src/plugins/nat/nat66/nat66.c

   1 /*
   2  * Copyright (c) 2018 Cisco and/or its affiliates.
   3  * Licensed under the Apache License, Version 2.0 (the "License");
   4  * you may not use this file except in compliance with the License.
   5  * You may obtain a copy of the License at:
   6  *
   7  *     http://www.apache.org/licenses/LICENSE-2.0
   8  *
   9  * Unless required by applicable law or agreed to in writing, software
  10  * distributed under the License is distributed on an "AS IS" BASIS,
  11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12  * See the License for the specific language governing permissions and
  13  * limitations under the License.
  14  */
  15 /**
  16  * @file
  17  * @brief NAT66 implementation
  18  */
  19
  20 #include <vpp/app/version.h>
  21 #include <vnet/plugin/plugin.h>
  22 #include <nat/nat66/nat66.h>
  23 #include <vnet/fib/fib_table.h>
  24 #include <vnet/ip/reass/ip6_sv_reass.h>
  25
  26 nat66_main_t nat66_main;
  27 fib_source_t nat_fib_src_hi;
  28
  29 /* *INDENT-OFF* */
  30
  31 /* Hook up input features */
  32 VNET_FEATURE_INIT (nat66_in2out, static) = {
  33   .arc_name = "ip6-unicast",
  34   .node_name = "nat66-in2out",
  35   .runs_before = VNET_FEATURES ("ip6-lookup"),
  36   .runs_after = VNET_FEATURES ("ip6-sv-reassembly-feature"),
  37 };
  38 VNET_FEATURE_INIT (nat66_out2in, static) = {
  39   .arc_name = "ip6-unicast",
  40   .node_name = "nat66-out2in",
  41   .runs_before = VNET_FEATURES ("ip6-lookup"),
  42   .runs_after = VNET_FEATURES ("ip6-sv-reassembly-feature"),
  43 };
  44
  45 /* *INDENT-ON* */
  46
  47 clib_error_t *nat66_plugin_api_hookup (vlib_main_t * vm);
  48 static clib_error_t *
  49 nat66_init (vlib_main_t * vm)
  50 {
  51   nat66_main_t *nm = &nat66_main;
  52   vlib_node_t *node;
  53   u32 static_mapping_buckets = 1024;
  54   uword static_mapping_memory_size = 64 << 20;
  55
  56   node = vlib_get_node_by_name (vm, (u8 *) "nat66-in2out");
  57   nm->in2out_node_index = node->index;
  58
  59   node = vlib_get_node_by_name (vm, (u8 *) "nat66-out2in");
  60   nm->out2in_node_index = node->index;
  61
  62   clib_bihash_init_24_8 (&nm->sm_l, "nat66-static-map-by-local",
  63                          static_mapping_buckets, static_mapping_memory_size);
  64   clib_bihash_init_24_8 (&nm->sm_e, "nat66-static-map-by-external",
  65                          static_mapping_buckets, static_mapping_memory_size);
  66
  67   nm->session_counters.name = "session counters";
  68
  69   nat_fib_src_hi = fib_source_allocate ("nat66-hi",
  70                                         FIB_SOURCE_PRIORITY_HI,
  71                                         FIB_SOURCE_BH_SIMPLE);
  72
  73   return nat66_plugin_api_hookup (vm);
  74 }
  75
  76 int
  77 nat66_interface_add_del (u32 sw_if_index, u8 is_inside, u8 is_add)
  78 {
  79   nat66_main_t *nm = &nat66_main;
  80   nat66_interface_t *interface = 0, *i;
  81   const char *feature_name;
  82
  83   /* *INDENT-OFF* */
  84   pool_foreach (i, nm->interfaces,
  85   ({
  86     if (i->sw_if_index == sw_if_index)
  87       {
  88         interface = i;
  89         break;
  90       }
  91   }));
  92   /* *INDENT-ON* */
  93
  94   if (is_add)
  95     {
  96       if (interface)
  97         return VNET_API_ERROR_VALUE_EXIST;
  98
  99       pool_get (nm->interfaces, interface);
 100       interface->sw_if_index = sw_if_index;
 101       interface->flags =
 102         is_inside ? NAT66_INTERFACE_FLAG_IS_INSIDE :
 103         NAT66_INTERFACE_FLAG_IS_OUTSIDE;
 104     }
 105   else
 106     {
 107       if (!interface)
 108         return VNET_API_ERROR_NO_SUCH_ENTRY;
 109
 110       pool_put (nm->interfaces, interface);
 111     }
 112
 113   feature_name = is_inside ? "nat66-in2out" : "nat66-out2in";
 114   int rv = ip6_sv_reass_enable_disable_with_refcnt (sw_if_index, is_add);
 115   if (rv)
 116     return rv;
 117   return vnet_feature_enable_disable ("ip6-unicast", feature_name,
 118                                       sw_if_index, is_add, 0, 0);
 119 }
 120
 121 void
 122 nat66_interfaces_walk (nat66_interface_walk_fn_t fn, void *ctx)
 123 {
 124   nat66_main_t *nm = &nat66_main;
 125   nat66_interface_t *i = 0;
 126
 127   /* *INDENT-OFF* */
 128   pool_foreach (i, nm->interfaces,
 129   ({
 130     if (fn (i, ctx))
 131       break;
 132   }));
 133   /* *INDENT-ON* */
 134 }
 135
 136 nat66_static_mapping_t *
 137 nat66_static_mapping_get (ip6_address_t * addr, u32 fib_index, u8 is_local)
 138 {
 139   nat66_main_t *nm = &nat66_main;
 140   nat66_static_mapping_t *sm = 0;
 141   nat66_sm_key_t sm_key;
 142   clib_bihash_kv_24_8_t kv, value;
 143
 144   sm_key.addr.as_u64[0] = addr->as_u64[0];
 145   sm_key.addr.as_u64[1] = addr->as_u64[1];
 146   sm_key.fib_index = fib_index;
 147   sm_key.rsvd = 0;
 148
 149   kv.key[0] = sm_key.as_u64[0];
 150   kv.key[1] = sm_key.as_u64[1];
 151   kv.key[2] = sm_key.as_u64[2];
 152
 153   if (!clib_bihash_search_24_8
 154       (is_local ? &nm->sm_l : &nm->sm_e, &kv, &value))
 155     sm = pool_elt_at_index (nm->sm, value.value);
 156
 157   return sm;
 158 }
 159
 160 int
 161 nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr,
 162                               u32 vrf_id, u8 is_add)
 163 {
 164   nat66_main_t *nm = &nat66_main;
 165   int rv = 0;
 166   nat66_static_mapping_t *sm = 0;
 167   nat66_sm_key_t sm_key;
 168   clib_bihash_kv_24_8_t kv, value;
 169   u32 fib_index = fib_table_find (FIB_PROTOCOL_IP6, vrf_id);
 170
 171   sm_key.addr.as_u64[0] = l_addr->as_u64[0];
 172   sm_key.addr.as_u64[1] = l_addr->as_u64[1];
 173   sm_key.fib_index = fib_index;
 174   sm_key.rsvd = 0;
 175   kv.key[0] = sm_key.as_u64[0];
 176   kv.key[1] = sm_key.as_u64[1];
 177   kv.key[2] = sm_key.as_u64[2];
 178
 179   if (!clib_bihash_search_24_8 (&nm->sm_l, &kv, &value))
 180     sm = pool_elt_at_index (nm->sm, value.value);
 181
 182   if (is_add)
 183     {
 184       if (sm)
 185         return VNET_API_ERROR_VALUE_EXIST;
 186
 187       fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP6, vrf_id,
 188                                                      nat_fib_src_hi);
 189       pool_get (nm->sm, sm);
 190       clib_memset (sm, 0, sizeof (*sm));
 191       sm->l_addr.as_u64[0] = l_addr->as_u64[0];
 192       sm->l_addr.as_u64[1] = l_addr->as_u64[1];
 193       sm->e_addr.as_u64[0] = e_addr->as_u64[0];
 194       sm->e_addr.as_u64[1] = e_addr->as_u64[1];
 195       sm->fib_index = fib_index;
 196
 197       sm_key.fib_index = fib_index;
 198       kv.key[0] = sm_key.as_u64[0];
 199       kv.key[1] = sm_key.as_u64[1];
 200       kv.key[2] = sm_key.as_u64[2];
 201       kv.value = sm - nm->sm;
 202       if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 1))
 203         nat66_elog_warn ("nat66-static-map-by-local add key failed");
 204       sm_key.addr.as_u64[0] = e_addr->as_u64[0];
 205       sm_key.addr.as_u64[1] = e_addr->as_u64[1];
 206       sm_key.fib_index = 0;
 207       kv.key[0] = sm_key.as_u64[0];
 208       kv.key[1] = sm_key.as_u64[1];
 209       kv.key[2] = sm_key.as_u64[2];
 210       if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 1))
 211         nat66_elog_warn ("nat66-static-map-by-external add key failed");
 212
 213       vlib_validate_combined_counter (&nm->session_counters, kv.value);
 214       vlib_zero_combined_counter (&nm->session_counters, kv.value);
 215     }
 216   else
 217     {
 218       if (!sm)
 219         return VNET_API_ERROR_NO_SUCH_ENTRY;
 220
 221       kv.value = sm - nm->sm;
 222       if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 0))
 223         nat66_elog_warn ("nat66-static-map-by-local delete key failed");
 224       sm_key.addr.as_u64[0] = e_addr->as_u64[0];
 225       sm_key.addr.as_u64[1] = e_addr->as_u64[1];
 226       sm_key.fib_index = 0;
 227       kv.key[0] = sm_key.as_u64[0];
 228       kv.key[1] = sm_key.as_u64[1];
 229       kv.key[2] = sm_key.as_u64[2];
 230       if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 0))
 231         nat66_elog_warn ("nat66-static-map-by-external delete key failed");
 232       fib_table_unlock (sm->fib_index, FIB_PROTOCOL_IP6, nat_fib_src_hi);
 233       pool_put (nm->sm, sm);
 234     }
 235
 236   return rv;
 237 }
 238
 239 void
 240 nat66_static_mappings_walk (nat66_static_mapping_walk_fn_t fn, void *ctx)
 241 {
 242   nat66_main_t *nm = &nat66_main;
 243   nat66_static_mapping_t *sm = 0;
 244
 245   /* *INDENT-OFF* */
 246   pool_foreach (sm, nm->sm,
 247   ({
 248     if (fn (sm, ctx))
 249       break;
 250   }));
 251   /* *INDENT-ON* */
 252 }
 253
 254 /*static*/ void
 255 nat66_config (void)
 256 {
 257   nat66_main_t *nm = &nat66_main;
 258   u32 outside_ip6_vrf_id = 0;
 259
 260   nm->outside_vrf_id = outside_ip6_vrf_id;
 261   nm->outside_fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP6,
 262                                                              outside_ip6_vrf_id,
 263                                                              nat_fib_src_hi);
 264
 265 }
 266
 267 /* *INDENT-OFF* */
 268 VLIB_PLUGIN_REGISTER () =
 269 {
 270  .version = VPP_BUILD_VER,
 271  .description = "NAT66",
 272 };
 273
 274 VLIB_INIT_FUNCTION (nat66_init);
 275
 276 /* *INDENT-ON* */
 277
 278 /*
 279  * fd.io coding-style-patch-verification: ON
 280  *
 281  * Local Variables:
 282  * eval: (c-set-style "gnu")
 283  * End:
 284  */