nico/master-thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Introduce the icmp6 table

Browse source
This commit is contained in:
Nico Schottelius 2019-03-23 15:03:42 +01:00
parent e1dcc092c5
commit 5f14967a32
4 changed files with 94 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
doc/plan.org
View file

@ -122,6 +122,7 @@
| 2019-03-23 | Parsing down to link layer option | | | 2019-03-23 | Parsing down to link layer option | |
| | Parsing on wrong field detected by unset fields in wireshark | | | | Parsing on wrong field detected by unset fields in wireshark | |
| | Correcting parser->leads to incorrect checksum | | | | Correcting parser->leads to incorrect checksum | |
| | - NDP is answered to, but icmp6 echo request isn't -> extend table | |
| | | | | | | |
| | | | | | | |
| 2019-03-28 | Meet Laurent #4 | | | 2019-03-28 | Meet Laurent #4 | |

17
p4app/controller.py
View file

@ -181,10 +181,19 @@ class L2Controller(object):
icmp6_net = "{}/128".format(icmp6_addr) icmp6_net = "{}/128".format(icmp6_addr)
mac_addr = self.info['mac_addr'] mac_addr = self.info['mac_addr']
self.controller.table_add("v6_networks", self.controller.table_add("icmp6",
"icmp6_neighbor_solicitation", "icmp6_neighbor_solicitation",
[str(icmp6_net)], [str(addr), str(mac_addr)]) [str(icmp6_net)], [str(addr), str(mac_addr)])
def init_icmp6_echo_in_switch(self, addr):
icmp6_addr = addr
icmp6_net = "{}/128".format(icmp6_addr)
self.controller.table_add("icmp6",
"icmp6_echo_reply",
[str(icmp6_net)], [str(addr)])
def fill_tables(self): def fill_tables(self):
self.controller.table_clear("v6_networks") self.controller.table_clear("v6_networks")
for v6route in self.v6_routes[self.mode]: for v6route in self.v6_routes[self.mode]:
@ -193,15 +202,17 @@ class L2Controller(object):
if self.args.multicast_to_controller: if self.args.multicast_to_controller:
self.listen_to_icmp6_multicast() self.listen_to_icmp6_multicast()
self.controller.table_clear("icmp6")
for v6addr in self.v6_addresses[self.mode]: for v6addr in self.v6_addresses[self.mode]:
self.init_ndp_in_switch(v6addr) self.init_ndp_in_switch(v6addr)
self.init_icmp6_echo_in_switch(v6addr)
self.controller.table_clear("v4_networks") self.controller.table_clear("v4_networks")
for v4route in self.v4_routes[self.mode]: for v4route in self.v4_routes[self.mode]:
self.controller.table_add("v4_networks", "set_egress_port", [str(v4route['net'])], [str(v4route['port'])]) self.controller.table_add("v4_networks", "set_egress_port", [str(v4route['net'])], [str(v4route['port'])])
self.controller.table_clear("v6_addresses")
# Disable icmp handling in the controller # Disable icmp handling in the controller
# for v6addr in self.v6_addresses[self.mode]: # for v6addr in self.v6_addresses[self.mode]:
# log.debug("Adding v6 address: {}".format(v6addr)) # log.debug("Adding v6 address: {}".format(v6addr))
@ -216,7 +227,7 @@ class L2Controller(object):
# # Experimental: controller does NDP, switch does ICMP6 echo reply # # Experimental: controller does NDP, switch does ICMP6 echo reply
# self.controller.table_add("v6_addresses", "controller_reply", [str(another_addr_ns)], [str(self.task['ICMP6_NS'])]) # self.controller.table_add("v6_addresses", "controller_reply", [str(another_addr_ns)], [str(self.task['ICMP6_NS'])])
# self.controller.table_add("v6_addresses", "icmp6_echo_reply", [str(another_addr)])
for nat64map in self.nat64_map[self.mode]: for nat64map in self.nat64_map[self.mode]:
self.static_nat64_mapping(**nat64map) self.static_nat64_mapping(**nat64map)

1
p4src/settings.p4
View file

@ -10,5 +10,6 @@
#define ROUTING_TABLE_SIZE 64 /* maximum routes per protocol */ #define ROUTING_TABLE_SIZE 64 /* maximum routes per protocol */
#define ADDRESS_TABLE_SIZE 64 /* maximum number of addresses per protocol */ #define ADDRESS_TABLE_SIZE 64 /* maximum number of addresses per protocol */
#define NDP_TABLE_SIZE 64 /* maximum number of multicast groups */ #define NDP_TABLE_SIZE 64 /* maximum number of multicast groups */
#define ICMP6_TABLE_SIZE 64 /* maximum number of multicast groups */
#endif #endif

155
p4src/static-mapping.p4
View file

@ -42,60 +42,6 @@ control MyIngress(inout headers hdr,
standard_metadata.mcast_grp = mcast_grp; standard_metadata.mcast_grp = mcast_grp;
} }
action icmp6_neighbor_solicitation(ipv6_addr_t addr, mac_addr_t mac_addr) {
/* egress = ingress */
standard_metadata.egress_spec = standard_metadata.ingress_port;
/* 1. IPv6 changes */
hdr.ipv6.dst_addr = hdr.ipv6.src_addr;
hdr.ipv6.src_addr = addr;
/* 2. ICMP6 changes */
hdr.icmp6.type = ICMP6_NA;
hdr.icmp6.code = 0;
// checksum is calculated in deparser
/* 3. icmp6/neighbor advertisement: values taken from real world answers */
hdr.icmp6_na_ns.router = 0;
hdr.icmp6_na_ns.solicitated = 1;
hdr.icmp6_na_ns.override = 1;
hdr.icmp6_na_ns.reserved = 0;
hdr.icmp6_na_ns.target_addr = addr;
/* 4. Link layer options */
hdr.icmp6_option_link_layer_addr.type = ICMP6_NDP_OPT_TARGET_LL;
hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */
hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr;
/* version1: rebuilding packet */
/*
truncate((bit<32>)(112 + 320 + 32)/8);
hdr.icmp6_na.setValid();
hdr.icmp6_na.solicitated = 1;
hdr.icmp6_na.override = 1;
*/
/* checksum trigger / content */
meta.task = TASK_CHECKSUM_ICMP6_NA;
meta.cast_length = (bit<32>) hdr.ipv6.payload_length;
}
action icmp6_echo_reply() {
mac_addr_t mac_tmp = hdr.ethernet.dst_addr;
hdr.ethernet.dst_addr = hdr.ethernet.src_addr;
hdr.ethernet.src_addr = mac_tmp;
ipv6_addr_t addr_tmp = hdr.ipv6.dst_addr;
hdr.ipv6.dst_addr = hdr.ipv6.src_addr;
hdr.ipv6.src_addr = addr_tmp;
hdr.icmp6.type = ICMP6_ECHO_REPLY;
meta.task = TASK_CHECKSUM_ICMP6;
meta.cast_length = (bit<32>) hdr.ipv6.payload_length;
}
/********************** NAT64 / NAT46 ACTIONS ***********************************/ /********************** NAT64 / NAT46 ACTIONS ***********************************/
@ -167,18 +113,88 @@ control MyIngress(inout headers hdr,
} }
/********************** Reply to NDP for US ***********************************/
table ndp_answer { /********************** ICMP6 ***********************************/
/* old/unused action */
action icmp6_answer() {
if(hdr.icmp6.isValid()) {
if(hdr.icmp6.code == ICMP6_ECHO_REQUEST) {
ipv6_addr_t tmp = hdr.ipv6.src_addr;
hdr.ipv6.src_addr = hdr.ipv6.dst_addr;
hdr.ipv6.dst_addr = tmp;
hdr.icmp6.code = ICMP6_ECHO_REPLY;
}
}
}
action icmp6_neighbor_solicitation(ipv6_addr_t addr, mac_addr_t mac_addr) {
/* egress = ingress */
standard_metadata.egress_spec = standard_metadata.ingress_port;
/* 1. IPv6 changes */
hdr.ipv6.dst_addr = hdr.ipv6.src_addr;
hdr.ipv6.src_addr = addr;
/* 2. ICMP6 changes */
hdr.icmp6.type = ICMP6_NA;
hdr.icmp6.code = 0;
// checksum is calculated in deparser
/* 3. icmp6/neighbor advertisement: values taken from real world answers */
hdr.icmp6_na_ns.router = 0;
hdr.icmp6_na_ns.solicitated = 1;
hdr.icmp6_na_ns.override = 1;
hdr.icmp6_na_ns.reserved = 0;
hdr.icmp6_na_ns.target_addr = addr;
/* 4. Link layer options */
hdr.icmp6_option_link_layer_addr.type = ICMP6_NDP_OPT_TARGET_LL;
hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */
hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr;
/* version1: rebuilding packet */
/*
truncate((bit<32>)(112 + 320 + 32)/8);
hdr.icmp6_na.setValid();
hdr.icmp6_na.solicitated = 1;
hdr.icmp6_na.override = 1;
*/
/* checksum trigger / content */
meta.task = TASK_CHECKSUM_ICMP6_NA;
meta.cast_length = (bit<32>) hdr.ipv6.payload_length;
}
action icmp6_echo_reply() {
mac_addr_t mac_tmp = hdr.ethernet.dst_addr;
hdr.ethernet.dst_addr = hdr.ethernet.src_addr;
hdr.ethernet.src_addr = mac_tmp;
ipv6_addr_t addr_tmp = hdr.ipv6.dst_addr;
hdr.ipv6.dst_addr = hdr.ipv6.src_addr;
hdr.ipv6.src_addr = addr_tmp;
hdr.icmp6.type = ICMP6_ECHO_REPLY;
meta.task = TASK_CHECKSUM_ICMP6;
meta.cast_length = (bit<32>) hdr.ipv6.payload_length;
}
table icmp6 {
key = { key = {
hdr.ipv6.dst_addr: exact; /* our multicast embedded mac address */ hdr.ipv6.dst_addr: lpm;
hdr.icmp6.type: exact; hdr.icmp6.type: exact;
} }
actions = { actions = {
controller_debug; controller_debug;
icmp6_neighbor_solicitation; icmp6_neighbor_solicitation;
icmp6_echo_reply;
NoAction; NoAction;
} }
size = NDP_TABLE_SIZE; size = ICMP6_TABLE_SIZE;
default_action = NoAction; default_action = NoAction;
} }
@ -213,7 +229,7 @@ control MyIngress(inout headers hdr,
// default_action = controller_debug; // default_action = controller_debug;
} }
/********************** NDP support ***********************************/ /********************** NDP support for OTHERS (unused ATM) ***********************************/
table ndp { table ndp {
key = { key = {
@ -230,23 +246,6 @@ control MyIngress(inout headers hdr,
} }
/********************** ADDRESS TABLES ***********************************/
action icmp6_answer() {
if(hdr.icmp6.isValid()) {
if(hdr.icmp6.code == ICMP6_ECHO_REQUEST) {
ipv6_addr_t tmp = hdr.ipv6.src_addr;
hdr.ipv6.src_addr = hdr.ipv6.dst_addr;
hdr.ipv6.dst_addr = tmp;
hdr.icmp6.code = ICMP6_ECHO_REPLY;
}
}
/* do something:
- change src/dst
- change type
*/
}
/********************** ROUTING (egress definiton) TABLES ***********************************/ /********************** ROUTING (egress definiton) TABLES ***********************************/
@ -302,7 +301,9 @@ control MyIngress(inout headers hdr,
// ndp_answer.apply(); // ndp_answer.apply();
//ndp.apply(); /* flood or if it is us - answer */ //ndp.apply(); /* flood or if it is us - answer */
v6_addresses.apply();
icmp6.apply();
v6_networks.apply(); v6_networks.apply();
} }
if(hdr.ipv4.isValid()) { if(hdr.ipv4.isValid()) {