2 *------------------------------------------------------------------
3 * nat64_defs.h - NAT64 structure definiitions
5 * Copyright (c) 2007-2013 Cisco and/or its affiliates.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *------------------------------------------------------------------
20 #ifndef __NAT64_DEFS_H__
21 #define __NAT64_DEFS_H__
24 #include "spp_platform_common.h"
25 #include "cgse_defs.h"
26 #include "xlat_defs.h"
29 #include "cnat_ports.h"
30 #include "tcp_header_definitions.h"
31 #include "nat64_tcp_sm.h"
34 #define NAT64_MAX_FRAG_ID_COUNTERS (256)
36 #define NAT64_MAX_NAT64_ENTRIES 500
38 #define NAT64_MAX_ID (NAT64_MAX_NAT64_ENTRIES-1)
40 #define NAT64_INVALID_ID (0)
42 #define NAT64_MAX_CFG_INSTANCES 64
44 #define NAT64_TABLE_ENTRY_DELETED 0
45 #define NAT64_TABLE_ENTRY_ACTIVE 1
46 #define NAT64_TABLE_ENTRY_DORMANT 2
47 #define NAT64_TABLE_ENTRY_INVALID_UIDB 3
49 #define NAT64_MAX_TRANSLATION_ENTRIES PLATFORM_MAX_TRANSLATION_ENTRIES
51 #define NAT64_WKP_PREFIX_LEN 96
52 #define NAT64_WKP_PREFIX_0 0x0064FF9B
53 #define NAT64_WKP_PREFIX_1 0x00000000
54 #define NAT64_WKP_PREFIX_2 0x00000000
55 #define NAT64_WKP_PREFIX_3 0x00000000
58 /* Reset the expiry time only if it is not 0
59 ** if it is 0 - then queue for delete by clear command
62 #define NAT64_TIMEOUT_RST(db) \
63 if(PREDICT_TRUE(db->entry_expires !=0 )) \
64 db->entry_expires = cnat_current_time;
66 extern u32 nat64_config_debug_level;
67 extern u32 nat64_data_path_debug_level;
69 extern u32 nat64_translation_create_count[NAT64_MAX_NAT64_ENTRIES];
70 extern u32 nat64_translation_delete_count[NAT64_MAX_NAT64_ENTRIES];
71 extern u32 nat64_translation_create_rate[NAT64_MAX_NAT64_ENTRIES];
72 extern u32 nat64_translation_delete_rate[NAT64_MAX_NAT64_ENTRIES];
73 extern u32 nat64_in2out_forwarding_count[NAT64_MAX_NAT64_ENTRIES];
74 extern u32 nat64_in2out_forwarding_rate[NAT64_MAX_NAT64_ENTRIES];
75 extern u32 nat64_out2in_forwarding_count[NAT64_MAX_NAT64_ENTRIES];
76 extern u32 nat64_out2in_forwarding_rate[NAT64_MAX_NAT64_ENTRIES];
78 extern u32 nat64_translation_create_count_old[NAT64_MAX_NAT64_ENTRIES];
79 extern u32 nat64_translation_delete_count_old[NAT64_MAX_NAT64_ENTRIES];
80 extern u32 nat64_in2out_forwarding_count_old[NAT64_MAX_NAT64_ENTRIES];
81 extern u32 nat64_out2in_forwarding_count_old[NAT64_MAX_NAT64_ENTRIES];
83 extern u16 *nat64_frag_id_counter_ptr;
86 u64 v6_to_v4_tcp_input_count;
87 u64 v6_to_v4_tcp_non_translatable_drop_count;
88 u64 v6_to_v4_tcp_state_drop_count;
89 u64 v6_to_v4_tcp_no_db_drop_count;
90 u64 v6_to_v4_tcp_output_count;
91 } nat64_v6_to_v4_tcp_counter_t;
94 u64 v4_to_v6_tcp_input_count;
95 u64 v4_to_v6_tcp_no_db_drop_count;
96 u64 v4_to_v6_tcp_v4_init_policy_drop_count;
97 u64 v4_to_v6_tcp_state_drop_count;
98 u64 v4_to_v6_tcp_output_count;
99 u64 v4_to_v6_tcp_filter_drop_count;
100 } nat64_v4_to_v6_tcp_counter_t;
103 u64 v6_to_v4_udp_input_count;
104 u64 v6_to_v4_udp_non_translatable_drop_count;
105 u64 v6_to_v4_udp_no_db_drop_count;
106 u64 v6_to_v4_udp_output_count;
107 u64 v6_to_v4_udp_checksum_zero_count;
108 } nat64_v6_to_v4_udp_counter_t;
111 u64 v4_to_v6_udp_input_count;
112 u64 v4_to_v6_udp_no_db_drop_count;
113 u64 v4_to_v6_udp_filter_drop_count;
114 u64 v4_to_v6_udp_output_count;
115 u64 v4_to_v6_udp_crc_zero_drop_count;
116 u64 v4_to_v6_udp_frag_crc_zero_drop_count;
117 u64 v4_to_v6_udp_crc_zero_recycle_sent_count;
118 u64 v4_to_v6_udp_crc_zero_recycle_drop_count;
119 } nat64_v4_to_v6_udp_counter_t;
122 u64 v6_to_v4_icmp_input_count;
123 u64 v6_to_v4_icmp_no_db_drop_count;
124 u64 v6_to_v4_icmp_non_translatable_drop_count;
125 u64 v6_to_v4_icmp_qry_output_count;
126 } nat64_v6_to_v4_icmp_counter_t;
129 u64 v4_to_v6_icmp_input_count;
130 u64 v4_to_v6_icmp_no_db_drop_count;
131 u64 v4_to_v6_icmp_filter_drop;
132 u64 v4_to_v6_icmp_qry_output_count;
133 } nat64_v4_to_v6_icmp_counter_t;
136 u64 v6_to_v4_icmp_error_input_count;
137 u64 v6_to_v4_icmp_error_no_db_drop_count;
138 u64 v6_to_v4_icmp_error_invalid_next_hdr_drop_count;
139 u64 v6_to_v4_icmp_error_non_translatable_drop_count;
140 u64 v6_to_v4_icmp_error_unsupported_type_drop_count;
141 u64 v6_to_v4_icmp_error_output_count;
142 } nat64_v6_to_v4_icmp_error_counter_t;
145 u64 v4_to_v6_icmp_error_input_count;
146 u64 v4_to_v6_icmp_error_no_db_drop_count;
147 u64 v4_to_v6_icmp_error_unsupported_type_drop_count;
148 u64 v4_to_v6_icmp_error_unsupported_protocol_drop_count;
149 u64 v4_to_v6_icmp_error_output_count;
150 } nat64_v4_to_v6_icmp_error_counter_t;
155 u64 nat64_v4_frag_input_count;
156 u64 nat64_v4_frag_forward_count;
157 u64 nat64_v4_frag_drop_count;
158 u64 nat64_v4_frag_throttled_count;
159 u64 nat64_v4_frag_timeout_drop_count;
160 u64 nat64_v4_frag_tcp_input_count;
161 u64 nat64_v4_frag_udp_input_count;
162 u64 nat64_v4_frag_icmp_input_count;
164 u64 nat64_v6_frag_input_count;
165 u64 nat64_v6_frag_forward_count;
166 u64 nat64_v6_frag_drop_count;
167 u64 nat64_v6_frag_throttled_count;
168 u64 nat64_v6_frag_timeout_drop_count;
169 u64 nat64_v6_frag_tcp_input_count;
170 u64 nat64_v6_frag_udp_input_count;
171 u64 nat64_v6_frag_icmp_input_count;
172 u64 nat64_v6_frag_invalid_input_count;
173 } nat64_frag_counter_t;
176 u64 v6_to_v4_options_input_count;
177 u64 v6_to_v4_options_drop_count;
178 u64 v6_to_v4_options_forward_count;
179 u64 v6_to_v4_options_no_db_drop_count;
180 u64 v6_to_v4_unsupp_proto_count;
182 u64 v4_to_v6_options_input_count;
183 u64 v4_to_v6_options_drop_count;
184 u64 v4_to_v6_options_forward_count;
185 u64 v4_to_v6_options_no_db_drop_count;
186 u64 v4_to_v6_unsupp_proto_count;
187 } nat64_options_counter_t;
190 u64 v4_icmp_gen_count;
191 u64 v6_icmp_gen_count;
192 } nat64_icmp_gen_counter_t;
195 u32 nat64_num_translations;
196 u32 nat64_num_dynamic_translations;
197 u32 nat64_num_static_translations;
199 u64 nat64_port_limit_exceeded;
200 u64 nat64_system_limit_reached;
201 u64 nat64_resource_depletion_drops;
202 u64 nat64_no_translation_entry_drops;
203 u64 nat64_filtering_drops ;
204 u64 nat64_invalid_ipv6_prefix_drops;
207 u64 drops_sessiondb_limit_exceeded;
208 } nat64_inst_gen_counter_t;
212 nat64_v6_to_v4_tcp_counter_t v64_tcp_counters;
213 nat64_v4_to_v6_tcp_counter_t v46_tcp_counters;
214 nat64_v6_to_v4_udp_counter_t v64_udp_counters;
215 nat64_v4_to_v6_udp_counter_t v46_udp_counters;
216 nat64_v6_to_v4_icmp_counter_t v64_icmp_counters;
217 nat64_v4_to_v6_icmp_counter_t v46_icmp_counters;
218 nat64_v6_to_v4_icmp_error_counter_t v64_icmp_error_counters;
219 nat64_v4_to_v6_icmp_error_counter_t v46_icmp_error_counters;
220 nat64_frag_counter_t nat64_frag_counters;
221 nat64_options_counter_t nat64_options_counters;
222 nat64_icmp_gen_counter_t nat64_icmp_gen_counters;
228 * This structure stores information about the IP address and ports
229 * available for NAT for this nat64 instance.
234 u32 last_sent_timestamp;
236 u32 ipv4_address; /* native bit order */
237 uword bm[(BITS_PER_INST + BITS(uword)-1)/BITS(uword)];
242 * This structure gives information about the v4 transport address
243 * (ipv4, port, protocol)
248 u16 vrf; //bit0-12:inst_id, bit13:unused, bit14-15:protocol
251 /* Union will be easier while compare/hash */
258 * This structure gives information about the v6 transport address
259 * (ipv6, port, protocol)
264 u16 vrf; //bit0-12:inst_id, bit13:unused, bit14-15:protocol
270 u16 tcp_trans_timeout;
272 u16 tcp_v4_init_timeout;
275 } nat64_timeout_info_t;
277 #define NAT64_UDP_DEF 300 /* 5min */
278 #define NAT64_TCP_TRANS_DEF 240 /* 4min */
279 #define NAT64_TCP_EST_DEF 7200 /* 2Hrs */
280 #define NAT64_TCP_V4_DEF 6 /* 6 sec */
281 #define NAT64_FRAG_DEF 2 /* 2 sec */
282 #define NAT64_ICMP_DEF 60 /* 60 sec */
285 * nat64_table_entry_t
286 * This structure is used to store information regarding every nat64 instance.
289 /* structure will hold the L4 information, of a particular frag stream set
290 * src_port - holds the original src port
291 * dst_port - holds the original dst port
292 * total_len - useful only in ICMP nodes
293 * cnat_port - vlaue used for looksups
294 * next_prot - Protocol after translation */
296 typedef struct l4_frag_info {
308 u16 nat64_id; /* nat64_id value for this table entry - for easy access */
310 u16 v4_uidb_index; /* V4 uidb index */
311 u16 v6_uidb_index; /* V6 uidb index */
318 u16 v4_to_v6_tcp_mss; /* TCP MSS */
319 u16 v6_to_v4_tcp_mss; /* TCP MSS */
322 * V6 NAT64 prefix value and mask size
325 u32 v6_prefix_mask[4];
327 u8 v6_prefix_mask_len;
328 u8 ubits_reserved_on;
329 #define IPV4_TOS_OVERRIDE_FLAG 0x1
330 #define IPV6_TOS_OVERRIDE_FLAG 0x2
331 #define NAT64_STFUL_RTSP_ALG_ENABLE 0x4
340 #define NAT64_ADDRESS_DEPENDENT_ENABLE 1
342 #define NAT64_TCP_SECURITY_FLAG_DISABLE 1
345 u8 tcp_v4_init_enable;
346 #define NAT64_TCP_V4_INIT_ENABLE 1
349 #define NAT64_BIB_LOG_ENABLE 0 /* Default */
350 #define NAT64_SESSION_LOG_ENABLE 1
352 #define NAT64_BIDIR_REFRESH 1 /* 1 - timer refresh in both direction */
353 #define NAT64_UNIDIR_REFRESH 0 /* 0 - default (only v6 side refresh timer)*/
355 u8 nat64_refresh_both_direction; /* 0 - default (only v6 side refresh timer) */
356 #define NAT64_BIDIR_REFRESH 1 /* 1 - timer refresh in both direction */
358 u8 udp_zero_checksum; /* 0 - default (calc checksum) */
359 #define NAT64_UDP_ZERO_CHECKSUM_DROP 1 /* 1 -drop */
363 cnat_portmap_v2_t *port_map;
367 nat64_timeout_info_t timeout_info;
369 * These fields are not used much, let us keep it in the end
371 u32 v4_vrf_id; /* V4 vrf id */
372 u32 v6_vrf_id; /* V6 vrf id */
374 u32 v4_if_num; /* V4 SVI ifnum */
375 u32 v6_if_num; /* V6 SVI ifnum */
380 u32 pcp_server_addr[4];
382 #define NAT64_FRAG_ENABLE 1
383 #define NAT64_FRAG_DISABLE 0
385 u8 nat64_enable; /* Enable/Disable this instance. */
389 } nat64_table_entry_t;
393 extern nat64_table_entry_t nat64_table_array[NAT64_MAX_NAT64_ENTRIES];
394 extern nat64_table_entry_t *nat64_table_ptr;
395 extern nat64_counters_t nat64_all_counters[NAT64_MAX_NAT64_ENTRIES];
396 extern nat64_inst_gen_counter_t nat64_inst_gen_counters[NAT64_MAX_NAT64_ENTRIES];
398 typedef struct nat64_common_pipeline_data_ {
400 spp_node_main_vector_t *nmv;
405 nat64_table_entry_t *nat64_entry_ptr;
407 } nat64_common_pipeline_data_t;
409 typedef struct nat64_v6_to_v4_pipeline_data_ {
410 nat64_common_pipeline_data_t common_data;
415 nat64_v6_key_t v6_in_key;
416 nat64_v6_key_t v6_dest_key;
419 * IPv6 Data, everthing in host order except for the addr fields
421 u32 version_trafficclass_flowlabel;
428 * These Address fields are in Network Order, so that
429 * it is easy to extract the IPv4 address from them
437 u16 frag_offset_res_m;
438 u32 frag_identification;
440 ipv4_header *ipv4_header;
449 struct _v4_icmp_info {
450 icmp_v4_t *ipv4_icmp_header;
456 u16 old_iden; // length (ICMP extn), ptr (param)
457 u16 new_iden; // ----- do -------------
458 u16 old_seq; // MTU for PTB case
459 u16 new_seq; // ----- do -------------
461 struct _v4_udp_info {
462 udp_hdr_type_t *ipv4_udp_header;
468 struct _v4_tcp_info {
469 tcp_hdr_type *ipv4_tcp_header;
473 nat64_tcp_events tcp_event;
478 l4_frag_info_t *frag_info; /* port for tcp/udp, ident - icmp */
481 /* Counters will be added here */
483 nat64_v6_to_v4_tcp_counter_t *tcp_counter;
484 nat64_v6_to_v4_udp_counter_t *udp_counter;
485 nat64_v6_to_v4_icmp_counter_t *icmp_counter;
486 nat64_v6_to_v4_icmp_error_counter_t *icmp_error_counter;
487 nat64_frag_counter_t *frag_counter;
488 nat64_options_counter_t *options_counter;
490 nat64_icmp_gen_counter_t *icmp_gen_counter;
491 } nat64_v6_to_v4_pipeline_data_t;
494 typedef struct nat64_v4_to_v6_pipeline_data_ {
495 nat64_common_pipeline_data_t common_data;
500 nat64_v4_key_t v4_src_key; /* Will be translated using Prefix */
501 nat64_v4_key_t v4_dest_key; /* will be the out key for NAT64 */
506 u8 version_hdr_len_words;
511 u16 frag_flags_offset;
521 * Pointers to IPv6 headers
523 ipv6_header_t *ipv6_header;
524 ipv6_frag_header_t *ipv6_frag_header;
534 struct _v6_icmp_info {
535 icmp_v6_t *ipv6_icmp_header;
540 u16 old_iden; // length (ICMP extn), ptr (param)
541 u16 new_iden; // ----- do -------------
542 u16 old_seq; // MTU for PTB case
543 u16 new_seq; // ----- do -------------
545 struct _v6_udp_info {
546 udp_hdr_type_t *ipv6_udp_header;
552 struct _v6_tcp_info {
553 tcp_hdr_type *ipv6_tcp_header;
557 nat64_tcp_events tcp_event;
561 l4_frag_info_t *frag_info; /* port for tcp/udp, ident - icmp */
563 /* Need to add counters here */
565 nat64_v4_to_v6_tcp_counter_t *tcp_counter;
566 nat64_v4_to_v6_udp_counter_t *udp_counter;
567 nat64_v4_to_v6_icmp_counter_t *icmp_counter;
568 nat64_v4_to_v6_icmp_error_counter_t *icmp_error_counter;
569 nat64_frag_counter_t *frag_counter;
570 nat64_options_counter_t *options_counter;
572 nat64_icmp_gen_counter_t *icmp_gen_counter;
574 } nat64_v4_to_v6_pipeline_data_t;