FD.io VPP  v18.01-8-g0eacf49
Vector Packet Processing
nat_reass.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 /**
16  * @file
17  * @brief NAT plugin virtual fragmentation reassembly
18  */
19 #ifndef __included_nat_reass_h__
20 #define __included_nat_reass_h__
21 
22 #include <vnet/vnet.h>
23 #include <vnet/ip/ip.h>
24 #include <vppinfra/bihash_16_8.h>
25 #include <vppinfra/bihash_48_8.h>
26 #include <vppinfra/dlist.h>
27 
28 #define NAT_REASS_TIMEOUT_DEFAULT 2
29 #define NAT_MAX_REASS_DEAFULT 1024
30 #define NAT_MAX_FRAG_DEFAULT 5
31 #define NAT_REASS_HT_LOAD_FACTOR (0.75)
32 
33 typedef struct
34 {
35  union
36  {
37  struct
38  {
41  /* align by making this 4 octets even though its a 2 octets field */
43  /* align by making this 4 octets even though its a 1 octet field */
45  };
46  u64 as_u64[2];
47  };
49 
50 /* *INDENT-OFF* */
51 typedef CLIB_PACKED(struct
52 {
54  u32 lru_list_index;
55  u32 sess_index;
56  u32 thread_index;
57  f64 last_heard;
58  u32 frags_per_reass_list_head_index;
59  u8 frag_n;
60 }) nat_reass_ip4_t;
61 /* *INDENT-ON* */
62 
63 typedef struct
64 {
65  union
66  {
67  struct
68  {
72  /* align by making this 4 octets even though its a 1 octet field */
75  };
76  u64 as_u64[6];
77  };
79 
80 /* *INDENT-OFF* */
81 typedef CLIB_PACKED(struct
82 {
84  u32 lru_list_index;
85  u32 sess_index;
86  f64 last_heard;
87  u32 frags_per_reass_list_head_index;
88  u8 frag_n;
89 }) nat_reass_ip6_t;
90 /* *INDENT-ON* */
91 
92 typedef struct
93 {
94  /* IPv4 config */
99 
100  /* IPv6 config */
105 
106  /* IPv4 runtime */
107  nat_reass_ip4_t *ip4_reass_pool;
108  clib_bihash_16_8_t ip4_reass_hash;
114 
115  /* IPv6 runtime */
116  nat_reass_ip6_t *ip6_reass_pool;
117  clib_bihash_48_8_t ip6_reass_hash;
123 
124  /* convenience */
128 
129 /**
130  * @brief Set NAT virtual fragmentation reassembly configuration.
131  *
132  * @param timeout Reassembly timeout.
133  * @param max_reass Maximum number of concurrent reassemblies.
134  * @param max_frag Maximum number of fragmets per reassembly
135  * @param drop_frag If zero translate fragments, otherwise drop fragments.
136  * @param is_ip6 1 if IPv6, 0 if IPv4.
137  *
138  * @returns 0 on success, non-zero value otherwise.
139  */
140 int nat_reass_set (u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag,
141  u8 is_ip6);
142 
143 /**
144  * @brief Get reassembly timeout.
145  *
146  * @param is_ip6 1 if IPv6, 0 if IPv4.
147  *
148  * @returns reassembly timeout.
149  */
150 u32 nat_reass_get_timeout (u8 is_ip6);
151 
152 /**
153  * @brief Get maximum number of concurrent reassemblies.
154  *
155  * @param is_ip6 1 if IPv6, 0 if IPv4.
156  *
157  * @returns maximum number of concurrent reassemblies.
158  */
160 
161 /**
162  * @brief Get maximum number of fragmets per reassembly.
163  *
164  * @param is_ip6 1 if IPv6, 0 if IPv4.
165  *
166  * @returns maximum number of fragmets per reassembly.
167  */
168 u8 nat_reass_get_max_frag (u8 is_ip6);
169 
170 /**
171  * @brief Get status of virtual fragmentation reassembly.
172  *
173  * @param is_ip6 1 if IPv6, 0 if IPv4.
174  *
175  * @returns zero if translate fragments, non-zero value if drop fragments.
176  */
177 u8 nat_reass_is_drop_frag (u8 is_ip6);
178 
179 /**
180  * @brief Initialize NAT virtual fragmentation reassembly.
181  *
182  * @param vm vlib main.
183  *
184  * @return error code.
185  */
187 
188 /**
189  * @brief Find reassembly.
190  *
191  * @param src Source IPv4 address.
192  * @param dst Destination IPv4 address.
193  * @param frag_id Fragment ID.
194  * @param proto L4 protocol.
195  *
196  * @returns Reassembly data or 0 if not found.
197  */
198 nat_reass_ip4_t *nat_ip4_reass_find (ip4_address_t src,
199  ip4_address_t dst,
200  u16 frag_id, u8 proto);
201 
202 /**
203  * @brief Find or create reassembly.
204  *
205  * @param src Source IPv4 address.
206  * @param dst Destination IPv4 address.
207  * @param frag_id Fragment ID.
208  * @param proto L4 protocol.
209  * @param reset_timeout If non-zero value reset timeout.
210  * @param bi_to_drop Fragments to drop.
211  *
212  * @returns Reassembly data or 0 on failure.
213  */
214 nat_reass_ip4_t *nat_ip4_reass_find_or_create (ip4_address_t src,
215  ip4_address_t dst,
216  u16 frag_id, u8 proto,
217  u8 reset_timeout,
218  u32 ** bi_to_drop);
219 
220 /**
221  * @brief Cache fragment.
222  *
223  * @param reass Reassembly data.
224  * @param bi Buffer index.
225  *
226  * @returns 0 on success, non-zero value otherwise.
227  */
228 int nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi);
229 
230 /**
231  * @brief Get cached fragments.
232  *
233  * @param reass Reassembly data.
234  * @param bi Vector of buffer indexes.
235  */
236 void nat_ip4_reass_get_frags (nat_reass_ip4_t * reass, u32 ** bi);
237 
238 /**
239  * @breif Call back function when walking IPv4 reassemblies, non-zero return
240  * value stop walk.
241  */
242 typedef int (*nat_ip4_reass_walk_fn_t) (nat_reass_ip4_t * reass, void *ctx);
243 
244 /**
245  * @brief Walk IPv4 reassemblies.
246  *
247  * @param fn The function to invoke on each entry visited.
248  * @param ctx A context passed in the visit function.
249  */
251 
252 /**
253  * @brief Find or create reassembly.
254  *
255  * @param src Source IPv6 address.
256  * @param dst Destination IPv6 address.
257  * @param frag_id Fragment ID.
258  * @param proto L4 protocol.
259  * @param reset_timeout If non-zero value reset timeout.
260  * @param bi_to_drop Fragments to drop.
261  *
262  * @returns Reassembly data or 0 on failure.
263  */
264 nat_reass_ip6_t *nat_ip6_reass_find_or_create (ip6_address_t src,
265  ip6_address_t dst,
266  u32 frag_id, u8 proto,
267  u8 reset_timeout,
268  u32 ** bi_to_drop);
269 /**
270  * @brief Cache fragment.
271  *
272  * @param reass Reassembly data.
273  * @param bi Buffer index.
274  *
275  * @returns 0 on success, non-zero value otherwise.
276  */
277 int nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi);
278 
279 /**
280  * @brief Get cached fragments.
281  *
282  * @param reass Reassembly data.
283  * @param bi Vector of buffer indexes.
284  */
285 void nat_ip6_reass_get_frags (nat_reass_ip6_t * reass, u32 ** bi);
286 
287 /**
288  * @breif Call back function when walking IPv6 reassemblies, non-zero return
289  * value stop walk.
290  */
291 typedef int (*nat_ip6_reass_walk_fn_t) (nat_reass_ip6_t * reass, void *ctx);
292 
293 /**
294  * @brief Walk IPv6 reassemblies.
295  *
296  * @param fn The function to invoke on each entry visited.
297  * @param ctx A context passed in the visit function.
298  */
300 
301 #endif /* __included_nat_reass_h__ */
302 
303 /*
304  * fd.io coding-style-patch-verification: ON
305  *
306  * Local Variables:
307  * eval: (c-set-style "gnu")
308  * End:
309  */
ip4_address_t src
Definition: nat_reass.h:39
typedef CLIB_PACKED(struct{nat_reass_ip4_key_t key;u32 lru_list_index;u32 sess_index;u32 thread_index;f64 last_heard;u32 frags_per_reass_list_head_index;u8 frag_n;}) nat_reass_ip4_t
u16 nat_reass_get_max_reass(u8 is_ip6)
Get maximum number of concurrent reassemblies.
Definition: nat_reass.c:145
clib_error_t * nat_reass_init(vlib_main_t *vm)
Initialize NAT virtual fragmentation reassembly.
Definition: nat_reass.c:569
int nat_ip6_reass_add_fragment(nat_reass_ip6_t *reass, u32 bi)
Cache fragment.
Definition: nat_reass.c:513
void nat_ip6_reass_get_frags(nat_reass_ip6_t *reass, u32 **bi)
Get cached fragments.
Definition: nat_reass.c:538
u64 as_u64
Definition: bihash_doc.h:63
void nat_ip4_reass_walk(nat_ip4_reass_walk_fn_t fn, void *ctx)
Walk IPv4 reassemblies.
Definition: nat_reass.c:358
int(* nat_ip6_reass_walk_fn_t)(nat_reass_ip6_t *reass, void *ctx)
Call back function when walking IPv6 reassemblies, non-zero return value stop walk.
Definition: nat_reass.h:291
int nat_reass_set(u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag, u8 is_ip6)
Set NAT virtual fragmentation reassembly configuration.
Definition: nat_reass.c:84
u32 ip6_reass_head_index
Definition: nat_reass.h:120
dlist_elt_t * ip4_frags_list_pool
Definition: nat_reass.h:110
dlist_elt_t * ip6_reass_lru_list_pool
Definition: nat_reass.h:118
unsigned long u64
Definition: types.h:89
nat_reass_ip6_t * ip6_reass_pool
Definition: nat_reass.h:116
vnet_main_t * vnet_main
Definition: nat_reass.h:126
vlib_main_t * vlib_main
Definition: nat_reass.h:125
dlist_elt_t * ip4_reass_lru_list_pool
Definition: nat_reass.h:109
u8 nat_reass_is_drop_frag(u8 is_ip6)
Get status of virtual fragmentation reassembly.
Definition: nat_reass.c:167
nat_reass_ip4_t * nat_ip4_reass_find_or_create(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
Definition: nat_reass.c:219
int(* nat_ip4_reass_walk_fn_t)(nat_reass_ip4_t *reass, void *ctx)
Call back function when walking IPv4 reassemblies, non-zero return value stop walk.
Definition: nat_reass.h:242
u32 ip4_reass_head_index
Definition: nat_reass.h:111
vlib_main_t * vm
Definition: buffer.c:283
nat_reass_ip4_t * ip4_reass_pool
Definition: nat_reass.h:107
dlist_elt_t * ip6_frags_list_pool
Definition: nat_reass.h:119
ip6_address_t dst
Definition: nat_reass.h:70
clib_bihash_16_8_t ip4_reass_hash
Definition: nat_reass.h:108
nat_reass_ip4_t * nat_ip4_reass_find(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto)
Find reassembly.
Definition: nat_reass.c:198
unsigned int u32
Definition: types.h:88
nat_reass_ip6_t * nat_ip6_reass_find_or_create(ip6_address_t src, ip6_address_t dst, u32 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
Definition: nat_reass.c:402
long ctx[MAX_CONNS]
Definition: main.c:122
u32 nat_reass_get_timeout(u8 is_ip6)
Get reassembly timeout.
Definition: nat_reass.c:134
unsigned short u16
Definition: types.h:57
double f64
Definition: types.h:142
unsigned char u8
Definition: types.h:56
ip6_address_t src
Definition: nat_reass.h:69
int nat_ip4_reass_add_fragment(nat_reass_ip4_t *reass, u32 bi)
Cache fragment.
Definition: nat_reass.c:321
void nat_ip4_reass_get_frags(nat_reass_ip4_t *reass, u32 **bi)
Get cached fragments.
Definition: nat_reass.c:346
u8 nat_reass_get_max_frag(u8 is_ip6)
Get maximum number of fragmets per reassembly.
Definition: nat_reass.c:156
clib_bihash_48_8_t ip6_reass_hash
Definition: nat_reass.h:117
ip4_address_t dst
Definition: nat_reass.h:40
clib_spinlock_t ip6_reass_lock
Definition: nat_reass.h:122
void nat_ip6_reass_walk(nat_ip6_reass_walk_fn_t fn, void *ctx)
Walk IPv6 reassemblies.
Definition: nat_reass.c:550
clib_spinlock_t ip4_reass_lock
Definition: nat_reass.h:113