src/plugins/nat/nat66.c

   1 /*
   2  * Copyright (c) 2018 Cisco and/or its affiliates.
   3  * Licensed under the Apache License, Version 2.0 (the "License");
   4  * you may not use this file except in compliance with the License.
   5  * You may obtain a copy of the License at:
   6  *
   7  *     http://www.apache.org/licenses/LICENSE-2.0
   8  *
   9  * Unless required by applicable law or agreed to in writing, software
  10  * distributed under the License is distributed on an "AS IS" BASIS,
  11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12  * See the License for the specific language governing permissions and
  13  * limitations under the License.
  14  */
  15 /**
  16  * @file
  17  * @brief NAT66 implementation
  18  */
  19
  20 #include <nat/nat66.h>
  21 #include <vnet/fib/fib_table.h>
  22
  23 nat66_main_t nat66_main;
  24
  25 /* *INDENT-OFF* */
  26
  27 /* Hook up input features */
  28 VNET_FEATURE_INIT (nat66_in2out, static) = {
  29   .arc_name = "ip6-unicast",
  30   .node_name = "nat66-in2out",
  31   .runs_before = VNET_FEATURES ("ip6-lookup"),
  32 };
  33 VNET_FEATURE_INIT (nat66_out2in, static) = {
  34   .arc_name = "ip6-unicast",
  35   .node_name = "nat66-out2in",
  36   .runs_before = VNET_FEATURES ("ip6-lookup"),
  37 };
  38
  39 /* *INDENT-ON* */
  40
  41
  42 void
  43 nat66_init (vlib_main_t * vm)
  44 {
  45   nat66_main_t *nm = &nat66_main;
  46   vlib_node_t *node;
  47   u32 static_mapping_buckets = 1024;
  48   uword static_mapping_memory_size = 64 << 20;
  49
  50   node = vlib_get_node_by_name (vm, (u8 *) "nat66-in2out");
  51   nm->in2out_node_index = node->index;
  52
  53   node = vlib_get_node_by_name (vm, (u8 *) "nat66-out2in");
  54   nm->out2in_node_index = node->index;
  55
  56   clib_bihash_init_24_8 (&nm->sm_l, "nat66-static-map-by-local",
  57                          static_mapping_buckets, static_mapping_memory_size);
  58   clib_bihash_init_24_8 (&nm->sm_e, "nat66-static-map-by-external",
  59                          static_mapping_buckets, static_mapping_memory_size);
  60
  61   nm->session_counters.name = "session counters";
  62 }
  63
  64 int
  65 nat66_interface_add_del (u32 sw_if_index, u8 is_inside, u8 is_add)
  66 {
  67   nat66_main_t *nm = &nat66_main;
  68   snat_interface_t *interface = 0, *i;
  69   const char *feature_name;
  70
  71   /* *INDENT-OFF* */
  72   pool_foreach (i, nm->interfaces,
  73   ({
  74     if (i->sw_if_index == sw_if_index)
  75       {
  76         interface = i;
  77         break;
  78       }
  79   }));
  80   /* *INDENT-ON* */
  81
  82   if (is_add)
  83     {
  84       if (interface)
  85         return VNET_API_ERROR_VALUE_EXIST;
  86
  87       pool_get (nm->interfaces, interface);
  88       interface->sw_if_index = sw_if_index;
  89       interface->flags =
  90         is_inside ? NAT_INTERFACE_FLAG_IS_INSIDE :
  91         NAT_INTERFACE_FLAG_IS_OUTSIDE;
  92     }
  93   else
  94     {
  95       if (!interface)
  96         return VNET_API_ERROR_NO_SUCH_ENTRY;
  97
  98       pool_put (nm->interfaces, interface);
  99     }
 100
 101   feature_name = is_inside ? "nat66-in2out" : "nat66-out2in";
 102   return vnet_feature_enable_disable ("ip6-unicast", feature_name,
 103                                       sw_if_index, is_add, 0, 0);
 104 }
 105
 106 void
 107 nat66_interfaces_walk (nat66_interface_walk_fn_t fn, void *ctx)
 108 {
 109   nat66_main_t *nm = &nat66_main;
 110   snat_interface_t *i = 0;
 111
 112   /* *INDENT-OFF* */
 113   pool_foreach (i, nm->interfaces,
 114   ({
 115     if (fn (i, ctx))
 116       break;
 117   }));
 118   /* *INDENT-ON* */
 119 }
 120
 121 nat66_static_mapping_t *
 122 nat66_static_mapping_get (ip6_address_t * addr, u32 fib_index, u8 is_local)
 123 {
 124   nat66_main_t *nm = &nat66_main;
 125   nat66_static_mapping_t *sm = 0;
 126   nat66_sm_key_t sm_key;
 127   clib_bihash_kv_24_8_t kv, value;
 128
 129   sm_key.addr.as_u64[0] = addr->as_u64[0];
 130   sm_key.addr.as_u64[1] = addr->as_u64[1];
 131   sm_key.fib_index = fib_index;
 132   sm_key.rsvd = 0;
 133
 134   kv.key[0] = sm_key.as_u64[0];
 135   kv.key[1] = sm_key.as_u64[1];
 136   kv.key[2] = sm_key.as_u64[2];
 137
 138   if (!clib_bihash_search_24_8
 139       (is_local ? &nm->sm_l : &nm->sm_e, &kv, &value))
 140     sm = pool_elt_at_index (nm->sm, value.value);
 141
 142   return sm;
 143 }
 144
 145 int
 146 nat66_static_mapping_add_del (ip6_address_t * l_addr, ip6_address_t * e_addr,
 147                               u32 vrf_id, u8 is_add)
 148 {
 149   nat66_main_t *nm = &nat66_main;
 150   int rv = 0;
 151   nat66_static_mapping_t *sm = 0;
 152   nat66_sm_key_t sm_key;
 153   clib_bihash_kv_24_8_t kv, value;
 154   u32 fib_index = fib_table_find (FIB_PROTOCOL_IP6, vrf_id);
 155
 156   sm_key.addr.as_u64[0] = l_addr->as_u64[0];
 157   sm_key.addr.as_u64[1] = l_addr->as_u64[1];
 158   sm_key.fib_index = fib_index;
 159   sm_key.rsvd = 0;
 160   kv.key[0] = sm_key.as_u64[0];
 161   kv.key[1] = sm_key.as_u64[1];
 162   kv.key[2] = sm_key.as_u64[2];
 163
 164   if (!clib_bihash_search_24_8 (&nm->sm_l, &kv, &value))
 165     sm = pool_elt_at_index (nm->sm, value.value);
 166
 167   if (is_add)
 168     {
 169       if (sm)
 170         return VNET_API_ERROR_VALUE_EXIST;
 171
 172       fib_index = fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP6, vrf_id,
 173                                                      nat_fib_src_hi);
 174       pool_get (nm->sm, sm);
 175       clib_memset (sm, 0, sizeof (*sm));
 176       sm->l_addr.as_u64[0] = l_addr->as_u64[0];
 177       sm->l_addr.as_u64[1] = l_addr->as_u64[1];
 178       sm->e_addr.as_u64[0] = e_addr->as_u64[0];
 179       sm->e_addr.as_u64[1] = e_addr->as_u64[1];
 180       sm->fib_index = fib_index;
 181
 182       sm_key.fib_index = fib_index;
 183       kv.key[0] = sm_key.as_u64[0];
 184       kv.key[1] = sm_key.as_u64[1];
 185       kv.key[2] = sm_key.as_u64[2];
 186       kv.value = sm - nm->sm;
 187       if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 1))
 188         nat_elog_warn ("nat66-static-map-by-local add key failed");
 189       sm_key.addr.as_u64[0] = e_addr->as_u64[0];
 190       sm_key.addr.as_u64[1] = e_addr->as_u64[1];
 191       sm_key.fib_index = 0;
 192       kv.key[0] = sm_key.as_u64[0];
 193       kv.key[1] = sm_key.as_u64[1];
 194       kv.key[2] = sm_key.as_u64[2];
 195       if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 1))
 196         nat_elog_warn ("nat66-static-map-by-external add key failed");
 197
 198       vlib_validate_combined_counter (&nm->session_counters, kv.value);
 199       vlib_zero_combined_counter (&nm->session_counters, kv.value);
 200     }
 201   else
 202     {
 203       if (!sm)
 204         return VNET_API_ERROR_NO_SUCH_ENTRY;
 205
 206       kv.value = sm - nm->sm;
 207       if (clib_bihash_add_del_24_8 (&nm->sm_l, &kv, 0))
 208         nat_elog_warn ("nat66-static-map-by-local delete key failed");
 209       sm_key.addr.as_u64[0] = e_addr->as_u64[0];
 210       sm_key.addr.as_u64[1] = e_addr->as_u64[1];
 211       sm_key.fib_index = 0;
 212       kv.key[0] = sm_key.as_u64[0];
 213       kv.key[1] = sm_key.as_u64[1];
 214       kv.key[2] = sm_key.as_u64[2];
 215       if (clib_bihash_add_del_24_8 (&nm->sm_e, &kv, 0))
 216         nat_elog_warn ("nat66-static-map-by-external delete key failed");
 217       fib_table_unlock (sm->fib_index, FIB_PROTOCOL_IP6, nat_fib_src_hi);
 218       pool_put (nm->sm, sm);
 219     }
 220
 221   return rv;
 222 }
 223
 224 void
 225 nat66_static_mappings_walk (nat66_static_mapping_walk_fn_t fn, void *ctx)
 226 {
 227   nat66_main_t *nm = &nat66_main;
 228   nat66_static_mapping_t *sm = 0;
 229
 230   /* *INDENT-OFF* */
 231   pool_foreach (sm, nm->sm,
 232   ({
 233     if (fn (sm, ctx))
 234       break;
 235   }));
 236   /* *INDENT-ON* */
 237 }
 238
 239 /*
 240  * fd.io coding-style-patch-verification: ON
 241  *
 242  * Local Variables:
 243  * eval: (c-set-style "gnu")
 244  * End:
 245  */