src/plugins/map/ip6_map_t.c

   1 /*
   2  * Copyright (c) 2015 Cisco and/or its affiliates.
   3  * Licensed under the Apache License, Version 2.0 (the "License");
   4  * you may not use this file except in compliance with the License.
   5  * You may obtain a copy of the License at:
   6  *
   7  *     http://www.apache.org/licenses/LICENSE-2.0
   8  *
   9  * Unless required by applicable law or agreed to in writing, software
  10  * distributed under the License is distributed on an "AS IS" BASIS,
  11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12  * See the License for the specific language governing permissions and
  13  * limitations under the License.
  14  */
  15 #include "map.h"
  16
  17 #include <vnet/ip/ip_frag.h>
  18 #include <vnet/ip/ip6_to_ip4.h>
  19 #include <vnet/ip/ip4_to_ip6.h>
  20
  21 typedef enum
  22 {
  23   IP6_MAPT_NEXT_MAPT_TCP_UDP,
  24   IP6_MAPT_NEXT_MAPT_ICMP,
  25   IP6_MAPT_NEXT_MAPT_FRAGMENTED,
  26   IP6_MAPT_NEXT_DROP,
  27   IP6_MAPT_N_NEXT
  28 } ip6_mapt_next_t;
  29
  30 typedef enum
  31 {
  32   IP6_MAPT_ICMP_NEXT_IP4_LOOKUP,
  33   IP6_MAPT_ICMP_NEXT_IP4_FRAG,
  34   IP6_MAPT_ICMP_NEXT_DROP,
  35   IP6_MAPT_ICMP_N_NEXT
  36 } ip6_mapt_icmp_next_t;
  37
  38 typedef enum
  39 {
  40   IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP,
  41   IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG,
  42   IP6_MAPT_TCP_UDP_NEXT_DROP,
  43   IP6_MAPT_TCP_UDP_N_NEXT
  44 } ip6_mapt_tcp_udp_next_t;
  45
  46 typedef enum
  47 {
  48   IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP,
  49   IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG,
  50   IP6_MAPT_FRAGMENTED_NEXT_DROP,
  51   IP6_MAPT_FRAGMENTED_N_NEXT
  52 } ip6_mapt_fragmented_next_t;
  53
  54 static_always_inline int
  55 ip6_map_fragment_cache (ip6_header_t * ip6, ip6_frag_hdr_t * frag,
  56                         map_domain_t * d, u16 port)
  57 {
  58   u32 *ignore = NULL;
  59   map_ip4_reass_lock ();
  60   map_ip4_reass_t *r = map_ip4_reass_get (map_get_ip4 (&ip6->src_address,
  61                                                        d->flags),
  62                                           ip6_map_t_embedded_address (d,
  63                                                                       &ip6->
  64                                                                       dst_address),
  65                                           frag_id_6to4 (frag->identification),
  66                                           (ip6->protocol ==
  67                                            IP_PROTOCOL_ICMP6) ?
  68                                           IP_PROTOCOL_ICMP : ip6->protocol,
  69                                           &ignore);
  70   if (r)
  71     r->port = port;
  72
  73   map_ip4_reass_unlock ();
  74   return !r;
  75 }
  76
  77 /* Returns the associated port or -1 */
  78 static_always_inline i32
  79 ip6_map_fragment_get (ip6_header_t * ip6, ip6_frag_hdr_t * frag,
  80                       map_domain_t * d)
  81 {
  82   u32 *ignore = NULL;
  83   map_ip4_reass_lock ();
  84   map_ip4_reass_t *r = map_ip4_reass_get (map_get_ip4 (&ip6->src_address,
  85                                                        d->flags),
  86                                           ip6_map_t_embedded_address (d,
  87                                                                       &ip6->
  88                                                                       dst_address),
  89                                           frag_id_6to4 (frag->identification),
  90                                           (ip6->protocol ==
  91                                            IP_PROTOCOL_ICMP6) ?
  92                                           IP_PROTOCOL_ICMP : ip6->protocol,
  93                                           &ignore);
  94   i32 ret = r ? r->port : -1;
  95   map_ip4_reass_unlock ();
  96   return ret;
  97 }
  98
  99 typedef struct
 100 {
 101   map_domain_t *d;
 102   u16 sender_port;
 103 } icmp6_to_icmp_ctx_t;
 104
 105 static int
 106 ip6_to_ip4_set_icmp_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *arg)
 107 {
 108   icmp6_to_icmp_ctx_t *ctx = arg;
 109   u32 ip4_sadr;
 110
 111   //Security check
 112   //Note that this prevents an intermediate IPv6 router from answering the request
 113   ip4_sadr = map_get_ip4 (&ip6->src_address, ctx->d->flags);
 114   if (ip6->src_address.as_u64[0] !=
 115       map_get_pfx_net (ctx->d, ip4_sadr, ctx->sender_port)
 116       || ip6->src_address.as_u64[1] != map_get_sfx_net (ctx->d, ip4_sadr,
 117                                                         ctx->sender_port))
 118     return -1;
 119
 120   ip4->dst_address.as_u32 =
 121     ip6_map_t_embedded_address (ctx->d, &ip6->dst_address);
 122   ip4->src_address.as_u32 = ip4_sadr;
 123
 124   return 0;
 125 }
 126
 127 static int
 128 ip6_to_ip4_set_inner_icmp_cb (ip6_header_t * ip6, ip4_header_t * ip4,
 129                               void *arg)
 130 {
 131   icmp6_to_icmp_ctx_t *ctx = arg;
 132   u32 inner_ip4_dadr;
 133
 134   //Security check of inner packet
 135   inner_ip4_dadr = map_get_ip4 (&ip6->dst_address, ctx->d->flags);
 136   if (ip6->dst_address.as_u64[0] !=
 137       map_get_pfx_net (ctx->d, inner_ip4_dadr, ctx->sender_port)
 138       || ip6->dst_address.as_u64[1] != map_get_sfx_net (ctx->d,
 139                                                         inner_ip4_dadr,
 140                                                         ctx->sender_port))
 141     return -1;
 142
 143   ip4->dst_address.as_u32 = inner_ip4_dadr;
 144   ip4->src_address.as_u32 =
 145     ip6_map_t_embedded_address (ctx->d, &ip6->src_address);
 146
 147   return 0;
 148 }
 149
 150 static uword
 151 ip6_map_t_icmp (vlib_main_t * vm,
 152                 vlib_node_runtime_t * node, vlib_frame_t * frame)
 153 {
 154   u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
 155   vlib_node_runtime_t *error_node =
 156     vlib_node_get_runtime (vm, ip6_map_t_icmp_node.index);
 157   from = vlib_frame_vector_args (frame);
 158   n_left_from = frame->n_vectors;
 159   next_index = node->cached_next_index;
 160   vlib_combined_counter_main_t *cm = map_main.domain_counters;
 161   u32 thread_index = vm->thread_index;
 162
 163   while (n_left_from > 0)
 164     {
 165       vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
 166
 167       while (n_left_from > 0 && n_left_to_next > 0)
 168         {
 169           u32 pi0;
 170           vlib_buffer_t *p0;
 171           u8 error0;
 172           ip6_mapt_icmp_next_t next0;
 173           map_domain_t *d0;
 174           u16 len0;
 175           icmp6_to_icmp_ctx_t ctx0;
 176           ip6_header_t *ip60;
 177
 178           pi0 = to_next[0] = from[0];
 179           from += 1;
 180           n_left_from -= 1;
 181           to_next += 1;
 182           n_left_to_next -= 1;
 183           error0 = MAP_ERROR_NONE;
 184           next0 = IP6_MAPT_ICMP_NEXT_IP4_LOOKUP;
 185
 186           p0 = vlib_get_buffer (vm, pi0);
 187           ip60 = vlib_buffer_get_current (p0);
 188           len0 = clib_net_to_host_u16 (ip60->payload_length);
 189           d0 =
 190             pool_elt_at_index (map_main.domains,
 191                                vnet_buffer (p0)->map_t.map_domain_index);
 192           ctx0.sender_port = ip6_get_port (ip60, 0, p0->current_length);
 193           ctx0.d = d0;
 194           if (ctx0.sender_port == 0)
 195             {
 196               // In case of 1:1 mapping, we don't care about the port
 197               if (!(d0->ea_bits_len == 0 && d0->rules))
 198                 {
 199                   error0 = MAP_ERROR_ICMP;
 200                   goto err0;
 201                 }
 202             }
 203
 204           if (icmp6_to_icmp
 205               (p0, ip6_to_ip4_set_icmp_cb, &ctx0,
 206                ip6_to_ip4_set_inner_icmp_cb, &ctx0))
 207             {
 208               error0 = MAP_ERROR_ICMP;
 209               goto err0;
 210             }
 211
 212           if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
 213             {
 214               //Send to fragmentation node if necessary
 215               vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
 216               vnet_buffer (p0)->ip_frag.next_index = IP4_FRAG_NEXT_IP4_LOOKUP;
 217               next0 = IP6_MAPT_ICMP_NEXT_IP4_FRAG;
 218             }
 219         err0:
 220           if (PREDICT_TRUE (error0 == MAP_ERROR_NONE))
 221             {
 222               vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX,
 223                                                thread_index,
 224                                                vnet_buffer (p0)->
 225                                                map_t.map_domain_index, 1,
 226                                                len0);
 227             }
 228           else
 229             {
 230               next0 = IP6_MAPT_ICMP_NEXT_DROP;
 231             }
 232
 233           p0->error = error_node->errors[error0];
 234           vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
 235                                            to_next, n_left_to_next, pi0,
 236                                            next0);
 237         }
 238       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
 239     }
 240   return frame->n_vectors;
 241 }
 242
 243 static int
 244 ip6_to_ip4_set_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *ctx)
 245 {
 246   vlib_buffer_t *p = ctx;
 247
 248   ip4->dst_address.as_u32 = vnet_buffer (p)->map_t.v6.daddr;
 249   ip4->src_address.as_u32 = vnet_buffer (p)->map_t.v6.saddr;
 250
 251   return 0;
 252 }
 253
 254 static uword
 255 ip6_map_t_fragmented (vlib_main_t * vm,
 256                       vlib_node_runtime_t * node, vlib_frame_t * frame)
 257 {
 258   u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
 259   from = vlib_frame_vector_args (frame);
 260   n_left_from = frame->n_vectors;
 261   next_index = node->cached_next_index;
 262   vlib_node_runtime_t *error_node =
 263     vlib_node_get_runtime (vm, ip6_map_t_fragmented_node.index);
 264
 265   while (n_left_from > 0)
 266     {
 267       vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
 268
 269       while (n_left_from > 0 && n_left_to_next > 0)
 270         {
 271           u32 pi0;
 272           vlib_buffer_t *p0;
 273           u32 next0;
 274
 275           pi0 = to_next[0] = from[0];
 276           from += 1;
 277           n_left_from -= 1;
 278           to_next += 1;
 279           n_left_to_next -= 1;
 280
 281           next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
 282           p0 = vlib_get_buffer (vm, pi0);
 283
 284           if (ip6_to_ip4_fragmented (p0, ip6_to_ip4_set_cb, p0))
 285             {
 286               p0->error = error_node->errors[MAP_ERROR_FRAGMENT_DROPPED];
 287               next0 = IP6_MAPT_FRAGMENTED_NEXT_DROP;
 288             }
 289           else
 290             {
 291               if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
 292                 {
 293                   //Send to fragmentation node if necessary
 294                   vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
 295                   vnet_buffer (p0)->ip_frag.next_index =
 296                     IP4_FRAG_NEXT_IP4_LOOKUP;
 297                   next0 = IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG;
 298                 }
 299             }
 300
 301           vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
 302                                            to_next, n_left_to_next, pi0,
 303                                            next0);
 304         }
 305       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
 306     }
 307   return frame->n_vectors;
 308 }
 309
 310 static uword
 311 ip6_map_t_tcp_udp (vlib_main_t * vm,
 312                    vlib_node_runtime_t * node, vlib_frame_t * frame)
 313 {
 314   u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
 315   vlib_node_runtime_t *error_node =
 316     vlib_node_get_runtime (vm, ip6_map_t_tcp_udp_node.index);
 317
 318   from = vlib_frame_vector_args (frame);
 319   n_left_from = frame->n_vectors;
 320   next_index = node->cached_next_index;
 321   while (n_left_from > 0)
 322     {
 323       vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
 324
 325       while (n_left_from > 0 && n_left_to_next > 0)
 326         {
 327           u32 pi0;
 328           vlib_buffer_t *p0;
 329           ip6_mapt_tcp_udp_next_t next0;
 330
 331           pi0 = to_next[0] = from[0];
 332           from += 1;
 333           n_left_from -= 1;
 334           to_next += 1;
 335           n_left_to_next -= 1;
 336           next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
 337
 338           p0 = vlib_get_buffer (vm, pi0);
 339
 340           if (ip6_to_ip4_tcp_udp (p0, ip6_to_ip4_set_cb, p0, 1))
 341             {
 342               p0->error = error_node->errors[MAP_ERROR_UNKNOWN];
 343               next0 = IP6_MAPT_TCP_UDP_NEXT_DROP;
 344             }
 345           else
 346             {
 347               if (vnet_buffer (p0)->map_t.mtu < p0->current_length)
 348                 {
 349                   //Send to fragmentation node if necessary
 350                   vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
 351                   vnet_buffer (p0)->ip_frag.next_index =
 352                     IP4_FRAG_NEXT_IP4_LOOKUP;
 353                   next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG;
 354                 }
 355             }
 356
 357           vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
 358                                            to_next, n_left_to_next, pi0,
 359                                            next0);
 360         }
 361       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
 362     }
 363   return frame->n_vectors;
 364 }
 365
 366 static uword
 367 ip6_map_t (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
 368 {
 369   u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
 370   vlib_node_runtime_t *error_node =
 371     vlib_node_get_runtime (vm, ip6_map_t_node.index);
 372   vlib_combined_counter_main_t *cm = map_main.domain_counters;
 373   u32 thread_index = vm->thread_index;
 374
 375   from = vlib_frame_vector_args (frame);
 376   n_left_from = frame->n_vectors;
 377   next_index = node->cached_next_index;
 378   while (n_left_from > 0)
 379     {
 380       vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
 381
 382       while (n_left_from > 0 && n_left_to_next > 0)
 383         {
 384           u32 pi0;
 385           vlib_buffer_t *p0;
 386           ip6_header_t *ip60;
 387           u8 error0;
 388           u32 l4_len0;
 389           i32 src_port0;
 390           map_domain_t *d0;
 391           ip6_frag_hdr_t *frag0;
 392           ip6_mapt_next_t next0 = 0;
 393           u32 saddr;
 394
 395           pi0 = to_next[0] = from[0];
 396           from += 1;
 397           n_left_from -= 1;
 398           to_next += 1;
 399           n_left_to_next -= 1;
 400           error0 = MAP_ERROR_NONE;
 401
 402           p0 = vlib_get_buffer (vm, pi0);
 403           ip60 = vlib_buffer_get_current (p0);
 404
 405           //Save saddr in a different variable to not overwrite ip.adj_index
 406           saddr = 0;            /* TODO */
 407           /* NOTE: ip6_map_get_domain currently doesn't utilize second argument */
 408
 409           d0 = ip6_map_get_domain (vnet_buffer (p0)->ip.adj_index[VLIB_TX],
 410                                    (ip4_address_t *) & saddr,
 411                                    &vnet_buffer (p0)->map_t.map_domain_index,
 412                                    &error0);
 413
 414           saddr = map_get_ip4 (&ip60->src_address, d0->flags);
 415
 416           //FIXME: What if d0 is null
 417           vnet_buffer (p0)->map_t.v6.saddr = saddr;
 418           vnet_buffer (p0)->map_t.v6.daddr =
 419             ip6_map_t_embedded_address (d0, &ip60->dst_address);
 420           vnet_buffer (p0)->map_t.mtu = d0->mtu ? d0->mtu : ~0;
 421
 422           if (PREDICT_FALSE (ip6_parse (ip60, p0->current_length,
 423                                         &(vnet_buffer (p0)->map_t.
 424                                           v6.l4_protocol),
 425                                         &(vnet_buffer (p0)->map_t.
 426                                           v6.l4_offset),
 427                                         &(vnet_buffer (p0)->map_t.
 428                                           v6.frag_offset))))
 429             {
 430               error0 = MAP_ERROR_MALFORMED;
 431               next0 = IP6_MAPT_NEXT_DROP;
 432             }
 433
 434           src_port0 = -1;
 435           l4_len0 = (u32) clib_net_to_host_u16 (ip60->payload_length) +
 436             sizeof (*ip60) - vnet_buffer (p0)->map_t.v6.l4_offset;
 437           frag0 =
 438             (ip6_frag_hdr_t *) u8_ptr_add (ip60,
 439                                            vnet_buffer (p0)->map_t.
 440                                            v6.frag_offset);
 441
 442
 443           if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset &&
 444                              ip6_frag_hdr_offset (frag0)))
 445             {
 446               src_port0 = ip6_map_fragment_get (ip60, frag0, d0);
 447               error0 = (src_port0 != -1) ? error0 : MAP_ERROR_FRAGMENT_MEMORY;
 448               next0 = IP6_MAPT_NEXT_MAPT_FRAGMENTED;
 449             }
 450           else
 451             if (PREDICT_TRUE
 452                 (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_TCP))
 453             {
 454               error0 =
 455                 l4_len0 <
 456                 sizeof (tcp_header_t) ? MAP_ERROR_MALFORMED : error0;
 457               vnet_buffer (p0)->map_t.checksum_offset =
 458                 vnet_buffer (p0)->map_t.v6.l4_offset + 16;
 459               next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
 460               src_port0 =
 461                 (i32) *
 462                 ((u16 *)
 463                  u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
 464             }
 465           else
 466             if (PREDICT_TRUE
 467                 (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_UDP))
 468             {
 469               error0 =
 470                 l4_len0 <
 471                 sizeof (udp_header_t) ? MAP_ERROR_MALFORMED : error0;
 472               vnet_buffer (p0)->map_t.checksum_offset =
 473                 vnet_buffer (p0)->map_t.v6.l4_offset + 6;
 474               next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
 475               src_port0 =
 476                 (i32) *
 477                 ((u16 *)
 478                  u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
 479             }
 480           else if (vnet_buffer (p0)->map_t.v6.l4_protocol ==
 481                    IP_PROTOCOL_ICMP6)
 482             {
 483               error0 =
 484                 l4_len0 <
 485                 sizeof (icmp46_header_t) ? MAP_ERROR_MALFORMED : error0;
 486               next0 = IP6_MAPT_NEXT_MAPT_ICMP;
 487               if (((icmp46_header_t *)
 488                    u8_ptr_add (ip60,
 489                                vnet_buffer (p0)->map_t.v6.l4_offset))->code ==
 490                   ICMP6_echo_reply
 491                   || ((icmp46_header_t *)
 492                       u8_ptr_add (ip60,
 493                                   vnet_buffer (p0)->map_t.v6.
 494                                   l4_offset))->code == ICMP6_echo_request)
 495                 src_port0 =
 496                   (i32) *
 497                   ((u16 *)
 498                    u8_ptr_add (ip60,
 499                                vnet_buffer (p0)->map_t.v6.l4_offset + 6));
 500             }
 501           else
 502             {
 503               //TODO: In case of 1:1 mapping, it might be possible to do something with those packets.
 504               error0 = MAP_ERROR_BAD_PROTOCOL;
 505             }
 506
 507           //Security check
 508           if (PREDICT_FALSE
 509               ((src_port0 != -1)
 510                && (ip60->src_address.as_u64[0] !=
 511                    map_get_pfx_net (d0, vnet_buffer (p0)->map_t.v6.saddr,
 512                                     src_port0)
 513                    || ip60->src_address.as_u64[1] != map_get_sfx_net (d0,
 514                                                                       vnet_buffer
 515                                                                       (p0)->map_t.v6.saddr,
 516                                                                       src_port0))))
 517             {
 518               //Security check when src_port0 is not zero (non-first fragment, UDP or TCP)
 519               error0 = MAP_ERROR_SEC_CHECK;
 520             }
 521
 522           //Fragmented first packet needs to be cached for following packets
 523           if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset &&
 524                              !ip6_frag_hdr_offset ((ip6_frag_hdr_t *)
 525                                                    u8_ptr_add (ip60,
 526                                                                vnet_buffer
 527                                                                (p0)->map_t.
 528                                                                v6.frag_offset)))
 529               && (src_port0 != -1) && (d0->ea_bits_len != 0 || !d0->rules)
 530               && (error0 == MAP_ERROR_NONE))
 531             {
 532               ip6_map_fragment_cache (ip60,
 533                                       (ip6_frag_hdr_t *) u8_ptr_add (ip60,
 534                                                                      vnet_buffer
 535                                                                      (p0)->map_t.
 536                                                                      v6.frag_offset),
 537                                       d0, src_port0);
 538             }
 539
 540           if (PREDICT_TRUE
 541               (error0 == MAP_ERROR_NONE && next0 != IP6_MAPT_NEXT_MAPT_ICMP))
 542             {
 543               vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX,
 544                                                thread_index,
 545                                                vnet_buffer (p0)->
 546                                                map_t.map_domain_index, 1,
 547                                                clib_net_to_host_u16
 548                                                (ip60->payload_length));
 549             }
 550
 551           next0 = (error0 != MAP_ERROR_NONE) ? IP6_MAPT_NEXT_DROP : next0;
 552           p0->error = error_node->errors[error0];
 553           vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
 554                                            to_next, n_left_to_next, pi0,
 555                                            next0);
 556         }
 557       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
 558     }
 559   return frame->n_vectors;
 560 }
 561
 562 static char *map_t_error_strings[] = {
 563 #define _(sym,string) string,
 564   foreach_map_error
 565 #undef _
 566 };
 567
 568 /* *INDENT-OFF* */
 569 VLIB_REGISTER_NODE(ip6_map_t_fragmented_node) = {
 570   .function = ip6_map_t_fragmented,
 571   .name = "ip6-map-t-fragmented",
 572   .vector_size = sizeof (u32),
 573   .format_trace = format_map_trace,
 574   .type = VLIB_NODE_TYPE_INTERNAL,
 575
 576   .n_errors = MAP_N_ERROR,
 577   .error_strings = map_t_error_strings,
 578
 579   .n_next_nodes = IP6_MAPT_FRAGMENTED_N_NEXT,
 580   .next_nodes = {
 581       [IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP] = "ip4-lookup",
 582       [IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME,
 583       [IP6_MAPT_FRAGMENTED_NEXT_DROP] = "error-drop",
 584   },
 585 };
 586 /* *INDENT-ON* */
 587
 588 /* *INDENT-OFF* */
 589 VLIB_REGISTER_NODE(ip6_map_t_icmp_node) = {
 590   .function = ip6_map_t_icmp,
 591   .name = "ip6-map-t-icmp",
 592   .vector_size = sizeof (u32),
 593   .format_trace = format_map_trace,
 594   .type = VLIB_NODE_TYPE_INTERNAL,
 595
 596   .n_errors = MAP_N_ERROR,
 597   .error_strings = map_t_error_strings,
 598
 599   .n_next_nodes = IP6_MAPT_ICMP_N_NEXT,
 600   .next_nodes = {
 601       [IP6_MAPT_ICMP_NEXT_IP4_LOOKUP] = "ip4-lookup",
 602       [IP6_MAPT_ICMP_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME,
 603       [IP6_MAPT_ICMP_NEXT_DROP] = "error-drop",
 604   },
 605 };
 606 /* *INDENT-ON* */
 607
 608 /* *INDENT-OFF* */
 609 VLIB_REGISTER_NODE(ip6_map_t_tcp_udp_node) = {
 610   .function = ip6_map_t_tcp_udp,
 611   .name = "ip6-map-t-tcp-udp",
 612   .vector_size = sizeof (u32),
 613   .format_trace = format_map_trace,
 614   .type = VLIB_NODE_TYPE_INTERNAL,
 615
 616   .n_errors = MAP_N_ERROR,
 617   .error_strings = map_t_error_strings,
 618
 619   .n_next_nodes = IP6_MAPT_TCP_UDP_N_NEXT,
 620   .next_nodes = {
 621       [IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP] = "ip4-lookup",
 622       [IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME,
 623       [IP6_MAPT_TCP_UDP_NEXT_DROP] = "error-drop",
 624   },
 625 };
 626 /* *INDENT-ON* */
 627
 628 /* *INDENT-OFF* */
 629 VLIB_REGISTER_NODE(ip6_map_t_node) = {
 630   .function = ip6_map_t,
 631   .name = "ip6-map-t",
 632   .vector_size = sizeof(u32),
 633   .format_trace = format_map_trace,
 634   .type = VLIB_NODE_TYPE_INTERNAL,
 635
 636   .n_errors = MAP_N_ERROR,
 637   .error_strings = map_t_error_strings,
 638
 639   .n_next_nodes = IP6_MAPT_N_NEXT,
 640   .next_nodes = {
 641       [IP6_MAPT_NEXT_MAPT_TCP_UDP] = "ip6-map-t-tcp-udp",
 642       [IP6_MAPT_NEXT_MAPT_ICMP] = "ip6-map-t-icmp",
 643       [IP6_MAPT_NEXT_MAPT_FRAGMENTED] = "ip6-map-t-fragmented",
 644       [IP6_MAPT_NEXT_DROP] = "error-drop",
 645   },
 646 };
 647 /* *INDENT-ON* */
 648
 649 /*
 650  * fd.io coding-style-patch-verification: ON
 651  *
 652  * Local Variables:
 653  * eval: (c-set-style "gnu")
 654  * End:
 655  */