2 * Copyright (c) 2017 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * @brief NAT64 IPv6 to IPv4 translation (inside to outside network)
20 #include <nat/nat64.h>
21 #include <nat/nat_reass.h>
22 #include <vnet/ip/ip6_to_ip4.h>
23 #include <vnet/fib/fib_table.h>
30 } nat64_in2out_trace_t;
33 format_nat64_in2out_trace (u8 * s, va_list * args)
35 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
36 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
37 nat64_in2out_trace_t *t = va_arg (*args, nat64_in2out_trace_t *);
40 tag = t->is_slow_path ? "NAT64-in2out-slowpath" : "NAT64-in2out";
43 format (s, "%s: sw_if_index %d, next index %d", tag, t->sw_if_index,
54 } nat64_in2out_reass_trace_t;
57 format_nat64_in2out_reass_trace (u8 * s, va_list * args)
59 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
60 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
61 nat64_in2out_reass_trace_t *t =
62 va_arg (*args, nat64_in2out_reass_trace_t *);
65 format (s, "NAT64-in2out-reass: sw_if_index %d, next index %d, status %s",
66 t->sw_if_index, t->next_index,
67 t->cached ? "cached" : "translated");
72 vlib_node_registration_t nat64_in2out_node;
73 vlib_node_registration_t nat64_in2out_slowpath_node;
74 vlib_node_registration_t nat64_in2out_reass_node;
76 #define foreach_nat64_in2out_error \
77 _(UNSUPPORTED_PROTOCOL, "unsupported protocol") \
78 _(IN2OUT_PACKETS, "good in2out packets processed") \
79 _(NO_TRANSLATION, "no translation") \
80 _(UNKNOWN, "unknown") \
81 _(DROP_FRAGMENT, "Drop fragment") \
82 _(MAX_REASS, "Maximum reassemblies exceeded") \
83 _(MAX_FRAG, "Maximum fragments per reassembly exceeded")
88 #define _(sym,str) NAT64_IN2OUT_ERROR_##sym,
89 foreach_nat64_in2out_error
92 } nat64_in2out_error_t;
94 static char *nat64_in2out_error_strings[] = {
95 #define _(sym,string) string,
96 foreach_nat64_in2out_error
102 NAT64_IN2OUT_NEXT_IP4_LOOKUP,
103 NAT64_IN2OUT_NEXT_IP6_LOOKUP,
104 NAT64_IN2OUT_NEXT_DROP,
105 NAT64_IN2OUT_NEXT_SLOWPATH,
106 NAT64_IN2OUT_NEXT_REASS,
108 } nat64_in2out_next_t;
110 typedef struct nat64_in2out_set_ctx_t_
114 } nat64_in2out_set_ctx_t;
117 * @brief Check whether is a hairpinning.
119 * If the destination IP address of the packet is an IPv4 address assigned to
120 * the NAT64 itself, then the packet is a hairpin packet.
122 * param dst_addr Destination address of the packet.
124 * @returns 1 if hairpinning, otherwise 0.
126 static_always_inline int
127 is_hairpinning (ip6_address_t * dst_addr)
129 nat64_main_t *nm = &nat64_main;
132 for (i = 0; i < vec_len (nm->addr_pool); i++)
134 if (nm->addr_pool[i].addr.as_u32 == dst_addr->as_u32[3])
142 nat64_in2out_tcp_udp_set_cb (ip6_header_t * ip6, ip4_header_t * ip4,
145 nat64_main_t *nm = &nat64_main;
146 nat64_in2out_set_ctx_t *ctx = arg;
147 nat64_db_bib_entry_t *bibe;
148 nat64_db_st_entry_t *ste;
149 ip46_address_t saddr, daddr;
150 u32 sw_if_index, fib_index;
151 udp_header_t *udp = ip6_next_header (ip6);
152 u8 proto = ip6->protocol;
153 u16 sport = udp->src_port;
154 u16 dport = udp->dst_port;
156 sw_if_index = vnet_buffer (ctx->b)->sw_if_index[VLIB_RX];
158 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
160 saddr.as_u64[0] = ip6->src_address.as_u64[0];
161 saddr.as_u64[1] = ip6->src_address.as_u64[1];
162 daddr.as_u64[0] = ip6->dst_address.as_u64[0];
163 daddr.as_u64[1] = ip6->dst_address.as_u64[1];
166 nat64_db_st_entry_find (&nm->db, &saddr, &daddr, sport, dport, proto,
171 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
178 nat64_db_bib_entry_find (&nm->db, &saddr, sport, proto, fib_index, 1);
183 ip4_address_t out_addr;
184 if (nat64_alloc_out_addr_and_port
185 (fib_index, ip_proto_to_snat_proto (proto), &out_addr,
190 nat64_db_bib_entry_create (&nm->db, &ip6->src_address, &out_addr,
191 sport, clib_host_to_net_u16 (out_port),
192 fib_index, proto, 0);
197 nat64_extract_ip4 (&ip6->dst_address, &daddr.ip4, fib_index);
199 nat64_db_st_entry_create (&nm->db, bibe, &ip6->dst_address,
205 nat64_session_reset_timeout (ste, ctx->vm);
207 ip4->src_address.as_u32 = bibe->out_addr.as_u32;
208 udp->src_port = bibe->out_port;
210 ip4->dst_address.as_u32 = ste->out_r_addr.as_u32;
212 if (proto == IP_PROTOCOL_TCP)
216 tcp_header_t *tcp = ip6_next_header (ip6);
218 checksum = &tcp->checksum;
219 csum = ip_csum_sub_even (*checksum, sport);
220 csum = ip_csum_add_even (csum, udp->src_port);
221 *checksum = ip_csum_fold (csum);
228 nat64_in2out_icmp_set_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *arg)
230 nat64_main_t *nm = &nat64_main;
231 nat64_in2out_set_ctx_t *ctx = arg;
232 nat64_db_bib_entry_t *bibe;
233 nat64_db_st_entry_t *ste;
234 ip46_address_t saddr, daddr;
235 u32 sw_if_index, fib_index;
236 icmp46_header_t *icmp = ip6_next_header (ip6);
238 sw_if_index = vnet_buffer (ctx->b)->sw_if_index[VLIB_RX];
240 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
242 saddr.as_u64[0] = ip6->src_address.as_u64[0];
243 saddr.as_u64[1] = ip6->src_address.as_u64[1];
244 daddr.as_u64[0] = ip6->dst_address.as_u64[0];
245 daddr.as_u64[1] = ip6->dst_address.as_u64[1];
247 if (icmp->type == ICMP4_echo_request || icmp->type == ICMP4_echo_reply)
249 u16 in_id = ((u16 *) (icmp))[2];
251 nat64_db_st_entry_find (&nm->db, &saddr, &daddr, in_id, 0,
252 IP_PROTOCOL_ICMP, fib_index, 1);
257 nat64_db_bib_entry_by_index (&nm->db, IP_PROTOCOL_ICMP,
265 nat64_db_bib_entry_find (&nm->db, &saddr, in_id,
266 IP_PROTOCOL_ICMP, fib_index, 1);
271 ip4_address_t out_addr;
272 if (nat64_alloc_out_addr_and_port
273 (fib_index, SNAT_PROTOCOL_ICMP, &out_addr, &out_id))
277 nat64_db_bib_entry_create (&nm->db, &ip6->src_address,
279 clib_host_to_net_u16 (out_id),
280 fib_index, IP_PROTOCOL_ICMP, 0);
285 nat64_extract_ip4 (&ip6->dst_address, &daddr.ip4, fib_index);
287 nat64_db_st_entry_create (&nm->db, bibe, &ip6->dst_address,
293 nat64_session_reset_timeout (ste, ctx->vm);
295 ip4->src_address.as_u32 = bibe->out_addr.as_u32;
296 ((u16 *) (icmp))[2] = bibe->out_port;
298 ip4->dst_address.as_u32 = ste->out_r_addr.as_u32;
302 if (!vec_len (nm->addr_pool))
305 ip4->src_address.as_u32 = nm->addr_pool[0].addr.as_u32;
306 nat64_extract_ip4 (&ip6->dst_address, &ip4->dst_address, fib_index);
313 nat64_in2out_inner_icmp_set_cb (ip6_header_t * ip6, ip4_header_t * ip4,
316 nat64_main_t *nm = &nat64_main;
317 nat64_in2out_set_ctx_t *ctx = arg;
318 nat64_db_st_entry_t *ste;
319 nat64_db_bib_entry_t *bibe;
320 ip46_address_t saddr, daddr;
321 u32 sw_if_index, fib_index;
322 u8 proto = ip6->protocol;
324 sw_if_index = vnet_buffer (ctx->b)->sw_if_index[VLIB_RX];
326 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
328 saddr.as_u64[0] = ip6->src_address.as_u64[0];
329 saddr.as_u64[1] = ip6->src_address.as_u64[1];
330 daddr.as_u64[0] = ip6->dst_address.as_u64[0];
331 daddr.as_u64[1] = ip6->dst_address.as_u64[1];
333 if (proto == IP_PROTOCOL_ICMP6)
335 icmp46_header_t *icmp = ip6_next_header (ip6);
336 u16 in_id = ((u16 *) (icmp))[2];
337 proto = IP_PROTOCOL_ICMP;
340 (icmp->type == ICMP4_echo_request
341 || icmp->type == ICMP4_echo_reply))
345 nat64_db_st_entry_find (&nm->db, &daddr, &saddr, in_id, 0, proto,
350 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
354 ip4->dst_address.as_u32 = bibe->out_addr.as_u32;
355 ((u16 *) (icmp))[2] = bibe->out_port;
356 ip4->src_address.as_u32 = ste->out_r_addr.as_u32;
360 udp_header_t *udp = ip6_next_header (ip6);
361 tcp_header_t *tcp = ip6_next_header (ip6);
365 u16 sport = udp->src_port;
366 u16 dport = udp->dst_port;
369 nat64_db_st_entry_find (&nm->db, &daddr, &saddr, dport, sport, proto,
374 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
378 ip4->dst_address.as_u32 = bibe->out_addr.as_u32;
379 udp->dst_port = bibe->out_port;
380 ip4->src_address.as_u32 = ste->out_r_addr.as_u32;
382 if (proto == IP_PROTOCOL_TCP)
383 checksum = &tcp->checksum;
385 checksum = &udp->checksum;
386 csum = ip_csum_sub_even (*checksum, dport);
387 csum = ip_csum_add_even (csum, udp->dst_port);
388 *checksum = ip_csum_fold (csum);
394 typedef struct unk_proto_st_walk_ctx_t_
396 ip6_address_t src_addr;
397 ip6_address_t dst_addr;
398 ip4_address_t out_addr;
401 } unk_proto_st_walk_ctx_t;
404 unk_proto_st_walk (nat64_db_st_entry_t * ste, void *arg)
406 nat64_main_t *nm = &nat64_main;
407 unk_proto_st_walk_ctx_t *ctx = arg;
408 nat64_db_bib_entry_t *bibe;
409 ip46_address_t saddr, daddr;
411 if (ip46_address_is_equal (&ste->in_r_addr, &ctx->dst_addr))
414 nat64_db_bib_entry_by_index (&nm->db, ste->proto, ste->bibe_index);
418 if (ip46_address_is_equal (&bibe->in_addr, &ctx->src_addr)
419 && bibe->fib_index == ctx->fib_index)
421 memset (&saddr, 0, sizeof (saddr));
422 saddr.ip4.as_u32 = bibe->out_addr.as_u32;
423 memset (&daddr, 0, sizeof (daddr));
424 nat64_extract_ip4 (&ctx->dst_addr, &daddr.ip4, ctx->fib_index);
426 if (nat64_db_st_entry_find
427 (&nm->db, &daddr, &saddr, 0, 0, ctx->proto, ctx->fib_index, 0))
430 ctx->out_addr.as_u32 = bibe->out_addr.as_u32;
439 nat64_in2out_unk_proto_set_cb (ip6_header_t * ip6, ip4_header_t * ip4,
442 nat64_main_t *nm = &nat64_main;
443 nat64_in2out_set_ctx_t *ctx = arg;
444 nat64_db_bib_entry_t *bibe;
445 nat64_db_st_entry_t *ste;
446 ip46_address_t saddr, daddr, addr;
447 u32 sw_if_index, fib_index;
448 u8 proto = ip6->protocol;
451 sw_if_index = vnet_buffer (ctx->b)->sw_if_index[VLIB_RX];
453 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
455 saddr.as_u64[0] = ip6->src_address.as_u64[0];
456 saddr.as_u64[1] = ip6->src_address.as_u64[1];
457 daddr.as_u64[0] = ip6->dst_address.as_u64[0];
458 daddr.as_u64[1] = ip6->dst_address.as_u64[1];
461 nat64_db_st_entry_find (&nm->db, &saddr, &daddr, 0, 0, proto, fib_index,
466 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
473 nat64_db_bib_entry_find (&nm->db, &saddr, 0, proto, fib_index, 1);
477 /* Choose same out address as for TCP/UDP session to same dst */
478 unk_proto_st_walk_ctx_t ctx = {
479 .src_addr.as_u64[0] = ip6->src_address.as_u64[0],
480 .src_addr.as_u64[1] = ip6->src_address.as_u64[1],
481 .dst_addr.as_u64[0] = ip6->dst_address.as_u64[0],
482 .dst_addr.as_u64[1] = ip6->dst_address.as_u64[1],
483 .out_addr.as_u32 = 0,
484 .fib_index = fib_index,
488 nat64_db_st_walk (&nm->db, IP_PROTOCOL_TCP, unk_proto_st_walk,
491 if (!ctx.out_addr.as_u32)
492 nat64_db_st_walk (&nm->db, IP_PROTOCOL_UDP, unk_proto_st_walk,
495 /* Verify if out address is not already in use for protocol */
496 memset (&addr, 0, sizeof (addr));
497 addr.ip4.as_u32 = ctx.out_addr.as_u32;
498 if (nat64_db_bib_entry_find (&nm->db, &addr, 0, proto, 0, 0))
499 ctx.out_addr.as_u32 = 0;
501 if (!ctx.out_addr.as_u32)
503 for (i = 0; i < vec_len (nm->addr_pool); i++)
505 addr.ip4.as_u32 = nm->addr_pool[i].addr.as_u32;
506 if (!nat64_db_bib_entry_find
507 (&nm->db, &addr, 0, proto, 0, 0))
512 if (!ctx.out_addr.as_u32)
516 nat64_db_bib_entry_create (&nm->db, &ip6->src_address,
517 &ctx.out_addr, 0, 0, fib_index, proto,
523 nat64_extract_ip4 (&ip6->dst_address, &daddr.ip4, fib_index);
525 nat64_db_st_entry_create (&nm->db, bibe, &ip6->dst_address,
531 nat64_session_reset_timeout (ste, ctx->vm);
533 ip4->src_address.as_u32 = bibe->out_addr.as_u32;
534 ip4->dst_address.as_u32 = ste->out_r_addr.as_u32;
542 nat64_in2out_tcp_udp_hairpinning (vlib_main_t * vm, vlib_buffer_t * b,
545 nat64_main_t *nm = &nat64_main;
546 nat64_db_bib_entry_t *bibe;
547 nat64_db_st_entry_t *ste;
548 ip46_address_t saddr, daddr;
549 u32 sw_if_index, fib_index;
550 udp_header_t *udp = ip6_next_header (ip6);
551 tcp_header_t *tcp = ip6_next_header (ip6);
552 u8 proto = ip6->protocol;
553 u16 sport = udp->src_port;
554 u16 dport = udp->dst_port;
558 sw_if_index = vnet_buffer (b)->sw_if_index[VLIB_RX];
560 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
562 saddr.as_u64[0] = ip6->src_address.as_u64[0];
563 saddr.as_u64[1] = ip6->src_address.as_u64[1];
564 daddr.as_u64[0] = ip6->dst_address.as_u64[0];
565 daddr.as_u64[1] = ip6->dst_address.as_u64[1];
567 if (proto == IP_PROTOCOL_UDP)
568 checksum = &udp->checksum;
570 checksum = &tcp->checksum;
572 csum = ip_csum_sub_even (*checksum, ip6->src_address.as_u64[0]);
573 csum = ip_csum_sub_even (csum, ip6->src_address.as_u64[1]);
574 csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[0]);
575 csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[1]);
576 csum = ip_csum_sub_even (csum, sport);
577 csum = ip_csum_sub_even (csum, dport);
580 nat64_db_st_entry_find (&nm->db, &saddr, &daddr, sport, dport, proto,
585 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
592 nat64_db_bib_entry_find (&nm->db, &saddr, sport, proto, fib_index, 1);
597 ip4_address_t out_addr;
598 if (nat64_alloc_out_addr_and_port
599 (fib_index, ip_proto_to_snat_proto (proto), &out_addr,
604 nat64_db_bib_entry_create (&nm->db, &ip6->src_address, &out_addr,
605 sport, clib_host_to_net_u16 (out_port),
606 fib_index, proto, 0);
611 nat64_extract_ip4 (&ip6->dst_address, &daddr.ip4, fib_index);
613 nat64_db_st_entry_create (&nm->db, bibe, &ip6->dst_address,
619 nat64_session_reset_timeout (ste, vm);
621 sport = udp->src_port = bibe->out_port;
622 nat64_compose_ip6 (&ip6->src_address, &bibe->out_addr, fib_index);
624 memset (&saddr, 0, sizeof (saddr));
625 memset (&daddr, 0, sizeof (daddr));
626 saddr.ip4.as_u32 = bibe->out_addr.as_u32;
627 daddr.ip4.as_u32 = ste->out_r_addr.as_u32;
630 nat64_db_st_entry_find (&nm->db, &daddr, &saddr, dport, sport, proto, 0,
635 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
641 bibe = nat64_db_bib_entry_find (&nm->db, &daddr, dport, proto, 0, 0);
647 nat64_db_st_entry_create (&nm->db, bibe, &ip6->src_address,
651 ip6->dst_address.as_u64[0] = bibe->in_addr.as_u64[0];
652 ip6->dst_address.as_u64[1] = bibe->in_addr.as_u64[1];
653 udp->dst_port = bibe->in_port;
655 csum = ip_csum_add_even (csum, ip6->src_address.as_u64[0]);
656 csum = ip_csum_add_even (csum, ip6->src_address.as_u64[1]);
657 csum = ip_csum_add_even (csum, ip6->dst_address.as_u64[0]);
658 csum = ip_csum_add_even (csum, ip6->dst_address.as_u64[1]);
659 csum = ip_csum_add_even (csum, udp->src_port);
660 csum = ip_csum_add_even (csum, udp->dst_port);
661 *checksum = ip_csum_fold (csum);
667 nat64_in2out_icmp_hairpinning (vlib_main_t * vm, vlib_buffer_t * b,
670 nat64_main_t *nm = &nat64_main;
671 nat64_db_bib_entry_t *bibe;
672 nat64_db_st_entry_t *ste;
673 icmp46_header_t *icmp = ip6_next_header (ip6);
674 ip6_header_t *inner_ip6;
675 ip46_address_t saddr, daddr;
676 u32 sw_if_index, fib_index;
680 u16 *checksum, sport, dport;
683 if (icmp->type == ICMP6_echo_request || icmp->type == ICMP6_echo_reply)
686 inner_ip6 = (ip6_header_t *) u8_ptr_add (icmp, 8);
688 proto = inner_ip6->protocol;
690 if (proto == IP_PROTOCOL_ICMP6)
693 sw_if_index = vnet_buffer (b)->sw_if_index[VLIB_RX];
695 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
697 saddr.as_u64[0] = inner_ip6->src_address.as_u64[0];
698 saddr.as_u64[1] = inner_ip6->src_address.as_u64[1];
699 daddr.as_u64[0] = inner_ip6->dst_address.as_u64[0];
700 daddr.as_u64[1] = inner_ip6->dst_address.as_u64[1];
702 udp = ip6_next_header (inner_ip6);
703 tcp = ip6_next_header (inner_ip6);
705 sport = udp->src_port;
706 dport = udp->dst_port;
708 if (proto == IP_PROTOCOL_UDP)
709 checksum = &udp->checksum;
711 checksum = &tcp->checksum;
713 csum = ip_csum_sub_even (*checksum, inner_ip6->src_address.as_u64[0]);
714 csum = ip_csum_sub_even (csum, inner_ip6->src_address.as_u64[1]);
715 csum = ip_csum_sub_even (csum, inner_ip6->dst_address.as_u64[0]);
716 csum = ip_csum_sub_even (csum, inner_ip6->dst_address.as_u64[1]);
717 csum = ip_csum_sub_even (csum, sport);
718 csum = ip_csum_sub_even (csum, dport);
721 nat64_db_st_entry_find (&nm->db, &daddr, &saddr, dport, sport, proto,
726 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
730 dport = udp->dst_port = bibe->out_port;
731 nat64_compose_ip6 (&inner_ip6->dst_address, &bibe->out_addr, fib_index);
733 memset (&saddr, 0, sizeof (saddr));
734 memset (&daddr, 0, sizeof (daddr));
735 saddr.ip4.as_u32 = ste->out_r_addr.as_u32;
736 daddr.ip4.as_u32 = bibe->out_addr.as_u32;
739 nat64_db_st_entry_find (&nm->db, &saddr, &daddr, sport, dport, proto, 0,
744 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
748 inner_ip6->src_address.as_u64[0] = bibe->in_addr.as_u64[0];
749 inner_ip6->src_address.as_u64[1] = bibe->in_addr.as_u64[1];
750 udp->src_port = bibe->in_port;
752 csum = ip_csum_add_even (csum, inner_ip6->src_address.as_u64[0]);
753 csum = ip_csum_add_even (csum, inner_ip6->src_address.as_u64[1]);
754 csum = ip_csum_add_even (csum, inner_ip6->dst_address.as_u64[0]);
755 csum = ip_csum_add_even (csum, inner_ip6->dst_address.as_u64[1]);
756 csum = ip_csum_add_even (csum, udp->src_port);
757 csum = ip_csum_add_even (csum, udp->dst_port);
758 *checksum = ip_csum_fold (csum);
760 if (!vec_len (nm->addr_pool))
763 nat64_compose_ip6 (&ip6->src_address, &nm->addr_pool[0].addr, fib_index);
764 ip6->dst_address.as_u64[0] = inner_ip6->src_address.as_u64[0];
765 ip6->dst_address.as_u64[1] = inner_ip6->src_address.as_u64[1];
768 csum = ip_csum_with_carry (0, ip6->payload_length);
769 csum = ip_csum_with_carry (csum, clib_host_to_net_u16 (ip6->protocol));
770 csum = ip_csum_with_carry (csum, ip6->src_address.as_u64[0]);
771 csum = ip_csum_with_carry (csum, ip6->src_address.as_u64[1]);
772 csum = ip_csum_with_carry (csum, ip6->dst_address.as_u64[0]);
773 csum = ip_csum_with_carry (csum, ip6->dst_address.as_u64[1]);
775 ip_incremental_checksum (csum, icmp,
776 clib_net_to_host_u16 (ip6->payload_length));
777 icmp->checksum = ~ip_csum_fold (csum);
783 nat64_in2out_unk_proto_hairpinning (vlib_main_t * vm, vlib_buffer_t * b,
786 nat64_main_t *nm = &nat64_main;
787 nat64_db_bib_entry_t *bibe;
788 nat64_db_st_entry_t *ste;
789 ip46_address_t saddr, daddr, addr;
790 u32 sw_if_index, fib_index;
791 u8 proto = ip6->protocol;
794 sw_if_index = vnet_buffer (b)->sw_if_index[VLIB_RX];
796 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6, sw_if_index);
798 saddr.as_u64[0] = ip6->src_address.as_u64[0];
799 saddr.as_u64[1] = ip6->src_address.as_u64[1];
800 daddr.as_u64[0] = ip6->dst_address.as_u64[0];
801 daddr.as_u64[1] = ip6->dst_address.as_u64[1];
804 nat64_db_st_entry_find (&nm->db, &saddr, &daddr, 0, 0, proto, fib_index,
809 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
816 nat64_db_bib_entry_find (&nm->db, &saddr, 0, proto, fib_index, 1);
820 /* Choose same out address as for TCP/UDP session to same dst */
821 unk_proto_st_walk_ctx_t ctx = {
822 .src_addr.as_u64[0] = ip6->src_address.as_u64[0],
823 .src_addr.as_u64[1] = ip6->src_address.as_u64[1],
824 .dst_addr.as_u64[0] = ip6->dst_address.as_u64[0],
825 .dst_addr.as_u64[1] = ip6->dst_address.as_u64[1],
826 .out_addr.as_u32 = 0,
827 .fib_index = fib_index,
831 nat64_db_st_walk (&nm->db, IP_PROTOCOL_TCP, unk_proto_st_walk,
834 if (!ctx.out_addr.as_u32)
835 nat64_db_st_walk (&nm->db, IP_PROTOCOL_UDP, unk_proto_st_walk,
838 /* Verify if out address is not already in use for protocol */
839 memset (&addr, 0, sizeof (addr));
840 addr.ip4.as_u32 = ctx.out_addr.as_u32;
841 if (nat64_db_bib_entry_find (&nm->db, &addr, 0, proto, 0, 0))
842 ctx.out_addr.as_u32 = 0;
844 if (!ctx.out_addr.as_u32)
846 for (i = 0; i < vec_len (nm->addr_pool); i++)
848 addr.ip4.as_u32 = nm->addr_pool[i].addr.as_u32;
849 if (!nat64_db_bib_entry_find
850 (&nm->db, &addr, 0, proto, 0, 0))
855 if (!ctx.out_addr.as_u32)
859 nat64_db_bib_entry_create (&nm->db, &ip6->src_address,
860 &ctx.out_addr, 0, 0, fib_index, proto,
866 nat64_extract_ip4 (&ip6->dst_address, &daddr.ip4, fib_index);
868 nat64_db_st_entry_create (&nm->db, bibe, &ip6->dst_address,
874 nat64_session_reset_timeout (ste, vm);
876 nat64_compose_ip6 (&ip6->src_address, &bibe->out_addr, fib_index);
878 memset (&saddr, 0, sizeof (saddr));
879 memset (&daddr, 0, sizeof (daddr));
880 saddr.ip4.as_u32 = bibe->out_addr.as_u32;
881 daddr.ip4.as_u32 = ste->out_r_addr.as_u32;
883 ste = nat64_db_st_entry_find (&nm->db, &daddr, &saddr, 0, 0, proto, 0, 0);
887 bibe = nat64_db_bib_entry_by_index (&nm->db, proto, ste->bibe_index);
893 bibe = nat64_db_bib_entry_find (&nm->db, &daddr, 0, proto, 0, 0);
899 nat64_db_st_entry_create (&nm->db, bibe, &ip6->src_address,
903 ip6->dst_address.as_u64[0] = bibe->in_addr.as_u64[0];
904 ip6->dst_address.as_u64[1] = bibe->in_addr.as_u64[1];
910 nat64_in2out_node_fn_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
911 vlib_frame_t * frame, u8 is_slow_path)
913 u32 n_left_from, *from, *to_next;
914 nat64_in2out_next_t next_index;
915 u32 pkts_processed = 0;
916 u32 stats_node_index;
919 is_slow_path ? nat64_in2out_slowpath_node.index : nat64_in2out_node.index;
921 from = vlib_frame_vector_args (frame);
922 n_left_from = frame->n_vectors;
923 next_index = node->cached_next_index;
925 while (n_left_from > 0)
929 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
931 while (n_left_from > 0 && n_left_to_next > 0)
937 u16 l4_offset0, frag_offset0;
940 nat64_in2out_set_ctx_t ctx0;
942 /* speculatively enqueue b0 to the current next frame */
950 b0 = vlib_get_buffer (vm, bi0);
951 ip60 = vlib_buffer_get_current (b0);
956 next0 = NAT64_IN2OUT_NEXT_IP4_LOOKUP;
960 (ip60, b0->current_length, &l4_protocol0, &l4_offset0,
963 next0 = NAT64_IN2OUT_NEXT_DROP;
964 b0->error = node->errors[NAT64_IN2OUT_ERROR_UNKNOWN];
968 proto0 = ip_proto_to_snat_proto (l4_protocol0);
972 if (PREDICT_TRUE (proto0 == ~0))
974 if (is_hairpinning (&ip60->dst_address))
976 next0 = NAT64_IN2OUT_NEXT_IP6_LOOKUP;
977 if (nat64_in2out_unk_proto_hairpinning (vm, b0, ip60))
979 next0 = NAT64_IN2OUT_NEXT_DROP;
981 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
986 if (ip6_to_ip4 (b0, nat64_in2out_unk_proto_set_cb, &ctx0))
988 next0 = NAT64_IN2OUT_NEXT_DROP;
990 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
998 if (PREDICT_FALSE (proto0 == ~0))
1000 next0 = NAT64_IN2OUT_NEXT_SLOWPATH;
1006 (ip60->protocol == IP_PROTOCOL_IPV6_FRAGMENTATION))
1008 next0 = NAT64_IN2OUT_NEXT_REASS;
1012 if (proto0 == SNAT_PROTOCOL_ICMP)
1014 if (is_hairpinning (&ip60->dst_address))
1016 next0 = NAT64_IN2OUT_NEXT_IP6_LOOKUP;
1017 if (nat64_in2out_icmp_hairpinning (vm, b0, ip60))
1019 next0 = NAT64_IN2OUT_NEXT_DROP;
1021 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1027 (b0, nat64_in2out_icmp_set_cb, &ctx0,
1028 nat64_in2out_inner_icmp_set_cb, &ctx0))
1030 next0 = NAT64_IN2OUT_NEXT_DROP;
1031 b0->error = node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1035 else if (proto0 == SNAT_PROTOCOL_TCP || proto0 == SNAT_PROTOCOL_UDP)
1037 if (is_hairpinning (&ip60->dst_address))
1039 next0 = NAT64_IN2OUT_NEXT_IP6_LOOKUP;
1040 if (nat64_in2out_tcp_udp_hairpinning (vm, b0, ip60))
1042 next0 = NAT64_IN2OUT_NEXT_DROP;
1044 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1049 if (ip6_to_ip4_tcp_udp
1050 (b0, nat64_in2out_tcp_udp_set_cb, &ctx0, 0))
1052 next0 = NAT64_IN2OUT_NEXT_DROP;
1053 b0->error = node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1059 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
1060 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
1062 nat64_in2out_trace_t *t =
1063 vlib_add_trace (vm, node, b0, sizeof (*t));
1064 t->sw_if_index = vnet_buffer (b0)->sw_if_index[VLIB_RX];
1065 t->next_index = next0;
1066 t->is_slow_path = is_slow_path;
1069 pkts_processed += next0 != NAT64_IN2OUT_NEXT_DROP;
1071 /* verify speculative enqueue, maybe switch current next frame */
1072 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1073 n_left_to_next, bi0, next0);
1075 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1077 vlib_node_increment_counter (vm, stats_node_index,
1078 NAT64_IN2OUT_ERROR_IN2OUT_PACKETS,
1080 return frame->n_vectors;
1084 nat64_in2out_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node,
1085 vlib_frame_t * frame)
1087 return nat64_in2out_node_fn_inline (vm, node, frame, 0);
1091 VLIB_REGISTER_NODE (nat64_in2out_node) = {
1092 .function = nat64_in2out_node_fn,
1093 .name = "nat64-in2out",
1094 .vector_size = sizeof (u32),
1095 .format_trace = format_nat64_in2out_trace,
1096 .type = VLIB_NODE_TYPE_INTERNAL,
1097 .n_errors = ARRAY_LEN (nat64_in2out_error_strings),
1098 .error_strings = nat64_in2out_error_strings,
1099 .n_next_nodes = NAT64_IN2OUT_N_NEXT,
1100 /* edit / add dispositions here */
1102 [NAT64_IN2OUT_NEXT_DROP] = "error-drop",
1103 [NAT64_IN2OUT_NEXT_IP4_LOOKUP] = "ip4-lookup",
1104 [NAT64_IN2OUT_NEXT_IP6_LOOKUP] = "ip6-lookup",
1105 [NAT64_IN2OUT_NEXT_SLOWPATH] = "nat64-in2out-slowpath",
1106 [NAT64_IN2OUT_NEXT_REASS] = "nat64-in2out-reass",
1111 VLIB_NODE_FUNCTION_MULTIARCH (nat64_in2out_node, nat64_in2out_node_fn);
1114 nat64_in2out_slowpath_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node,
1115 vlib_frame_t * frame)
1117 return nat64_in2out_node_fn_inline (vm, node, frame, 1);
1121 VLIB_REGISTER_NODE (nat64_in2out_slowpath_node) = {
1122 .function = nat64_in2out_slowpath_node_fn,
1123 .name = "nat64-in2out-slowpath",
1124 .vector_size = sizeof (u32),
1125 .format_trace = format_nat64_in2out_trace,
1126 .type = VLIB_NODE_TYPE_INTERNAL,
1127 .n_errors = ARRAY_LEN (nat64_in2out_error_strings),
1128 .error_strings = nat64_in2out_error_strings,
1129 .n_next_nodes = NAT64_IN2OUT_N_NEXT,
1130 /* edit / add dispositions here */
1132 [NAT64_IN2OUT_NEXT_DROP] = "error-drop",
1133 [NAT64_IN2OUT_NEXT_IP4_LOOKUP] = "ip4-lookup",
1134 [NAT64_IN2OUT_NEXT_IP6_LOOKUP] = "ip6-lookup",
1135 [NAT64_IN2OUT_NEXT_SLOWPATH] = "nat64-in2out-slowpath",
1136 [NAT64_IN2OUT_NEXT_REASS] = "nat64-in2out-reass",
1141 VLIB_NODE_FUNCTION_MULTIARCH (nat64_in2out_slowpath_node,
1142 nat64_in2out_slowpath_node_fn);
1144 typedef struct nat64_in2out_frag_set_ctx_t_
1151 } nat64_in2out_frag_set_ctx_t;
1154 nat64_in2out_frag_set_cb (ip6_header_t * ip6, ip4_header_t * ip4, void *arg)
1156 nat64_main_t *nm = &nat64_main;
1157 nat64_in2out_frag_set_ctx_t *ctx = arg;
1158 nat64_db_st_entry_t *ste;
1159 nat64_db_bib_entry_t *bibe;
1162 ste = nat64_db_st_entry_by_index (&nm->db, ctx->proto, ctx->sess_index);
1166 bibe = nat64_db_bib_entry_by_index (&nm->db, ctx->proto, ste->bibe_index);
1170 nat64_session_reset_timeout (ste, ctx->vm);
1172 if (ctx->first_frag)
1174 udp = (udp_header_t *) u8_ptr_add (ip6, ctx->l4_offset);
1176 if (ctx->proto == IP_PROTOCOL_TCP)
1180 tcp_header_t *tcp = (tcp_header_t *) udp;
1182 checksum = &tcp->checksum;
1183 csum = ip_csum_sub_even (*checksum, tcp->src_port);
1184 csum = ip_csum_sub_even (csum, ip6->src_address.as_u64[0]);
1185 csum = ip_csum_sub_even (csum, ip6->src_address.as_u64[1]);
1186 csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[0]);
1187 csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[1]);
1188 csum = ip_csum_add_even (csum, bibe->out_port);
1189 csum = ip_csum_add_even (csum, bibe->out_addr.as_u32);
1190 csum = ip_csum_add_even (csum, ste->out_r_addr.as_u32);
1191 *checksum = ip_csum_fold (csum);
1194 udp->src_port = bibe->out_port;
1197 ip4->src_address.as_u32 = bibe->out_addr.as_u32;
1198 ip4->dst_address.as_u32 = ste->out_r_addr.as_u32;
1204 nat64_in2out_frag_hairpinning (vlib_buffer_t * b, ip6_header_t * ip6,
1205 nat64_in2out_frag_set_ctx_t * ctx)
1207 nat64_main_t *nm = &nat64_main;
1208 nat64_db_st_entry_t *ste;
1209 nat64_db_bib_entry_t *bibe;
1210 udp_header_t *udp = (udp_header_t *) u8_ptr_add (ip6, ctx->l4_offset);
1211 tcp_header_t *tcp = (tcp_header_t *) udp;
1212 u16 sport = udp->src_port;
1213 u16 dport = udp->dst_port;
1216 ip46_address_t saddr, daddr;
1218 if (ctx->first_frag)
1220 if (ctx->proto == IP_PROTOCOL_UDP)
1221 checksum = &udp->checksum;
1223 checksum = &tcp->checksum;
1225 csum = ip_csum_sub_even (*checksum, ip6->src_address.as_u64[0]);
1226 csum = ip_csum_sub_even (csum, ip6->src_address.as_u64[1]);
1227 csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[0]);
1228 csum = ip_csum_sub_even (csum, ip6->dst_address.as_u64[1]);
1229 csum = ip_csum_sub_even (csum, sport);
1230 csum = ip_csum_sub_even (csum, dport);
1233 ste = nat64_db_st_entry_by_index (&nm->db, ctx->proto, ctx->sess_index);
1237 bibe = nat64_db_bib_entry_by_index (&nm->db, ctx->proto, ste->bibe_index);
1241 nat64_session_reset_timeout (ste, ctx->vm);
1243 sport = bibe->out_port;
1244 dport = ste->r_port;
1246 nat64_compose_ip6 (&ip6->src_address, &bibe->out_addr, bibe->fib_index);
1248 memset (&saddr, 0, sizeof (saddr));
1249 memset (&daddr, 0, sizeof (daddr));
1250 saddr.ip4.as_u32 = bibe->out_addr.as_u32;
1251 daddr.ip4.as_u32 = ste->out_r_addr.as_u32;
1254 nat64_db_st_entry_find (&nm->db, &daddr, &saddr, dport, sport, ctx->proto,
1260 nat64_db_bib_entry_by_index (&nm->db, ctx->proto, ste->bibe_index);
1267 nat64_db_bib_entry_find (&nm->db, &daddr, dport, ctx->proto, 0, 0);
1273 nat64_db_st_entry_create (&nm->db, bibe, &ip6->src_address,
1277 ip6->dst_address.as_u64[0] = bibe->in_addr.as_u64[0];
1278 ip6->dst_address.as_u64[1] = bibe->in_addr.as_u64[1];
1280 if (ctx->first_frag)
1282 udp->dst_port = bibe->in_port;
1283 udp->src_port = sport;
1284 csum = ip_csum_add_even (csum, ip6->src_address.as_u64[0]);
1285 csum = ip_csum_add_even (csum, ip6->src_address.as_u64[1]);
1286 csum = ip_csum_add_even (csum, ip6->dst_address.as_u64[0]);
1287 csum = ip_csum_add_even (csum, ip6->dst_address.as_u64[1]);
1288 csum = ip_csum_add_even (csum, udp->src_port);
1289 csum = ip_csum_add_even (csum, udp->dst_port);
1290 *checksum = ip_csum_fold (csum);
1297 nat64_in2out_reass_node_fn (vlib_main_t * vm,
1298 vlib_node_runtime_t * node, vlib_frame_t * frame)
1300 u32 n_left_from, *from, *to_next;
1301 nat64_in2out_next_t next_index;
1302 u32 pkts_processed = 0;
1303 u32 *fragments_to_drop = 0;
1304 u32 *fragments_to_loopback = 0;
1305 nat64_main_t *nm = &nat64_main;
1307 from = vlib_frame_vector_args (frame);
1308 n_left_from = frame->n_vectors;
1309 next_index = node->cached_next_index;
1311 while (n_left_from > 0)
1315 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1317 while (n_left_from > 0 && n_left_to_next > 0)
1324 u16 l4_offset0, frag_offset0;
1326 nat_reass_ip6_t *reass0;
1327 ip6_frag_hdr_t *frag0;
1328 nat64_db_bib_entry_t *bibe0;
1329 nat64_db_st_entry_t *ste0;
1331 snat_protocol_t proto0;
1332 u32 sw_if_index0, fib_index0;
1333 ip46_address_t saddr0, daddr0;
1334 nat64_in2out_frag_set_ctx_t ctx0;
1336 /* speculatively enqueue b0 to the current next frame */
1342 n_left_to_next -= 1;
1344 b0 = vlib_get_buffer (vm, bi0);
1345 next0 = NAT64_IN2OUT_NEXT_IP4_LOOKUP;
1347 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
1349 fib_table_get_index_for_sw_if_index (FIB_PROTOCOL_IP6,
1352 if (PREDICT_FALSE (nat_reass_is_drop_frag (1)))
1354 next0 = NAT64_IN2OUT_NEXT_DROP;
1355 b0->error = node->errors[NAT64_IN2OUT_ERROR_DROP_FRAGMENT];
1359 ip60 = (ip6_header_t *) vlib_buffer_get_current (b0);
1363 (ip60, b0->current_length, &l4_protocol0, &l4_offset0,
1366 next0 = NAT64_IN2OUT_NEXT_DROP;
1367 b0->error = node->errors[NAT64_IN2OUT_ERROR_UNKNOWN];
1372 (!(l4_protocol0 == IP_PROTOCOL_TCP
1373 || l4_protocol0 == IP_PROTOCOL_UDP)))
1375 next0 = NAT64_IN2OUT_NEXT_DROP;
1376 b0->error = node->errors[NAT64_IN2OUT_ERROR_DROP_FRAGMENT];
1380 udp0 = (udp_header_t *) u8_ptr_add (ip60, l4_offset0);
1381 frag0 = (ip6_frag_hdr_t *) u8_ptr_add (ip60, frag_offset0);
1382 proto0 = ip_proto_to_snat_proto (l4_protocol0);
1384 reass0 = nat_ip6_reass_find_or_create (ip60->src_address,
1386 frag0->identification,
1388 1, &fragments_to_drop);
1390 if (PREDICT_FALSE (!reass0))
1392 next0 = NAT64_IN2OUT_NEXT_DROP;
1393 b0->error = node->errors[NAT64_IN2OUT_ERROR_MAX_REASS];
1397 if (PREDICT_TRUE (ip6_frag_hdr_offset (frag0)))
1399 ctx0.first_frag = 0;
1400 if (PREDICT_FALSE (reass0->sess_index == (u32) ~ 0))
1402 if (nat_ip6_reass_add_fragment (reass0, bi0))
1404 b0->error = node->errors[NAT64_IN2OUT_ERROR_MAX_FRAG];
1405 next0 = NAT64_IN2OUT_NEXT_DROP;
1414 ctx0.first_frag = 1;
1416 saddr0.as_u64[0] = ip60->src_address.as_u64[0];
1417 saddr0.as_u64[1] = ip60->src_address.as_u64[1];
1418 daddr0.as_u64[0] = ip60->dst_address.as_u64[0];
1419 daddr0.as_u64[1] = ip60->dst_address.as_u64[1];
1422 nat64_db_st_entry_find (&nm->db, &saddr0, &daddr0,
1423 udp0->src_port, udp0->dst_port,
1424 l4_protocol0, fib_index0, 1);
1428 nat64_db_bib_entry_find (&nm->db, &saddr0, udp0->src_port,
1429 l4_protocol0, fib_index0, 1);
1433 ip4_address_t out_addr0;
1434 if (nat64_alloc_out_addr_and_port
1435 (fib_index0, proto0, &out_addr0, &out_port0))
1437 next0 = NAT64_IN2OUT_NEXT_DROP;
1439 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1444 nat64_db_bib_entry_create (&nm->db,
1446 &out_addr0, udp0->src_port,
1447 clib_host_to_net_u16
1448 (out_port0), fib_index0,
1452 next0 = NAT64_IN2OUT_NEXT_DROP;
1454 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1458 nat64_extract_ip4 (&ip60->dst_address, &daddr0.ip4,
1461 nat64_db_st_entry_create (&nm->db, bibe0,
1462 &ip60->dst_address, &daddr0.ip4,
1466 next0 = NAT64_IN2OUT_NEXT_DROP;
1468 node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1472 reass0->sess_index =
1473 nat64_db_st_entry_get_index (&nm->db, ste0);
1475 nat_ip6_reass_get_frags (reass0, &fragments_to_loopback);
1478 ctx0.sess_index = reass0->sess_index;
1479 ctx0.proto = l4_protocol0;
1481 ctx0.l4_offset = l4_offset0;
1483 if (PREDICT_FALSE (is_hairpinning (&ip60->dst_address)))
1485 next0 = NAT64_IN2OUT_NEXT_IP6_LOOKUP;
1486 if (nat64_in2out_frag_hairpinning (b0, ip60, &ctx0))
1488 next0 = NAT64_IN2OUT_NEXT_DROP;
1489 b0->error = node->errors[NAT64_IN2OUT_ERROR_NO_TRANSLATION];
1495 if (ip6_to_ip4_fragmented (b0, nat64_in2out_frag_set_cb, &ctx0))
1497 next0 = NAT64_IN2OUT_NEXT_DROP;
1498 b0->error = node->errors[NAT64_IN2OUT_ERROR_UNKNOWN];
1505 ((node->flags & VLIB_NODE_FLAG_TRACE)
1506 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
1508 nat64_in2out_reass_trace_t *t =
1509 vlib_add_trace (vm, node, b0, sizeof (*t));
1510 t->cached = cached0;
1511 t->sw_if_index = sw_if_index0;
1512 t->next_index = next0;
1522 pkts_processed += next0 != NAT64_IN2OUT_NEXT_DROP;
1524 /* verify speculative enqueue, maybe switch current next frame */
1525 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
1526 to_next, n_left_to_next,
1530 if (n_left_from == 0 && vec_len (fragments_to_loopback))
1532 from = vlib_frame_vector_args (frame);
1533 u32 len = vec_len (fragments_to_loopback);
1534 if (len <= VLIB_FRAME_SIZE)
1536 clib_memcpy (from, fragments_to_loopback,
1537 sizeof (u32) * len);
1539 vec_reset_length (fragments_to_loopback);
1544 fragments_to_loopback + (len -
1546 sizeof (u32) * VLIB_FRAME_SIZE);
1547 n_left_from = VLIB_FRAME_SIZE;
1548 _vec_len (fragments_to_loopback) = len - VLIB_FRAME_SIZE;
1553 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1556 vlib_node_increment_counter (vm, nat64_in2out_reass_node.index,
1557 NAT64_IN2OUT_ERROR_IN2OUT_PACKETS,
1560 nat_send_all_to_node (vm, fragments_to_drop, node,
1561 &node->errors[NAT64_IN2OUT_ERROR_DROP_FRAGMENT],
1562 NAT64_IN2OUT_NEXT_DROP);
1564 vec_free (fragments_to_drop);
1565 vec_free (fragments_to_loopback);
1566 return frame->n_vectors;
1570 VLIB_REGISTER_NODE (nat64_in2out_reass_node) = {
1571 .function = nat64_in2out_reass_node_fn,
1572 .name = "nat64-in2out-reass",
1573 .vector_size = sizeof (u32),
1574 .format_trace = format_nat64_in2out_reass_trace,
1575 .type = VLIB_NODE_TYPE_INTERNAL,
1576 .n_errors = ARRAY_LEN (nat64_in2out_error_strings),
1577 .error_strings = nat64_in2out_error_strings,
1578 .n_next_nodes = NAT64_IN2OUT_N_NEXT,
1579 /* edit / add dispositions here */
1581 [NAT64_IN2OUT_NEXT_DROP] = "error-drop",
1582 [NAT64_IN2OUT_NEXT_IP4_LOOKUP] = "ip4-lookup",
1583 [NAT64_IN2OUT_NEXT_IP6_LOOKUP] = "ip6-lookup",
1584 [NAT64_IN2OUT_NEXT_SLOWPATH] = "nat64-in2out-slowpath",
1585 [NAT64_IN2OUT_NEXT_REASS] = "nat64-in2out-reass",
1590 VLIB_NODE_FUNCTION_MULTIARCH (nat64_in2out_reass_node,
1591 nat64_in2out_reass_node_fn);
1594 * fd.io coding-style-patch-verification: ON
1597 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob