ERROR_BAD_PROTOCOL;
566  }
567 }
568 
569 static uword
570 ip6_map_t (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
571 {
572  u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
573  vlib_node_runtime_t *error_node =
574  vlib_node_get_runtime (vm, ip6_map_t_node.index);
575  vlib_combined_counter_main_t *cm = map_main.domain_counters;
576  u32 thread_index = vlib_get_thread_index ();
577 
578  from = vlib_frame_vector_args (frame);
579  n_left_from = frame->n_vectors;
580  next_index = node->cached_next_index;
581  while (n_left_from > 0)
582  {
583  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
584 
585 #ifdef IP6_MAP_T_DUAL_LOOP
586  while (n_left_from >= 4 && n_left_to_next >= 2)
587  {
588  u32 pi0, pi1;
589  vlib_buffer_t *p0, *p1;
590  ip6_header_t *ip60, *ip61;
591  u8 error0, error1;
592  ip6_mapt_next_t next0, next1;
593  u32 l4_len0, l4_len1;
594  i32 src_port0, src_port1;
595  map_domain_t *d0, *d1;
596  ip6_frag_hdr_t *frag0, *frag1;
597  u32 saddr0, saddr1;
598  next0 = next1 = 0; //Because compiler whines
599 
600  pi0 = to_next[0] = from[0];
601  pi1 = to_next[1] = from[1];
602  from += 2;
603  n_left_from -= 2;
604  to_next += 2;
605  n_left_to_next -= 2;
606 
607  error0 = MAP_ERROR_NONE;
608  error1 = MAP_ERROR_NONE;
609 
610  p0 = vlib_get_buffer (vm, pi0);
611  p1 = vlib_get_buffer (vm, pi1);
612  ip60 = vlib_buffer_get_current (p0);
613  ip61 = vlib_buffer_get_current (p1);
614 
615  saddr0 = map_get_ip4 (&ip60->src_address);
616  saddr1 = map_get_ip4 (&ip61->src_address);
617  d0 = ip6_map_get_domain (vnet_buffer (p0)->ip.adj_index[VLIB_TX],
618  (ip4_address_t *) & saddr0,
619  &vnet_buffer (p0)->map_t.map_domain_index,
620  &error0);
621  d1 =
622  ip6_map_get_domain (vnet_buffer (p1)->ip.adj_index[VLIB_TX],
623  (ip4_address_t *) & saddr1,
624  &vnet_buffer (p1)->map_t.map_domain_index,
625  &error1);
626 
627  vnet_buffer (p0)->map_t.v6.saddr = saddr0;
628  vnet_buffer (p1)->map_t.v6.saddr = saddr1;
629  vnet_buffer (p0)->map_t.v6.daddr =
630  ip6_map_t_embedded_address (d0, &ip60->dst_address);
631  vnet_buffer (p1)->map_t.v6.daddr =
632  ip6_map_t_embedded_address (d1, &ip61->dst_address);
633  vnet_buffer (p0)->map_t.mtu = d0->mtu ? d0->mtu : ~0;
634  vnet_buffer (p1)->map_t.mtu = d1->mtu ? d1->mtu : ~0;
635 
636  if (PREDICT_FALSE (ip6_parse (ip60, p0->current_length,
637  &(vnet_buffer (p0)->map_t.
638  v6.l4_protocol),
639  &(vnet_buffer (p0)->map_t.
640  v6.l4_offset),
641  &(vnet_buffer (p0)->map_t.
642  v6.frag_offset))))
643  {
644  error0 = MAP_ERROR_MALFORMED;
645  next0 = IP6_MAPT_NEXT_DROP;
646  }
647 
648  if (PREDICT_FALSE (ip6_parse (ip61, p1->current_length,
649  &(vnet_buffer (p1)->map_t.
650  v6.l4_protocol),
651  &(vnet_buffer (p1)->map_t.
652  v6.l4_offset),
653  &(vnet_buffer (p1)->map_t.
654  v6.frag_offset))))
655  {
656  error1 = MAP_ERROR_MALFORMED;
657  next1 = IP6_MAPT_NEXT_DROP;
658  }
659 
660  src_port0 = src_port1 = -1;
661  l4_len0 = (u32) clib_net_to_host_u16 (ip60->payload_length) +
662  sizeof (*ip60) - vnet_buffer (p0)->map_t.v6.l4_offset;
663  l4_len1 = (u32) clib_net_to_host_u16 (ip61->payload_length) +
664  sizeof (*ip60) - vnet_buffer (p1)->map_t.v6.l4_offset;
665  frag0 =
666  (ip6_frag_hdr_t *) u8_ptr_add (ip60,
667  vnet_buffer (p0)->map_t.
668  v6.frag_offset);
669  frag1 =
670  (ip6_frag_hdr_t *) u8_ptr_add (ip61,
671  vnet_buffer (p1)->map_t.
672  v6.frag_offset);
673 
674  ip6_map_t_classify (p0, ip60, d0, &src_port0, &error0, &next0,
675  l4_len0, frag0);
676  ip6_map_t_classify (p1, ip61, d1, &src_port1, &error1, &next1,
677  l4_len1, frag1);
678 
679  if (PREDICT_FALSE
680  ((src_port0 != -1)
681  && (ip60->src_address.as_u64[0] !=
682  map_get_pfx_net (d0, vnet_buffer (p0)->map_t.v6.saddr,
683  src_port0)
684  || ip60->src_address.as_u64[1] != map_get_sfx_net (d0,
685  vnet_buffer
686  (p0)->map_t.v6.saddr,
687  src_port0))))
688  {
689  error0 = MAP_ERROR_SEC_CHECK;
690  }
691 
692  if (PREDICT_FALSE
693  ((src_port1 != -1)
694  && (ip61->src_address.as_u64[0] !=
695  map_get_pfx_net (d1, vnet_buffer (p1)->map_t.v6.saddr,
696  src_port1)
697  || ip61->src_address.as_u64[1] != map_get_sfx_net (d1,
698  vnet_buffer
699  (p1)->map_t.v6.saddr,
700  src_port1))))
701  {
702  error1 = MAP_ERROR_SEC_CHECK;
703  }
704 
705  if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset &&
706  !ip6_frag_hdr_offset ((ip6_frag_hdr_t *)
707  u8_ptr_add (ip60,
708  vnet_buffer
709  (p0)->map_t.
710  v6.frag_offset)))
711  && (src_port0 != -1) && (d0->ea_bits_len != 0 || !d0->rules)
712  && (error0 == MAP_ERROR_NONE))
713  {
714  ip6_map_fragment_cache (ip60,
715  (ip6_frag_hdr_t *) u8_ptr_add (ip60,
716  vnet_buffer
717  (p0)->map_t.
718  v6.frag_offset),
719  d0, src_port0);
720  }
721 
722  if (PREDICT_FALSE (vnet_buffer (p1)->map_t.v6.frag_offset &&
723  !ip6_frag_hdr_offset ((ip6_frag_hdr_t *)
724  u8_ptr_add (ip61,
725  vnet_buffer
726  (p1)->map_t.
727  v6.frag_offset)))
728  && (src_port1 != -1) && (d1->ea_bits_len != 0 || !d1->rules)
729  && (error1 == MAP_ERROR_NONE))
730  {
731  ip6_map_fragment_cache (ip61,
732  (ip6_frag_hdr_t *) u8_ptr_add (ip61,
733  vnet_buffer
734  (p1)->map_t.
735  v6.frag_offset),
736  d1, src_port1);
737  }
738 
739  if (PREDICT_TRUE
740  (error0 == MAP_ERROR_NONE && next0 != IP6_MAPT_NEXT_MAPT_ICMP))
741  {
742  vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX,
743  thread_index,
744  vnet_buffer (p0)->
745  map_t.map_domain_index, 1,
746  clib_net_to_host_u16
747  (ip60->payload_length));
748  }
749 
750  if (PREDICT_TRUE
751  (error1 == MAP_ERROR_NONE && next1 != IP6_MAPT_NEXT_MAPT_ICMP))
752  {
753  vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX,
754  thread_index,
755  vnet_buffer (p1)->
756  map_t.map_domain_index, 1,
757  clib_net_to_host_u16
758  (ip61->payload_length));
759  }
760 
761  next0 = (error0 != MAP_ERROR_NONE) ? IP6_MAPT_NEXT_DROP : next0;
762  next1 = (error1 != MAP_ERROR_NONE) ? IP6_MAPT_NEXT_DROP : next1;
763  p0->error = error_node->errors[error0];
764  p1->error = error_node->errors[error1];
765  vlib_validate_buffer_enqueue_x2 (vm, node, next_index, to_next,
766  n_left_to_next, pi0, pi1, next0,
767  next1);
768  }
769 #endif
770 
771  while (n_left_from > 0 && n_left_to_next > 0)
772  {
773  u32 pi0;
774  vlib_buffer_t *p0;
775  ip6_header_t *ip60;
776  u8 error0;
777  u32 l4_len0;
778  i32 src_port0;
779  map_domain_t *d0;
780  ip6_frag_hdr_t *frag0;
781  ip6_mapt_next_t next0 = 0;
782  u32 saddr;
783 
784  pi0 = to_next[0] = from[0];
785  from += 1;
786  n_left_from -= 1;
787  to_next += 1;
788  n_left_to_next -= 1;
789  error0 = MAP_ERROR_NONE;
790 
791  p0 = vlib_get_buffer (vm, pi0);
792  ip60 = vlib_buffer_get_current (p0);
793  //Save saddr in a different variable to not overwrite ip.adj_index
794  saddr = map_get_ip4 (&ip60->src_address);
795  d0 = ip6_map_get_domain (vnet_buffer (p0)->ip.adj_index[VLIB_TX],
796  (ip4_address_t *) & saddr,
797  &vnet_buffer (p0)->map_t.map_domain_index,
798  &error0);
799 
800  //FIXME: What if d0 is null
801  vnet_buffer (p0)->map_t.v6.saddr = saddr;
802  vnet_buffer (p0)->map_t.v6.daddr =
803  ip6_map_t_embedded_address (d0, &ip60->dst_address);
804  vnet_buffer (p0)->map_t.mtu = d0->mtu ? d0->mtu : ~0;
805 
806  if (PREDICT_FALSE (ip6_parse (ip60, p0->current_length,
807  &(vnet_buffer (p0)->map_t.
808  v6.l4_protocol),
809  &(vnet_buffer (p0)->map_t.
810  v6.l4_offset),
811  &(vnet_buffer (p0)->map_t.
812  v6.frag_offset))))
813  {
814  error0 = MAP_ERROR_MALFORMED;
815  next0 = IP6_MAPT_NEXT_DROP;
816  }
817 
818  src_port0 = -1;
819  l4_len0 = (u32) clib_net_to_host_u16 (ip60->payload_length) +
820  sizeof (*ip60) - vnet_buffer (p0)->map_t.v6.l4_offset;
821  frag0 =
822  (ip6_frag_hdr_t *) u8_ptr_add (ip60,
823  vnet_buffer (p0)->map_t.
824  v6.frag_offset);
825 
826 
827  if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset &&
828  ip6_frag_hdr_offset (frag0)))
829  {
830  src_port0 = ip6_map_fragment_get (ip60, frag0, d0);
831  error0 = (src_port0 != -1) ? error0 : MAP_ERROR_FRAGMENT_MEMORY;
832  next0 = IP6_MAPT_NEXT_MAPT_FRAGMENTED;
833  }
834  else
835  if (PREDICT_TRUE
836  (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_TCP))
837  {
838  error0 =
839  l4_len0 <
840  sizeof (tcp_header_t) ? MAP_ERROR_MALFORMED : error0;
841  vnet_buffer (p0)->map_t.checksum_offset =
842  vnet_buffer (p0)->map_t.v6.l4_offset + 16;
843  next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
844  src_port0 =
845  (i32) *
846  ((u16 *)
847  u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
848  }
849  else
850  if (PREDICT_TRUE
851  (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_UDP))
852  {
853  error0 =
854  l4_len0 <
855  sizeof (udp_header_t) ? MAP_ERROR_MALFORMED : error0;
856  vnet_buffer (p0)->map_t.checksum_offset =
857  vnet_buffer (p0)->map_t.v6.l4_offset + 6;
858  next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
859  src_port0 =
860  (i32) *
861  ((u16 *)
862  u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
863  }
864  else if (vnet_buffer (p0)->map_t.v6.l4_protocol ==
865  IP_PROTOCOL_ICMP6)
866  {
867  error0 =
868  l4_len0 <
869  sizeof (icmp46_header_t) ? MAP_ERROR_MALFORMED : error0;
870  next0 = IP6_MAPT_NEXT_MAPT_ICMP;
871  if (((icmp46_header_t *)
872  u8_ptr_add (ip60,
873  vnet_buffer (p0)->map_t.v6.l4_offset))->code ==
874  ICMP6_echo_reply
875  || ((icmp46_header_t *)
876  u8_ptr_add (ip60,
877  vnet_buffer (p0)->map_t.v6.
878  l4_offset))->code == ICMP6_echo_request)
879  src_port0 =
880  (i32) *
881  ((u16 *)
882  u8_ptr_add (ip60,
883  vnet_buffer (p0)->map_t.v6.l4_offset + 6));
884  }
885  else
886  {
887  //TODO: In case of 1:1 mapping, it might be possible to do something with those packets.
888  error0 = MAP_ERROR_BAD_PROTOCOL;
889  }
890 
891  //Security check
892  if (PREDICT_FALSE
893  ((src_port0 != -1)
894  && (ip60->src_address.as_u64[0] !=
895  map_get_pfx_net (d0, vnet_buffer (p0)->map_t.v6.saddr,
896  src_port0)
897  || ip60->src_address.as_u64[1] != map_get_sfx_net (d0,
898  vnet_buffer
899  (p0)->map_t.v6.saddr,
900  src_port0))))
901  {
902  //Security check when src_port0 is not zero (non-first fragment, UDP or TCP)
903  error0 = MAP_ERROR_SEC_CHECK;
904  }
905 
906  //Fragmented first packet needs to be cached for following packets
907  if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset &&
908  !ip6_frag_hdr_offset ((ip6_frag_hdr_t *)
909  u8_ptr_add (ip60,
910  vnet_buffer
911  (p0)->map_t.
912  v6.frag_offset)))
913  && (src_port0 != -1) && (d0->ea_bits_len != 0 || !d0->rules)
914  && (error0 == MAP_ERROR_NONE))
915  {
916  ip6_map_fragment_cache (ip60,
917  (ip6_frag_hdr_t *) u8_ptr_add (ip60,
918  vnet_buffer
919  (p0)->map_t.
920  v6.frag_offset),
921  d0, src_port0);
922  }
923 
924  if (PREDICT_TRUE
925  (error0 == MAP_ERROR_NONE && next0 != IP6_MAPT_NEXT_MAPT_ICMP))
926  {
927  vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX,
928  thread_index,
929  vnet_buffer (p0)->
930  map_t.map_domain_index, 1,
931  clib_net_to_host_u16
932  (ip60->payload_length));
933  }
934 
935  next0 = (error0 != MAP_ERROR_NONE) ? IP6_MAPT_NEXT_DROP : next0;
936  p0->error = error_node->errors[error0];
937  vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
938  to_next, n_left_to_next, pi0,
939  next0);
940  }
941  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
942  }
943  return frame->n_vectors;
944 }
945 
946 static char *map_t_error_strings[] = {
947 #define _(sym,string) string,
948  foreach_map_error
949 #undef _
950 };
951 
952 /* *INDENT-OFF* */
953 VLIB_REGISTER_NODE(ip6_map_t_fragmented_node) = {
954  .function = ip6_map_t_fragmented,
955  .name = "ip6-map-t-fragmented",
956  .vector_size = sizeof (u32),
957  .format_trace = format_map_trace,
958  .type = VLIB_NODE_TYPE_INTERNAL,
959 
960  .n_errors = MAP_N_ERROR,
961  .error_strings = map_t_error_strings,
962 
963  .n_next_nodes = IP6_MAPT_FRAGMENTED_N_NEXT,
964  .next_nodes = {
965  [IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP] = "ip4-lookup",
966  [IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME,
967  [IP6_MAPT_FRAGMENTED_NEXT_DROP] = "error-drop",
968  },
969 };
970 /* *INDENT-ON* */
971 
972 /* *INDENT-OFF* */
973 VLIB_REGISTER_NODE(ip6_map_t_icmp_node) = {
974  .function = ip6_map_t_icmp,
975  .name = "ip6-map-t-icmp",
976  .vector_size = sizeof (u32),
977  .format_trace = format_map_trace,
978  .type = VLIB_NODE_TYPE_INTERNAL,
979 
980  .n_errors = MAP_N_ERROR,
981  .error_strings = map_t_error_strings,
982 
983  .n_next_nodes = IP6_MAPT_ICMP_N_NEXT,
984  .next_nodes = {
985  [IP6_MAPT_ICMP_NEXT_IP4_LOOKUP] = "ip4-lookup",
986  [IP6_MAPT_ICMP_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME,
987  [IP6_MAPT_ICMP_NEXT_DROP] = "error-drop",
988  },
989 };
990 /* *INDENT-ON* */
991 
992 /* *INDENT-OFF* */
993 VLIB_REGISTER_NODE(ip6_map_t_tcp_udp_node) = {
994  .function = ip6_map_t_tcp_udp,
995  .name = "ip6-map-t-tcp-udp",
996  .vector_size = sizeof (u32),
997  .format_trace = format_map_trace,
998  .type = VLIB_NODE_TYPE_INTERNAL,
999 
1000  .n_errors = MAP_N_ERROR,
1001  .error_strings = map_t_error_strings,
1002 
1003  .n_next_nodes = IP6_MAPT_TCP_UDP_N_NEXT,
1004  .next_nodes = {
1005  [IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP] = "ip4-lookup",
1006  [IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME,
1007  [IP6_MAPT_TCP_UDP_NEXT_DROP] = "error-drop",
1008  },
1009 };
1010 /* *INDENT-ON* */
1011 
1012 /* *INDENT-OFF* */
1013 VLIB_REGISTER_NODE(ip6_map_t_node) = {
1014  .function = ip6_map_t,
1015  .name = "ip6-map-t",
1016  .vector_size = sizeof(u32),
1017  .format_trace = format_map_trace,
1018  .type = VLIB_NODE_TYPE_INTERNAL,
1019 
1020  .n_errors = MAP_N_ERROR,
1021  .error_strings = map_t_error_strings,
1022 
1023  .n_next_nodes = IP6_MAPT_N_NEXT,
1024  .next_nodes = {
1025  [IP6_MAPT_NEXT_MAPT_TCP_UDP] = "ip6-map-t-tcp-udp",
1026  [IP6_MAPT_NEXT_MAPT_ICMP] = "ip6-map-t-icmp",
1027  [IP6_MAPT_NEXT_MAPT_FRAGMENTED] = "ip6-map-t-fragmented",
1028  [IP6_MAPT_NEXT_DROP] = "error-drop",
1029  },
1030 };
1031 /* *INDENT-ON* */
1032 
1033 /*
1034  * fd.io coding-style-patch-verification: ON
1035  *
1036  * Local Variables:
1037  * eval: (c-set-style "gnu")
1038  * End:
1039  */
map_ip4_reass_lock
#define map_ip4_reass_lock()
Definition: map.h:458
IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG
Definition: ip6_map_t.c:43
icmp6_to_icmp_ctx_t::d
map_domain_t * d
Definition: ip6_map_t.c:101
ip6_map_t_tcp_udp
static uword ip6_map_t_tcp_udp(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ip6_map_t.c:374
ip6_get_port
static u16 ip6_get_port(ip6_header_t *ip6, u8 sender, u16 buffer_len)
Get TCP/UDP port number or ICMP id from IPv6 packet.
Definition: ip6_to_ip4.h:90
map_main
map_main_t map_main
Definition: map.c:26
vlib_increment_combined_counter
static void vlib_increment_combined_counter(vlib_combined_counter_main_t *cm, u32 thread_index, u32 index, u64 n_packets, u64 n_bytes)
Increment a combined counter.
Definition: counter.h:211
ip6_mapt_next_t
ip6_mapt_next_t
Definition: ip6_map_t.c:23
ip4_header_t::src_address
ip4_address_t src_address
Definition: ip4_packet.h:164
icmp6_to_icmp
static int icmp6_to_icmp(vlib_buffer_t *p, ip6_to_ip4_set_fn_t fn, void *ctx, ip6_to_ip4_set_fn_t inner_fn, void *inner_ctx)
Translate ICMP6 packet to ICMP4.
Definition: ip6_to_ip4.h:249
IP6_MAPT_NEXT_MAPT_FRAGMENTED
Definition: ip6_map_t.c:27
PREDICT_TRUE
#define PREDICT_TRUE(x)
Definition: clib.h:106
ip6_address_t::as_u64
u64 as_u64[2]
Definition: ip6_packet.h:51
IP6_MAPT_NEXT_MAPT_TCP_UDP
Definition: ip6_map_t.c:25
NULL
#define NULL
Definition: clib.h:55
IP6_MAPT_ICMP_NEXT_IP4_LOOKUP
Definition: ip6_map_t.c:34
IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP
Definition: ip6_map_t.c:42
ip6_map_t
static uword ip6_map_t(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ip6_map_t.c:570
ip6_to_ip4_set_icmp_cb
static int ip6_to_ip4_set_icmp_cb(ip6_header_t *ip6, ip4_header_t *ip4, void *arg)
Definition: ip6_map_t.c:106
IP4_FRAG_NEXT_IP4_LOOKUP
Definition: ip_frag.h:51
vlib_node_runtime_t::errors
vlib_error_t * errors
Vector of errors for this node.
Definition: node.h:415
udp_header_t
Definition: udp_packet.h:43
tcp_header_t
struct _tcp_header tcp_header_t
ip6_header_t::src_address
ip6_address_t src_address
Definition: ip6_packet.h:341
vlib_frame_t
Definition: node.h:332
ip4_to_ip6.h
IPv4 to IPv6 translation.
vlib_node_runtime_t
Definition: node.h:409
ip6_map_t_embedded_address
static_always_inline u32 ip6_map_t_embedded_address(map_domain_t *d, ip6_address_t *addr)
Definition: map.h:527
static_always_inline
#define static_always_inline
Definition: clib.h:93
IP6_MAPT_N_NEXT
Definition: ip6_map_t.c:29
ip4_header_t::dst_address
ip4_address_t dst_address
Definition: ip4_packet.h:164
map_main_t::domain_counters
vlib_combined_counter_main_t * domain_counters
Definition: map.h:232
IP6_MAPT_FRAGMENTED_NEXT_DROP
Definition: ip6_map_t.c:52
i32
int i32
Definition: types.h:81
map_domain_t::rules
ip6_address_t * rules
Definition: map.h:83
ip6_parse
static_always_inline int ip6_parse(const ip6_header_t *ip6, u32 buff_len, u8 *l4_protocol, u16 *l4_offset, u16 *frag_hdr_offset)
Parse some useful information from IPv6 header.
Definition: ip6_to_ip4.h:59
map_domain_t::ea_bits_len
u8 ea_bits_len
Definition: map.h:91
ip6_map_fragment_get
static_always_inline i32 ip6_map_fragment_get(ip6_header_t *ip6, ip6_frag_hdr_t *frag, map_domain_t *d)
Definition: ip6_map_t.c:80
IP6_MAPT_NEXT_MAPT_ICMP
Definition: ip6_map_t.c:26
frag_id_6to4
#define frag_id_6to4(id)
Definition: ip6_to_ip4.h:45
ip6_to_ip4_tcp_udp
static int ip6_to_ip4_tcp_udp(vlib_buffer_t *p, ip6_to_ip4_set_fn_t fn, void *ctx, u8 udp_checksum)
Translate IPv6 UDP/TCP packet to IPv4.
Definition: ip6_to_ip4.h:481
IP6_MAPT_ICMP_N_NEXT
Definition: ip6_map_t.c:37
ip4_address_t
Definition: ip4_packet.h:49
ip6_header_t::protocol
u8 protocol
Definition: ip6_packet.h:335
pool_elt_at_index
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:459
vlib_buffer_t::current_length
u16 current_length
Nbytes between current data and the end of this buffer.
Definition: buffer.h:72
IP4_FRAG_NODE_NAME
#define IP4_FRAG_NODE_NAME
Definition: ip_frag.h:43
map_get_pfx_net
static_always_inline u64 map_get_pfx_net(map_domain_t *d, u32 addr, u16 port)
Definition: map.h:365
ip6_map_get_domain
static_always_inline map_domain_t * ip6_map_get_domain(u32 mdi, ip4_address_t *addr, u32 *map_domain_index, u8 *error)
Definition: map.h:423
map_domain_t
Definition: map.h:79
map_main_t::domains
map_domain_t * domains
Definition: map.h:228
ip6_map_t_tcp_udp_node
vlib_node_registration_t ip6_map_t_tcp_udp_node
(constructor) VLIB_REGISTER_NODE (ip6_map_t_tcp_udp_node)
Definition: ip6_map_t.c:993
ip6_map_fragment_cache
static_always_inline int ip6_map_fragment_cache(ip6_header_t *ip6, ip6_frag_hdr_t *frag, map_domain_t *d, u16 port)
Definition: ip6_map_t.c:57
map_get_sfx_net
static_always_inline u64 map_get_sfx_net(map_domain_t *d, u32 addr, u16 port)
Definition: map.h:394
vlib_buffer_get_current
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:195
IP6_MAPT_NEXT_DROP
Definition: ip6_map_t.c:28
map_ip4_reass_get
map_ip4_reass_t * map_ip4_reass_get(u32 src, u32 dst, u16 fragment_id, u8 protocol, u32 **pi_to_drop)
Definition: map.c:1463
PREDICT_FALSE
#define PREDICT_FALSE(x)
Definition: clib.h:105
IP6_MAPT_FRAGMENTED_N_NEXT
Definition: ip6_map_t.c:53
vlib_validate_buffer_enqueue_x2
#define vlib_validate_buffer_enqueue_x2(vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1)
Finish enqueueing two buffers forward in the graph.
Definition: buffer_node.h:70
vlib_validate_buffer_enqueue_x1
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
Definition: buffer_node.h:218
vlib_get_next_frame
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
Definition: node_funcs.h:364
vlib_buffer_t::error
vlib_error_t error
Error code for buffers to be enqueued to error handler.
Definition: buffer.h:113
ip6_map_t_fragmented_node
vlib_node_registration_t ip6_map_t_fragmented_node
(constructor) VLIB_REGISTER_NODE (ip6_map_t_fragmented_node)
Definition: ip6_map_t.c:953
ip6_mapt_tcp_udp_next_t
ip6_mapt_tcp_udp_next_t
Definition: ip6_map_t.c:40
vlib_frame_t::n_vectors
u16 n_vectors
Definition: node.h:344
vlib_get_thread_index
static_always_inline uword vlib_get_thread_index(void)
Definition: threads.h:221
ip6_map_t_icmp
static uword ip6_map_t_icmp(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ip6_map_t.c:151
vm
vlib_main_t * vm
Definition: buffer.c:283
IP6_MAPT_ICMP_NEXT_IP4_FRAG
Definition: ip6_map_t.c:35
IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP
Definition: ip6_map_t.c:50
vlib_node_get_runtime
static vlib_node_runtime_t * vlib_node_get_runtime(vlib_main_t *vm, u32 node_index)
Get node runtime by node index.
Definition: node_funcs.h:89
vlib_buffer_t
Definition: buffer.h:62
vlib_put_next_frame
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
Definition: main.c:454
foreach_map_error
#define foreach_map_error
Definition: map.h:299
icmp6_to_icmp_ctx_t::sender_port
u16 sender_port
Definition: ip6_map_t.c:102
ip6_mapt_icmp_next_t
ip6_mapt_icmp_next_t
Definition: ip6_map_t.c:32
ip6_map_t_icmp_node
vlib_node_registration_t ip6_map_t_icmp_node
(constructor) VLIB_REGISTER_NODE (ip6_map_t_icmp_node)
Definition: ip6_map_t.c:973
ip6_to_ip4_set_inner_icmp_cb
static int ip6_to_ip4_set_inner_icmp_cb(ip6_header_t *ip6, ip4_header_t *ip4, void *arg)
Definition: ip6_map_t.c:128
ip6_frag_hdr_offset
#define ip6_frag_hdr_offset(hdr)
Definition: ip6_packet.h:519
vlib_node_runtime_t::cached_next_index
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
Definition: node.h:456
u8_ptr_add
#define u8_ptr_add(ptr, index)
Definition: map.h:513
IP6_MAPT_TCP_UDP_N_NEXT
Definition: ip6_map_t.c:45
u32
unsigned int u32
Definition: types.h:88
ctx
long ctx[MAX_CONNS]
Definition: main.c:122
ip6_header_t
Definition: ip6_packet.h:325
map_ip4_reass_unlock
#define map_ip4_reass_unlock()
Definition: map.h:459
format_map_trace
u8 * format_map_trace(u8 *s, va_list *args)
Definition: map.c:1383
ip6_to_ip4.h
IPv6 to IPv4 translation.
ip6_to_ip4_set_cb
static int ip6_to_ip4_set_cb(ip6_header_t *ip6, ip4_header_t *ip4, void *ctx)
Definition: ip6_map_t.c:245
uword
u64 uword
Definition: types.h:112
IP6_MAPT_ICMP_NEXT_DROP
Definition: ip6_map_t.c:36
IP6_MAPT_TCP_UDP_NEXT_DROP
Definition: ip6_map_t.c:44
VLIB_TX
Definition: defs.h:47
u16
unsigned short u16
Definition: types.h:57
map_domain_t::mtu
u16 mtu
Definition: map.h:87
ip6_map_t_fragmented
static uword ip6_map_t_fragmented(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: ip6_map_t.c:256
ip6_header_t::payload_length
u16 payload_length
Definition: ip6_packet.h:332
map_get_ip4
static_always_inline u32 map_get_ip4(ip6_address_t *addr)
Definition: map.h:401
u8
unsigned char u8
Definition: types.h:56
map_ip4_reass_t::port
i32 port
Definition: map.h:133
vlib_main_t
Definition: main.h:59
vlib_frame_vector_args
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
Definition: node_funcs.h:267
map_ip4_reass_t
Definition: map.h:125
vlib_combined_counter_main_t
A collection of combined counters.
Definition: counter.h:180
map_t_error_strings
static char * map_t_error_strings[]
Definition: ip6_map_t.c:946
IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG
Definition: ip6_map_t.c:51
ip6_map_t_node
vlib_node_registration_t ip6_map_t_node
(constructor) VLIB_REGISTER_NODE (ip6_map_t_node)
Definition: ip6_map_t.c:1013
vnet_buffer
#define vnet_buffer(b)
Definition: buffer.h:326
VLIB_REGISTER_NODE
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:143
icmp6_to_icmp_ctx_t
Definition: ip6_map_t.c:99
ip6_map_t_classify
static_always_inline void ip6_map_t_classify(vlib_buffer_t *p0, ip6_header_t *ip60, map_domain_t *d0, i32 *src_port0, u8 *error0, ip6_mapt_next_t *next0, u32 l4_len0, ip6_frag_hdr_t *frag0)
Definition: ip6_map_t.c:492
ip4_address_t::as_u32
u32 as_u32
Definition: ip4_packet.h:56
ip4_header_t
Definition: ip4_packet.h:126
ip6_mapt_fragmented_next_t
ip6_mapt_fragmented_next_t
Definition: ip6_map_t.c:48
vlib_get_buffer
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:57
ip6_header_t::dst_address
ip6_address_t dst_address
Definition: ip6_packet.h:341
ip6_to_ip4_fragmented
static int ip6_to_ip4_fragmented(vlib_buffer_t *p, ip6_to_ip4_set_fn_t fn, void *ctx)
Translate IPv6 fragmented packet to IPv4.
Definition: ip6_to_ip4.h:425