From 4a280716a61dc84544ec1ade1e966cfd7e1abbce Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Mon, 25 Mar 2019 12:11:20 +0100 Subject: [PATCH] Rewrite code to use unique destination networks --- p4app/controller.py | 33 ++++++++++++++++++++++++++------- p4src/static-mapping.p4 | 4 ++-- 2 files changed, 28 insertions(+), 9 deletions(-) diff --git a/p4app/controller.py b/p4app/controller.py index c2ae8ee..a9fea7f 100755 --- a/p4app/controller.py +++ b/p4app/controller.py @@ -54,13 +54,17 @@ class L2Controller(object): self.info['ipv6_link_local'] = ipaddress.ip_address("fe80::200:aff:fe00:42") self.info['v6_mask'] = 64 + self.info['v6_nat64_mask'] = 96 self.info['v6_base'] = ipaddress.ip_network("2001:db8::/32") + self.info['v6_base_hostnet'] = ipaddress.ip_network("2001:db8::/48") + self.info['v6_gen'] = self.info['v6_base_hostnet'].subnets(new_prefix=self.info['v6_mask']) # possible new range for NAT64 prefixes - self.info['v6_base_nat64'] = ipaddress.ip_network("2001:db8:1::/48") + self.info['v6_nat64_base'] = ipaddress.ip_network("2001:db8:1::/48") - self.info['v6_gen'] = self.info['v6_base_hostnet'].subnets(new_prefix=self.info['v6_mask']) + # We reserve /64 (easier for reading), but only use /96 + self.info['v6_nat64_gen'] = self.info['v6_nat64_base'].subnets(new_prefix=self.info['v6_mask']) self.info['v4_mask'] = 24 self.info['v4_base'] = ipaddress.ip_network("10.0.0.0/8") @@ -123,12 +127,19 @@ class L2Controller(object): # specific settings - mapping 256 IPv6 IPs max statically (based on /24) for mode in ["range_router"]: for v6_net in self.v6_routes[mode]: + # This is a /64 + v6_dst_base = self.info['v6_nat64_base'].next() + + # This is a /96xs! + v6_dst = v6_dst_base.subnets(new_prefix=self.info['v6_nat64_mask']).next() + for v4_net in self.v4_routes[mode]: v4_dst = self.info['v4_nat64_map'].next() self.nat64_map[mode].append({ "v6_src": v6_net['net'], - "v6_dst": self.info['nat64_prefix'] # static + # "v6_dst": self.info['nat64_prefix'] # static -- not supported ATM + "v6_dst": v6_dst "v4_src": v4_net['net'], "v4_dst": v4_dst }) @@ -241,21 +252,29 @@ class L2Controller(object): # self.controller.table_add("v6_addresses", "controller_reply", [str(another_addr_ns)], [str(self.task['ICMP6_NS'])]) def static_nat64_mapping(self, v6_src, v6_dst, v4_src, v4_dst): + """ + Currently using destination only matching due to non priority + LPM support in P4 + + This could be solved with ternary matches or smart double table usage + + """ + log.info("NAT64 map: ({} -> {} => {}), ({} -> {} -> {} (only /24)))".format( v6_src, v6_dst, v4_dst, v4_src, v4_dst, v6_src) self.controller.table_add("nat64", "nat64_static", - [str(v6_src) - str(v6_dst)], +# [str(v6_src) + [str(v6_dst)], [str(v6_src.network_address), str(v4_dst.network_address), str(v6_dst.network_address)] ) self.controller.table_add("nat46", "nat46_static", - [str(v4_src) - str(v4_dst)], +# [str(v4_src) + [str(v4_dst)], [str(v6_src.network_address), str(v4_dst.network_address), str(v6_dst.network_address)] diff --git a/p4src/static-mapping.p4 b/p4src/static-mapping.p4 index 2eeb875..0007a50 100644 --- a/p4src/static-mapping.p4 +++ b/p4src/static-mapping.p4 @@ -120,7 +120,7 @@ control MyIngress(inout headers hdr, table nat64 { key = { - hdr.ipv6.src_addr: lpm; +// hdr.ipv6.src_addr: lpm; hdr.ipv6.dst_addr: lpm; } actions = { @@ -134,7 +134,7 @@ control MyIngress(inout headers hdr, table nat46 { key = { - hdr.ipv4.src_addr: lpm; +// hdr.ipv4.src_addr: lpm; hdr.ipv4.dst_addr: lpm; } actions = {