FD.io VPP  v18.07.1-13-g909ba93
Vector Packet Processing
nat_reass.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 /**
16  * @file
17  * @brief NAT plugin virtual fragmentation reassembly
18  */
19 #ifndef __included_nat_reass_h__
20 #define __included_nat_reass_h__
21 
22 #include <vnet/vnet.h>
23 #include <vnet/ip/ip.h>
24 #include <vppinfra/bihash_16_8.h>
25 #include <vppinfra/bihash_48_8.h>
26 #include <vppinfra/dlist.h>
27 
28 #define NAT_REASS_TIMEOUT_DEFAULT 2
29 #define NAT_MAX_REASS_DEAFULT 1024
30 #define NAT_MAX_FRAG_DEFAULT 5
31 #define NAT_REASS_HT_LOAD_FACTOR (0.75)
32 
33 #define NAT_REASS_FLAG_MAX_FRAG_DROP 1
34 
35 typedef struct
36 {
37  union
38  {
39  struct
40  {
43  /* align by making this 4 octets even though its a 2 octets field */
45  /* align by making this 4 octets even though its a 1 octet field */
47  };
48  u64 as_u64[2];
49  };
51 
52 /* *INDENT-OFF* */
53 typedef CLIB_PACKED(struct
54 {
56  u32 lru_list_index;
57  u32 sess_index;
58  u32 thread_index;
59  f64 last_heard;
60  u32 frags_per_reass_list_head_index;
61  u8 frag_n;
62  u8 flags;
63 }) nat_reass_ip4_t;
64 /* *INDENT-ON* */
65 
66 typedef struct
67 {
68  union
69  {
70  struct
71  {
75  /* align by making this 4 octets even though its a 1 octet field */
78  };
79  u64 as_u64[6];
80  };
82 
83 /* *INDENT-OFF* */
84 typedef CLIB_PACKED(struct
85 {
87  u32 lru_list_index;
88  u32 sess_index;
89  f64 last_heard;
90  u32 frags_per_reass_list_head_index;
91  u8 frag_n;
92  u8 flags;
93 }) nat_reass_ip6_t;
94 /* *INDENT-ON* */
95 
96 typedef struct
97 {
98  /* IPv4 config */
103 
104  /* IPv6 config */
109 
110  /* IPv4 runtime */
111  nat_reass_ip4_t *ip4_reass_pool;
112  clib_bihash_16_8_t ip4_reass_hash;
118 
119  /* IPv6 runtime */
120  nat_reass_ip6_t *ip6_reass_pool;
121  clib_bihash_48_8_t ip6_reass_hash;
127 
128  /* convenience */
132 
133 /**
134  * @brief Set NAT virtual fragmentation reassembly configuration.
135  *
136  * @param timeout Reassembly timeout.
137  * @param max_reass Maximum number of concurrent reassemblies.
138  * @param max_frag Maximum number of fragmets per reassembly
139  * @param drop_frag If zero translate fragments, otherwise drop fragments.
140  * @param is_ip6 1 if IPv6, 0 if IPv4.
141  *
142  * @returns 0 on success, non-zero value otherwise.
143  */
144 int nat_reass_set (u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag,
145  u8 is_ip6);
146 
147 /**
148  * @brief Get reassembly timeout.
149  *
150  * @param is_ip6 1 if IPv6, 0 if IPv4.
151  *
152  * @returns reassembly timeout.
153  */
154 u32 nat_reass_get_timeout (u8 is_ip6);
155 
156 /**
157  * @brief Get maximum number of concurrent reassemblies.
158  *
159  * @param is_ip6 1 if IPv6, 0 if IPv4.
160  *
161  * @returns maximum number of concurrent reassemblies.
162  */
164 
165 /**
166  * @brief Get maximum number of fragmets per reassembly.
167  *
168  * @param is_ip6 1 if IPv6, 0 if IPv4.
169  *
170  * @returns maximum number of fragmets per reassembly.
171  */
172 u8 nat_reass_get_max_frag (u8 is_ip6);
173 
174 /**
175  * @brief Get status of virtual fragmentation reassembly.
176  *
177  * @param is_ip6 1 if IPv6, 0 if IPv4.
178  *
179  * @returns zero if translate fragments, non-zero value if drop fragments.
180  */
181 u8 nat_reass_is_drop_frag (u8 is_ip6);
182 
183 /**
184  * @brief Initialize NAT virtual fragmentation reassembly.
185  *
186  * @param vm vlib main.
187  *
188  * @return error code.
189  */
191 
192 /**
193  * @brief Find reassembly.
194  *
195  * @param src Source IPv4 address.
196  * @param dst Destination IPv4 address.
197  * @param frag_id Fragment ID.
198  * @param proto L4 protocol.
199  *
200  * @returns Reassembly data or 0 if not found.
201  */
202 nat_reass_ip4_t *nat_ip4_reass_find (ip4_address_t src,
203  ip4_address_t dst,
204  u16 frag_id, u8 proto);
205 
206 /**
207  * @brief Find or create reassembly.
208  *
209  * @param src Source IPv4 address.
210  * @param dst Destination IPv4 address.
211  * @param frag_id Fragment ID.
212  * @param proto L4 protocol.
213  * @param reset_timeout If non-zero value reset timeout.
214  * @param bi_to_drop Fragments to drop.
215  *
216  * @returns Reassembly data or 0 on failure.
217  */
218 nat_reass_ip4_t *nat_ip4_reass_find_or_create (ip4_address_t src,
219  ip4_address_t dst,
220  u16 frag_id, u8 proto,
221  u8 reset_timeout,
222  u32 ** bi_to_drop);
223 
224 /**
225  * @brief Cache fragment.
226  *
227  * @param reass Reassembly data.
228  * @param bi Buffer index.
229  * @param bi_to_drop Fragments to drop.
230  *
231  * @returns 0 on success, non-zero value otherwise.
232  */
233 int nat_ip4_reass_add_fragment (nat_reass_ip4_t * reass, u32 bi,
234  u32 ** bi_to_drop);
235 
236 /**
237  * @brief Get cached fragments.
238  *
239  * @param reass Reassembly data.
240  * @param bi Vector of buffer indexes.
241  */
242 void nat_ip4_reass_get_frags (nat_reass_ip4_t * reass, u32 ** bi);
243 
244 /**
245  * @breif Call back function when walking IPv4 reassemblies, non-zero return
246  * value stop walk.
247  */
248 typedef int (*nat_ip4_reass_walk_fn_t) (nat_reass_ip4_t * reass, void *ctx);
249 
250 /**
251  * @brief Walk IPv4 reassemblies.
252  *
253  * @param fn The function to invoke on each entry visited.
254  * @param ctx A context passed in the visit function.
255  */
257 
258 /**
259  * @brief Find or create reassembly.
260  *
261  * @param src Source IPv6 address.
262  * @param dst Destination IPv6 address.
263  * @param frag_id Fragment ID.
264  * @param proto L4 protocol.
265  * @param reset_timeout If non-zero value reset timeout.
266  * @param bi_to_drop Fragments to drop.
267  *
268  * @returns Reassembly data or 0 on failure.
269  */
270 nat_reass_ip6_t *nat_ip6_reass_find_or_create (ip6_address_t src,
271  ip6_address_t dst,
272  u32 frag_id, u8 proto,
273  u8 reset_timeout,
274  u32 ** bi_to_drop);
275 /**
276  * @brief Cache fragment.
277  *
278  * @param reass Reassembly data.
279  * @param bi Buffer index.
280  * @param bi_to_drop Fragments to drop.
281  *
282  * @returns 0 on success, non-zero value otherwise.
283  */
284 int nat_ip6_reass_add_fragment (nat_reass_ip6_t * reass, u32 bi,
285  u32 ** bi_to_drop);
286 
287 /**
288  * @brief Get cached fragments.
289  *
290  * @param reass Reassembly data.
291  * @param bi Vector of buffer indexes.
292  */
293 void nat_ip6_reass_get_frags (nat_reass_ip6_t * reass, u32 ** bi);
294 
295 /**
296  * @breif Call back function when walking IPv6 reassemblies, non-zero return
297  * value stop walk.
298  */
299 typedef int (*nat_ip6_reass_walk_fn_t) (nat_reass_ip6_t * reass, void *ctx);
300 
301 /**
302  * @brief Walk IPv6 reassemblies.
303  *
304  * @param fn The function to invoke on each entry visited.
305  * @param ctx A context passed in the visit function.
306  */
308 
309 #endif /* __included_nat_reass_h__ */
310 
311 /*
312  * fd.io coding-style-patch-verification: ON
313  *
314  * Local Variables:
315  * eval: (c-set-style "gnu")
316  * End:
317  */
int nat_ip4_reass_add_fragment(nat_reass_ip4_t *reass, u32 bi, u32 **bi_to_drop)
Cache fragment.
Definition: nat_reass.c:336
ip4_address_t src
Definition: nat_reass.h:41
u16 nat_reass_get_max_reass(u8 is_ip6)
Get maximum number of concurrent reassemblies.
Definition: nat_reass.c:146
clib_error_t * nat_reass_init(vlib_main_t *vm)
Initialize NAT virtual fragmentation reassembly.
Definition: nat_reass.c:605
void nat_ip6_reass_get_frags(nat_reass_ip6_t *reass, u32 **bi)
Get cached fragments.
Definition: nat_reass.c:574
u64 as_u64
Definition: bihash_doc.h:63
unsigned long u64
Definition: types.h:89
void nat_ip4_reass_walk(nat_ip4_reass_walk_fn_t fn, void *ctx)
Walk IPv4 reassemblies.
Definition: nat_reass.c:380
int(* nat_ip6_reass_walk_fn_t)(nat_reass_ip6_t *reass, void *ctx)
Call back function when walking IPv6 reassemblies, non-zero return value stop walk.
Definition: nat_reass.h:299
unsigned char u8
Definition: types.h:56
int nat_reass_set(u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag, u8 is_ip6)
Set NAT virtual fragmentation reassembly configuration.
Definition: nat_reass.c:85
double f64
Definition: types.h:142
u32 ip6_reass_head_index
Definition: nat_reass.h:124
dlist_elt_t * ip4_frags_list_pool
Definition: nat_reass.h:114
dlist_elt_t * ip6_reass_lru_list_pool
Definition: nat_reass.h:122
unsigned int u32
Definition: types.h:88
nat_reass_ip6_t * ip6_reass_pool
Definition: nat_reass.h:120
vnet_main_t * vnet_main
Definition: nat_reass.h:130
vlib_main_t * vlib_main
Definition: nat_reass.h:129
dlist_elt_t * ip4_reass_lru_list_pool
Definition: nat_reass.h:113
u8 nat_reass_is_drop_frag(u8 is_ip6)
Get status of virtual fragmentation reassembly.
Definition: nat_reass.c:168
unsigned short u16
Definition: types.h:57
nat_reass_ip4_t * nat_ip4_reass_find_or_create(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
Definition: nat_reass.c:220
int nat_ip6_reass_add_fragment(nat_reass_ip6_t *reass, u32 bi, u32 **bi_to_drop)
Cache fragment.
Definition: nat_reass.c:542
int(* nat_ip4_reass_walk_fn_t)(nat_reass_ip4_t *reass, void *ctx)
Call back function when walking IPv4 reassemblies, non-zero return value stop walk.
Definition: nat_reass.h:248
u32 flags
Definition: vhost_user.h:110
u32 ip4_reass_head_index
Definition: nat_reass.h:115
vlib_main_t * vm
Definition: buffer.c:294
nat_reass_ip4_t * ip4_reass_pool
Definition: nat_reass.h:111
dlist_elt_t * ip6_frags_list_pool
Definition: nat_reass.h:123
typedef CLIB_PACKED(struct{nat_reass_ip4_key_t key;u32 lru_list_index;u32 sess_index;u32 thread_index;f64 last_heard;u32 frags_per_reass_list_head_index;u8 frag_n;u8 flags;}) nat_reass_ip4_t
ip6_address_t dst
Definition: nat_reass.h:73
clib_bihash_16_8_t ip4_reass_hash
Definition: nat_reass.h:112
nat_reass_ip4_t * nat_ip4_reass_find(ip4_address_t src, ip4_address_t dst, u16 frag_id, u8 proto)
Find reassembly.
Definition: nat_reass.c:199
nat_reass_ip6_t * nat_ip6_reass_find_or_create(ip6_address_t src, ip6_address_t dst, u32 frag_id, u8 proto, u8 reset_timeout, u32 **bi_to_drop)
Find or create reassembly.
Definition: nat_reass.c:424
long ctx[MAX_CONNS]
Definition: main.c:126
u32 nat_reass_get_timeout(u8 is_ip6)
Get reassembly timeout.
Definition: nat_reass.c:135
ip6_address_t src
Definition: nat_reass.h:72
void nat_ip4_reass_get_frags(nat_reass_ip4_t *reass, u32 **bi)
Get cached fragments.
Definition: nat_reass.c:368
u8 nat_reass_get_max_frag(u8 is_ip6)
Get maximum number of fragmets per reassembly.
Definition: nat_reass.c:157
clib_bihash_48_8_t ip6_reass_hash
Definition: nat_reass.h:121
ip4_address_t dst
Definition: nat_reass.h:42
clib_spinlock_t ip6_reass_lock
Definition: nat_reass.h:126
void nat_ip6_reass_walk(nat_ip6_reass_walk_fn_t fn, void *ctx)
Walk IPv6 reassemblies.
Definition: nat_reass.c:586
clib_spinlock_t ip4_reass_lock
Definition: nat_reass.h:117