Rewrite code to use unique destination networks
This commit is contained in:
parent
42f5e00e74
commit
4a280716a6
2 changed files with 28 additions and 9 deletions
|
@ -54,13 +54,17 @@ class L2Controller(object):
|
||||||
self.info['ipv6_link_local'] = ipaddress.ip_address("fe80::200:aff:fe00:42")
|
self.info['ipv6_link_local'] = ipaddress.ip_address("fe80::200:aff:fe00:42")
|
||||||
|
|
||||||
self.info['v6_mask'] = 64
|
self.info['v6_mask'] = 64
|
||||||
|
self.info['v6_nat64_mask'] = 96
|
||||||
self.info['v6_base'] = ipaddress.ip_network("2001:db8::/32")
|
self.info['v6_base'] = ipaddress.ip_network("2001:db8::/32")
|
||||||
|
|
||||||
self.info['v6_base_hostnet'] = ipaddress.ip_network("2001:db8::/48")
|
self.info['v6_base_hostnet'] = ipaddress.ip_network("2001:db8::/48")
|
||||||
|
self.info['v6_gen'] = self.info['v6_base_hostnet'].subnets(new_prefix=self.info['v6_mask'])
|
||||||
|
|
||||||
# possible new range for NAT64 prefixes
|
# possible new range for NAT64 prefixes
|
||||||
self.info['v6_base_nat64'] = ipaddress.ip_network("2001:db8:1::/48")
|
self.info['v6_nat64_base'] = ipaddress.ip_network("2001:db8:1::/48")
|
||||||
|
|
||||||
self.info['v6_gen'] = self.info['v6_base_hostnet'].subnets(new_prefix=self.info['v6_mask'])
|
# We reserve /64 (easier for reading), but only use /96
|
||||||
|
self.info['v6_nat64_gen'] = self.info['v6_nat64_base'].subnets(new_prefix=self.info['v6_mask'])
|
||||||
|
|
||||||
self.info['v4_mask'] = 24
|
self.info['v4_mask'] = 24
|
||||||
self.info['v4_base'] = ipaddress.ip_network("10.0.0.0/8")
|
self.info['v4_base'] = ipaddress.ip_network("10.0.0.0/8")
|
||||||
|
@ -123,12 +127,19 @@ class L2Controller(object):
|
||||||
# specific settings - mapping 256 IPv6 IPs max statically (based on /24)
|
# specific settings - mapping 256 IPv6 IPs max statically (based on /24)
|
||||||
for mode in ["range_router"]:
|
for mode in ["range_router"]:
|
||||||
for v6_net in self.v6_routes[mode]:
|
for v6_net in self.v6_routes[mode]:
|
||||||
|
# This is a /64
|
||||||
|
v6_dst_base = self.info['v6_nat64_base'].next()
|
||||||
|
|
||||||
|
# This is a /96xs!
|
||||||
|
v6_dst = v6_dst_base.subnets(new_prefix=self.info['v6_nat64_mask']).next()
|
||||||
|
|
||||||
for v4_net in self.v4_routes[mode]:
|
for v4_net in self.v4_routes[mode]:
|
||||||
v4_dst = self.info['v4_nat64_map'].next()
|
v4_dst = self.info['v4_nat64_map'].next()
|
||||||
|
|
||||||
self.nat64_map[mode].append({
|
self.nat64_map[mode].append({
|
||||||
"v6_src": v6_net['net'],
|
"v6_src": v6_net['net'],
|
||||||
"v6_dst": self.info['nat64_prefix'] # static
|
# "v6_dst": self.info['nat64_prefix'] # static -- not supported ATM
|
||||||
|
"v6_dst": v6_dst
|
||||||
"v4_src": v4_net['net'],
|
"v4_src": v4_net['net'],
|
||||||
"v4_dst": v4_dst
|
"v4_dst": v4_dst
|
||||||
})
|
})
|
||||||
|
@ -241,21 +252,29 @@ class L2Controller(object):
|
||||||
# self.controller.table_add("v6_addresses", "controller_reply", [str(another_addr_ns)], [str(self.task['ICMP6_NS'])])
|
# self.controller.table_add("v6_addresses", "controller_reply", [str(another_addr_ns)], [str(self.task['ICMP6_NS'])])
|
||||||
|
|
||||||
def static_nat64_mapping(self, v6_src, v6_dst, v4_src, v4_dst):
|
def static_nat64_mapping(self, v6_src, v6_dst, v4_src, v4_dst):
|
||||||
|
"""
|
||||||
|
Currently using destination only matching due to non priority
|
||||||
|
LPM support in P4
|
||||||
|
|
||||||
|
This could be solved with ternary matches or smart double table usage
|
||||||
|
|
||||||
|
"""
|
||||||
|
|
||||||
log.info("NAT64 map: ({} -> {} => {}), ({} -> {} -> {} (only /24)))".format(
|
log.info("NAT64 map: ({} -> {} => {}), ({} -> {} -> {} (only /24)))".format(
|
||||||
v6_src, v6_dst, v4_dst,
|
v6_src, v6_dst, v4_dst,
|
||||||
v4_src, v4_dst, v6_src)
|
v4_src, v4_dst, v6_src)
|
||||||
|
|
||||||
self.controller.table_add("nat64", "nat64_static",
|
self.controller.table_add("nat64", "nat64_static",
|
||||||
[str(v6_src)
|
# [str(v6_src)
|
||||||
str(v6_dst)],
|
[str(v6_dst)],
|
||||||
[str(v6_src.network_address),
|
[str(v6_src.network_address),
|
||||||
str(v4_dst.network_address),
|
str(v4_dst.network_address),
|
||||||
str(v6_dst.network_address)]
|
str(v6_dst.network_address)]
|
||||||
)
|
)
|
||||||
|
|
||||||
self.controller.table_add("nat46", "nat46_static",
|
self.controller.table_add("nat46", "nat46_static",
|
||||||
[str(v4_src)
|
# [str(v4_src)
|
||||||
str(v4_dst)],
|
[str(v4_dst)],
|
||||||
[str(v6_src.network_address),
|
[str(v6_src.network_address),
|
||||||
str(v4_dst.network_address),
|
str(v4_dst.network_address),
|
||||||
str(v6_dst.network_address)]
|
str(v6_dst.network_address)]
|
||||||
|
|
|
@ -120,7 +120,7 @@ control MyIngress(inout headers hdr,
|
||||||
|
|
||||||
table nat64 {
|
table nat64 {
|
||||||
key = {
|
key = {
|
||||||
hdr.ipv6.src_addr: lpm;
|
// hdr.ipv6.src_addr: lpm;
|
||||||
hdr.ipv6.dst_addr: lpm;
|
hdr.ipv6.dst_addr: lpm;
|
||||||
}
|
}
|
||||||
actions = {
|
actions = {
|
||||||
|
@ -134,7 +134,7 @@ control MyIngress(inout headers hdr,
|
||||||
|
|
||||||
table nat46 {
|
table nat46 {
|
||||||
key = {
|
key = {
|
||||||
hdr.ipv4.src_addr: lpm;
|
// hdr.ipv4.src_addr: lpm;
|
||||||
hdr.ipv4.dst_addr: lpm;
|
hdr.ipv4.dst_addr: lpm;
|
||||||
}
|
}
|
||||||
actions = {
|
actions = {
|
||||||
|
|
Loading…
Reference in a new issue