IP6_MAPT_FRAGMENTED_N_NEXT
} ip6_mapt_fragmented_next_t;
-static_always_inline int
-ip6_map_fragment_cache (ip6_header_t * ip6, ip6_frag_hdr_t * frag,
- map_domain_t * d, u16 port)
-{
- u32 *ignore = NULL;
- map_ip4_reass_lock ();
- map_ip4_reass_t *r =
- map_ip4_reass_get (map_get_ip4 (&ip6->src_address, d->ip6_src_len),
- ip6_map_t_embedded_address (d, &ip6->dst_address),
- frag_id_6to4 (frag->identification),
- (ip6->protocol ==
- IP_PROTOCOL_ICMP6) ? IP_PROTOCOL_ICMP : ip6->protocol,
- &ignore);
- if (r)
- r->port = port;
-
- map_ip4_reass_unlock ();
- return !r;
-}
-
-/* Returns the associated port or -1 */
-static_always_inline i32
-ip6_map_fragment_get (ip6_header_t * ip6, ip6_frag_hdr_t * frag,
- map_domain_t * d)
-{
- u32 *ignore = NULL;
- map_ip4_reass_lock ();
- map_ip4_reass_t *r =
- map_ip4_reass_get (map_get_ip4 (&ip6->src_address, d->ip6_src_len),
- ip6_map_t_embedded_address (d, &ip6->dst_address),
- frag_id_6to4 (frag->identification),
- (ip6->protocol ==
- IP_PROTOCOL_ICMP6) ? IP_PROTOCOL_ICMP : ip6->protocol,
- &ignore);
- i32 ret = r ? r->port : -1;
- map_ip4_reass_unlock ();
- return ret;
-}
-
typedef struct
{
map_domain_t *d;
d0 =
pool_elt_at_index (map_main.domains,
vnet_buffer (p0)->map_t.map_domain_index);
- ctx0.sender_port = ip6_get_port (ip60, 0, p0->current_length);
ctx0.d = d0;
- if (ctx0.sender_port == 0)
+ ctx0.sender_port = 0;
+ if (!ip6_get_port
+ (vm, p0, ip60, p0->current_length, NULL, &ctx0.sender_port,
+ NULL, NULL, NULL, NULL))
{
// In case of 1:1 mapping, we don't care about the port
if (!(d0->ea_bits_len == 0 && d0->rules))
}
}
- if (icmp6_to_icmp
- (p0, ip6_to_ip4_set_icmp_cb, &ctx0,
- ip6_to_ip4_set_inner_icmp_cb, &ctx0))
+ if (icmp6_to_icmp (vm, p0, ip6_to_ip4_set_icmp_cb, &ctx0,
+ ip6_to_ip4_set_inner_icmp_cb, &ctx0))
{
error0 = MAP_ERROR_ICMP;
goto err0;
{
// Send to fragmentation node if necessary
vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
- vnet_buffer (p0)->ip_frag.next_index = IP4_FRAG_NEXT_IP4_LOOKUP;
+ vnet_buffer (p0)->ip_frag.next_index = IP_FRAG_NEXT_IP4_LOOKUP;
next0 = IP6_MAPT_ICMP_NEXT_IP4_FRAG;
}
err0:
* Translate IPv6 fragmented packet to IPv4.
*/
always_inline int
-map_ip6_to_ip4_fragmented (vlib_buffer_t * p)
+map_ip6_to_ip4_fragmented (vlib_main_t * vm, vlib_buffer_t * p)
{
ip6_header_t *ip6;
ip6_frag_hdr_t *frag;
ip6 = vlib_buffer_get_current (p);
if (ip6_parse
- (ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset))
+ (vm, p, ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset))
return -1;
frag = (ip6_frag_hdr_t *) u8_ptr_add (ip6, frag_offset);
ip4->ip_version_and_header_length =
IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS;
- ip4->tos = ip6_translate_tos (ip6);
+ ip4->tos = ip6_translate_tos (ip6->ip_version_traffic_class_and_flow_label);
ip4->length =
u16_net_add (ip6->payload_length,
sizeof (*ip4) - l4_offset + sizeof (*ip6));
next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP;
p0 = vlib_get_buffer (vm, pi0);
- if (map_ip6_to_ip4_fragmented (p0))
+ if (map_ip6_to_ip4_fragmented (vm, p0))
{
p0->error = error_node->errors[MAP_ERROR_FRAGMENT_DROPPED];
next0 = IP6_MAPT_FRAGMENTED_NEXT_DROP;
// Send to fragmentation node if necessary
vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
vnet_buffer (p0)->ip_frag.next_index =
- IP4_FRAG_NEXT_IP4_LOOKUP;
+ IP_FRAG_NEXT_IP4_LOOKUP;
next0 = IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG;
}
}
* Translate IPv6 UDP/TCP packet to IPv4.
*/
always_inline int
-map_ip6_to_ip4_tcp_udp (vlib_buffer_t * p, bool udp_checksum)
+map_ip6_to_ip4_tcp_udp (vlib_main_t * vm, vlib_buffer_t * p,
+ bool udp_checksum)
{
map_main_t *mm = &map_main;
ip6_header_t *ip6;
ip6 = vlib_buffer_get_current (p);
if (ip6_parse
- (ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset))
+ (vm, p, ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset))
return -1;
if (l4_protocol == IP_PROTOCOL_TCP)
ip4->ip_version_and_header_length =
IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS;
- ip4->tos = ip6_translate_tos (ip6);
+ ip4->tos = ip6_translate_tos (ip6->ip_version_traffic_class_and_flow_label);
ip4->length =
u16_net_add (ip6->payload_length,
sizeof (*ip4) + sizeof (*ip6) - l4_offset);
p0 = vlib_get_buffer (vm, pi0);
- if (map_ip6_to_ip4_tcp_udp (p0, true))
+ if (map_ip6_to_ip4_tcp_udp (vm, p0, true))
{
p0->error = error_node->errors[MAP_ERROR_UNKNOWN];
next0 = IP6_MAPT_TCP_UDP_NEXT_DROP;
// Send to fragmentation node if necessary
vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu;
vnet_buffer (p0)->ip_frag.next_index =
- IP4_FRAG_NEXT_IP4_LOOKUP;
+ IP_FRAG_NEXT_IP4_LOOKUP;
next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG;
}
}
to_next += 1;
n_left_to_next -= 1;
error0 = MAP_ERROR_NONE;
-
p0 = vlib_get_buffer (vm, pi0);
+ u16 l4_src_port = vnet_buffer (p0)->ip.reass.l4_src_port;
+
ip60 = vlib_buffer_get_current (p0);
d0 =
vnet_buffer (p0)->map_t.mtu = d0->mtu ? d0->mtu : ~0;
if (PREDICT_FALSE
- (ip6_parse (ip60, p0->current_length,
+ (ip6_parse (vm, p0, ip60, p0->current_length,
&(vnet_buffer (p0)->map_t.v6.l4_protocol),
&(vnet_buffer (p0)->map_t.v6.l4_offset),
&(vnet_buffer (p0)->map_t.v6.frag_offset))))
(vnet_buffer (p0)->map_t.v6.frag_offset
&& ip6_frag_hdr_offset (frag0)))
{
- map_port0 = ip6_map_fragment_get (ip60, frag0, d0);
- if (map_port0 == -1)
- error0 =
- error0 ==
- MAP_ERROR_NONE ? MAP_ERROR_FRAGMENT_MEMORY : error0;
- else
- next0 = IP6_MAPT_NEXT_MAPT_FRAGMENTED;
+ map_port0 = l4_src_port;
+ next0 = IP6_MAPT_NEXT_MAPT_FRAGMENTED;
}
else
if (PREDICT_TRUE
vnet_buffer (p0)->map_t.checksum_offset =
vnet_buffer (p0)->map_t.v6.l4_offset + 16;
next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
- map_port0 =
- (i32) *
- ((u16 *)
- u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
+ map_port0 = l4_src_port;
}
else
if (PREDICT_TRUE
vnet_buffer (p0)->map_t.checksum_offset =
vnet_buffer (p0)->map_t.v6.l4_offset + 6;
next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP;
- map_port0 =
- (i32) *
- ((u16 *)
- u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset));
+ map_port0 = l4_src_port;
}
else if (vnet_buffer (p0)->map_t.v6.l4_protocol ==
IP_PROTOCOL_ICMP6)
u8_ptr_add (ip60,
vnet_buffer (p0)->map_t.v6.l4_offset))->
code == ICMP6_echo_request)
- map_port0 =
- (i32) *
- ((u16 *)
- u8_ptr_add (ip60,
- vnet_buffer (p0)->map_t.v6.l4_offset + 6));
+ map_port0 = l4_src_port;
}
else
{
error0 == MAP_ERROR_NONE ? MAP_ERROR_SEC_CHECK : error0;
}
- // Fragmented first packet needs to be cached for following packets
- if (PREDICT_FALSE
- (vnet_buffer (p0)->map_t.v6.frag_offset
- && !ip6_frag_hdr_offset ((ip6_frag_hdr_t *)
- u8_ptr_add (ip60,
- vnet_buffer (p0)->map_t.
- v6.frag_offset)))
- && (map_port0 != -1) && (d0->ea_bits_len != 0 || !d0->rules)
- && (error0 == MAP_ERROR_NONE))
- {
- ip6_map_fragment_cache (ip60,
- (ip6_frag_hdr_t *) u8_ptr_add (ip60,
- vnet_buffer
- (p0)->
- map_t.v6.
- frag_offset),
- d0, map_port0);
- }
-
if (PREDICT_TRUE
(error0 == MAP_ERROR_NONE && next0 != IP6_MAPT_NEXT_MAPT_ICMP))
{
next0 = (error0 != MAP_ERROR_NONE) ? IP6_MAPT_NEXT_DROP : next0;
p0->error = error_node->errors[error0];
+ if (PREDICT_FALSE (p0->flags & VLIB_BUFFER_IS_TRACED))
+ {
+ map_add_trace (vm, node, p0,
+ vnet_buffer (p0)->map_t.map_domain_index,
+ map_port0);
+ }
exit:
vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
to_next, n_left_to_next, pi0,
/* *INDENT-ON* */
/* *INDENT-OFF* */
-VNET_FEATURE_INIT(ip4_map_t_feature, static) = {
- .arc_name = "ip6-unicast",
- .node_name = "ip6-map-t",
- .runs_before = VNET_FEATURES("ip6-flow-classify"),
+VNET_FEATURE_INIT (ip6_map_t_feature, static) = {
+ .arc_name = "ip6-unicast",
+ .node_name = "ip6-map-t",
+ .runs_before = VNET_FEATURES ("ip6-flow-classify"),
+ .runs_after = VNET_FEATURES ("ip6-sv-reassembly-feature"),
};
VLIB_REGISTER_NODE(ip6_map_t_node) = {
Code Review / vpp.git / blobdiff