2 * Copyright (c) 2017 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * @brief NAT plugin virtual fragmentation reassembly
19 #ifndef __included_nat_reass_h__
20 #define __included_nat_reass_h__
22 #include <vnet/vnet.h>
23 #include <vnet/ip/ip.h>
24 #include <vppinfra/bihash_16_8.h>
25 #include <vppinfra/bihash_48_8.h>
26 #include <vppinfra/dlist.h>
28 #define NAT_REASS_TIMEOUT_DEFAULT 2
29 #define NAT_MAX_REASS_DEAFULT 1024
30 #define NAT_MAX_FRAG_DEFAULT 5
31 #define NAT_REASS_HT_LOAD_FACTOR (0.75)
33 #define NAT_REASS_FLAG_MAX_FRAG_DROP 1
34 #define NAT_REASS_FLAG_CLASSIFY_ED_CONTINUE 2
35 #define NAT_REASS_FLAG_ED_DONT_TRANSLATE 4
45 /* align by making this 4 octets even though its a 2 octets field */
47 /* align by making this 4 octets even though its a 1 octet field */
52 } nat_reass_ip4_key_t;
56 NAT_REASS_IP4_CLASSIFY_NONE,
57 NAT_REASS_IP4_CLASSIFY_NEXT_IN2OUT,
58 NAT_REASS_IP4_CLASSIFY_NEXT_OUT2IN
62 typedef CLIB_PACKED(struct
64 nat_reass_ip4_key_t key;
69 u32 frags_per_reass_list_head_index;
85 /* align by making this 4 octets even though its a 1 octet field */
91 } nat_reass_ip6_key_t;
94 typedef CLIB_PACKED(struct
96 nat_reass_ip6_key_t key;
100 u32 frags_per_reass_list_head_index;
121 nat_reass_ip4_t *ip4_reass_pool;
122 clib_bihash_16_8_t ip4_reass_hash;
123 dlist_elt_t *ip4_reass_lru_list_pool;
124 dlist_elt_t *ip4_frags_list_pool;
125 u32 ip4_reass_head_index;
127 clib_spinlock_t ip4_reass_lock;
130 nat_reass_ip6_t *ip6_reass_pool;
131 clib_bihash_48_8_t ip6_reass_hash;
132 dlist_elt_t *ip6_reass_lru_list_pool;
133 dlist_elt_t *ip6_frags_list_pool;
134 u32 ip6_reass_head_index;
136 clib_spinlock_t ip6_reass_lock;
139 vlib_main_t *vlib_main;
140 vnet_main_t *vnet_main;
144 * @brief Set NAT virtual fragmentation reassembly configuration.
146 * @param timeout Reassembly timeout.
147 * @param max_reass Maximum number of concurrent reassemblies.
148 * @param max_frag Maximum number of fragmets per reassembly
149 * @param drop_frag If zero translate fragments, otherwise drop fragments.
150 * @param is_ip6 1 if IPv6, 0 if IPv4.
152 * @returns 0 on success, non-zero value otherwise.
154 int nat_reass_set (u32 timeout, u16 max_reass, u8 max_frag, u8 drop_frag,
158 * @brief Get reassembly timeout.
160 * @param is_ip6 1 if IPv6, 0 if IPv4.
162 * @returns reassembly timeout.
164 u32 nat_reass_get_timeout (u8 is_ip6);
167 * @brief Get maximum number of concurrent reassemblies.
169 * @param is_ip6 1 if IPv6, 0 if IPv4.
171 * @returns maximum number of concurrent reassemblies.
173 u16 nat_reass_get_max_reass (u8 is_ip6);
176 * @brief Get maximum number of fragmets per reassembly.
178 * @param is_ip6 1 if IPv6, 0 if IPv4.
180 * @returns maximum number of fragmets per reassembly.
182 u8 nat_reass_get_max_frag (u8 is_ip6);
185 * @brief Get status of virtual fragmentation reassembly.
187 * @param is_ip6 1 if IPv6, 0 if IPv4.
189 * @returns zero if translate fragments, non-zero value if drop fragments.
191 u8 nat_reass_is_drop_frag (u8 is_ip6);
194 * @brief Initialize NAT virtual fragmentation reassembly.
196 * @param vm vlib main.
198 * @return error code.
200 clib_error_t *nat_reass_init (vlib_main_t * vm);
203 * @brief Find reassembly.
205 * @param src Source IPv4 address.
206 * @param dst Destination IPv4 address.
207 * @param frag_id Fragment ID.
208 * @param proto L4 protocol.
210 * @returns Reassembly data or 0 if not found.
212 nat_reass_ip4_t *nat_ip4_reass_find (ip4_address_t src,
214 u16 frag_id, u8 proto);
217 * @brief Create reassembly.
219 * @param src Source IPv4 address.
220 * @param dst Destination IPv4 address.
221 * @param frag_id Fragment ID.
222 * @param proto L4 protocol.
224 * @returns Reassembly data or 0 on failure.
226 nat_reass_ip4_t *nat_ip4_reass_create (ip4_address_t src, ip4_address_t dst,
227 u16 frag_id, u8 proto);
230 * @brief Find or create reassembly.
232 * @param src Source IPv4 address.
233 * @param dst Destination IPv4 address.
234 * @param frag_id Fragment ID.
235 * @param proto L4 protocol.
236 * @param reset_timeout If non-zero value reset timeout.
237 * @param bi_to_drop Fragments to drop.
239 * @returns Reassembly data or 0 on failure.
241 nat_reass_ip4_t *nat_ip4_reass_find_or_create (ip4_address_t src,
243 u16 frag_id, u8 proto,
248 * @brief Cache fragment.
250 * @param reass Reassembly data.
251 * @param bi Buffer index.
252 * @param bi_to_drop Fragments to drop.
254 * @returns 0 on success, non-zero value otherwise.
256 int nat_ip4_reass_add_fragment (u32 thread_index, nat_reass_ip4_t * reass,
257 u32 bi, u32 ** bi_to_drop);
260 * @brief Get cached fragments.
262 * @param reass Reassembly data.
263 * @param bi Vector of buffer indexes.
265 void nat_ip4_reass_get_frags (nat_reass_ip4_t * reass, u32 ** bi);
268 * @breif Call back function when walking IPv4 reassemblies, non-zero return
271 typedef int (*nat_ip4_reass_walk_fn_t) (nat_reass_ip4_t * reass, void *ctx);
274 * @brief Walk IPv4 reassemblies.
276 * @param fn The function to invoke on each entry visited.
277 * @param ctx A context passed in the visit function.
279 void nat_ip4_reass_walk (nat_ip4_reass_walk_fn_t fn, void *ctx);
282 * @brief Find or create reassembly.
284 * @param src Source IPv6 address.
285 * @param dst Destination IPv6 address.
286 * @param frag_id Fragment ID.
287 * @param proto L4 protocol.
288 * @param reset_timeout If non-zero value reset timeout.
289 * @param bi_to_drop Fragments to drop.
291 * @returns Reassembly data or 0 on failure.
293 nat_reass_ip6_t *nat_ip6_reass_find_or_create (ip6_address_t src,
295 u32 frag_id, u8 proto,
299 * @brief Cache fragment.
301 * @param reass Reassembly data.
302 * @param bi Buffer index.
303 * @param bi_to_drop Fragments to drop.
305 * @returns 0 on success, non-zero value otherwise.
307 int nat_ip6_reass_add_fragment (u32 thread_index, nat_reass_ip6_t * reass,
308 u32 bi, u32 ** bi_to_drop);
311 * @brief Get cached fragments.
313 * @param reass Reassembly data.
314 * @param bi Vector of buffer indexes.
316 void nat_ip6_reass_get_frags (nat_reass_ip6_t * reass, u32 ** bi);
319 * @breif Call back function when walking IPv6 reassemblies, non-zero return
322 typedef int (*nat_ip6_reass_walk_fn_t) (nat_reass_ip6_t * reass, void *ctx);
325 * @brief Walk IPv6 reassemblies.
327 * @param fn The function to invoke on each entry visited.
328 * @param ctx A context passed in the visit function.
330 void nat_ip6_reass_walk (nat_ip6_reass_walk_fn_t fn, void *ctx);
332 #endif /* __included_nat_reass_h__ */
335 * fd.io coding-style-patch-verification: ON
338 * eval: (c-set-style "gnu")