From 7fedd839599123ea6a4db9b8344139e4a5ff6af4 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Mon, 6 May 2019 11:51:04 +0200 Subject: [PATCH] [p4src] in theory finish source requirements for sessions --- p4src/headers.p4 | 1 + p4src/nat64.p4 | 69 +++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 60 insertions(+), 10 deletions(-) diff --git a/p4src/headers.p4 b/p4src/headers.p4 index 4c271f5..f466f3c 100644 --- a/p4src/headers.p4 +++ b/p4src/headers.p4 @@ -71,6 +71,7 @@ const task_t TASK_ICMP6_REPLY = 4; const task_t TASK_CHECKSUM_ICMP6 = 5; /* data plane */ const task_t TASK_CHECKSUM_ICMP6_NA = 6; /* data plane */ const task_t TASK_CHECKSUM_ICMP = 7; /* data plane */ +const task_t TASK_NAT64_TCP_SESSION = 8; /* control plane */ /**************************************** header ****************************************/ diff --git a/p4src/nat64.p4 b/p4src/nat64.p4 index 4dc222a..530e3f2 100644 --- a/p4src/nat64.p4 +++ b/p4src/nat64.p4 @@ -51,7 +51,7 @@ control MyIngress(inout headers hdr, } - /********************** NAT64 / NAT46 ACTIONS ***********************************/ + /********************** NAT64 / NAT46 ACTIONS GENERIC ***********************************/ /* changes for icmp6 -> icmp */ action nat64_icmp6_generic() @@ -87,7 +87,7 @@ control MyIngress(inout headers hdr, hdr.ipv4.totalLen = (bit<16>) hdr.ipv6.payload_length + 20; // ok under above constraints hdr.ipv4.identification = (bit<16>) 0; // no support for fragments - hdr.ipv4.flags = (bit<3>) 0; // DF bit and more fragments, unsupported ATM + hdr.ipv4.flags = (bit<3>) 0; // DF bit and more fragments hdr.ipv4.fragOffset = (bit<13>) 0; // 0 as there are no fragments /* Stuff that should be fine */ @@ -234,15 +234,42 @@ Echo or Echo Reply Message /********************** NAT64 sessions ***********************************/ - /* Create a session: - - Send data to controller - => controller creates entry in the session table (?) - - action nat64_create_session() + /* automatic translations */ + action nat64_tcp_session_translate( + ipv4_t src_addr, + bit<16> src_port, + ipv4_t dst_addr, + bit<16> dst_port) { + hdr.ipv4.setValid(); + hdr.tcp.src_port = src_port; + hdr.tcp.dst_port = dst_port; + + nat64_generic(src_addr, dst_addr); } + action nat46_tcp_session_translate( + ipv6_t src_addr, + bit<16> src_port, + ipv6_t dst_addr, + bit<16> dst_port) + { + hdr.ipv6.setValid(); + + hdr.tcp.src_port = src_port; + hdr.tcp.dst_port = dst_port; + + nat46_generic(src_addr, dst_addr); + } + + /* We are in the right range, need to create a session entry */ + action nat64_tcp_session_create() + { + controller_reply(TASK_NAT64_TCP_SESSION); + } + + /* Used for detecting traffic that should have a session */ table nat64_session { key = { @@ -256,6 +283,7 @@ Echo or Echo Reply Message default_action = controller_debug_table_id(TABLE_NAT64_SESSION); } + table nat64_tcp_session { key = { hdr.ipv6.src_addr: exact; @@ -265,10 +293,30 @@ Echo or Echo Reply Message } actions = { controller_debug_table_id; + nat64_tcp_session_create; + nat64_tcp_session_translate; NoAction; } size = NAT64_TABLE_SIZE; - default_action = controller_debug_table_id(TABLE_NAT64_TCP); + //default_action = controller_debug_table_id(TABLE_NAT64_TCP); + default_action = nat64_tcp_session_create; + } + + table nat46_tcp_session { + key = { + hdr.ipv6.src_addr: exact; + hdr.ipv6.dst_addr: exact; + hdr.tcp.src_port: exact; + hdr.tcp.dst_port: exact; + } + actions = { + controller_debug_table_id; + nat46_tcp_session_translate; + NoAction; + } + size = NAT64_TABLE_SIZE; + //default_action = controller_debug_table_id(TABLE_NAT64_TCP); + default_action = nat64_tcp_session_create; } @@ -485,8 +533,9 @@ Echo or Echo Reply Message // meta.chk_udp_v4 = 1; // } if(hdr.tcp.isValid()) { - nat64_tcp_session.apply(); - meta.chk_tcp_v4 = 1; + if(nat64_tcp_session.apply().hit) { + meta.chk_tcp_v4 = 1; + } } }