+ reorg +add simple nat64 w/o protocol specific translations
This commit is contained in:
Nico Schottelius
parent
4972f550d8
commit
a408d7a803
3 changed files with 130 additions and 87 deletions
103
doc/plan.org
103
doc/plan.org
|
|
@ -1161,69 +1161,78 @@ check whether tables are applied correctly (type conversion
|
|||
problems) - start tcpdump - start test program - stop tcpdump - add
|
||||
pcap to git repo - git add-commit-push - git pull - start wireshark -
|
||||
debug packets - analyse code - goto 1
|
||||
**** Static NAT64
|
||||
Asymmetric maps: v6->v4 can match whole IPv4 Internet (/96)
|
||||
But v4->v6 can only map sub range!
|
||||
Using /24s (for convience) in IPv4
|
||||
|
||||
*** Performance comparison
|
||||
*** Feature/Functionality difference / overview / Challenges / limitations in P4
|
||||
*** Feature/Functionality difference / overview / CHALLENGES / LIMITATIONS in P4
|
||||
**** P4: cannot read key from table
|
||||
***** log
|
||||
Key and mask for matching destination is in table. We need this
|
||||
information in the action. However this information is not exposed, so
|
||||
we need to specify another parameter with the same information as in
|
||||
the key(s).
|
||||
information in the action. However this information is not exposed, so
|
||||
we need to specify another parameter with the same information as in
|
||||
the key(s).
|
||||
|
||||
Log from slack: (2019-03-14)
|
||||
Log from slack: (2019-03-14)
|
||||
|
||||
nico [1:55 PM]
|
||||
If I use LPM for matching, can I easily get the network address from P4 or do I have to use a bitmask myself? In the latter case it is not exactly clear how to get the mask from the table
|
||||
nico [1:55 PM]
|
||||
If I use LPM for matching, can I easily get the network address from P4 or do I have to use a bitmask myself? In the latter case it is not exactly clear how to get the mask from the table
|
||||
|
||||
Nate Foster [1:58 PM]
|
||||
You want to retrieve the address in the packet? In a table?
|
||||
And do you want to do the retrieving from the data plane or the control plane? (edited)
|
||||
Nate Foster [1:58 PM]
|
||||
You want to retrieve the address in the packet? In a table?
|
||||
And do you want to do the retrieving from the data plane or the control plane? (edited)
|
||||
|
||||
nico [2:00 PM]
|
||||
If I have a match in a table that matches on LPM, it can be any IP address in a network
|
||||
For calculating the NAT64/NAT46 translation, I will need the base address, i.e. network address to do subtractions/additions
|
||||
So it is fully data plane, what I would like to do
|
||||
I'll commit sample code to show the use case more clearly
|
||||
https://gitlab.ethz.ch/nicosc/master-thesis/blob/master/p4src/static-mapping.p4#L73
|
||||
GitLab
|
||||
p4src/static-mapping.p4 · master · nicosc / master-thesis
|
||||
gitlab.ethz.ch
|
||||
So the action nat64_static() is used in the table v6_networks.
|
||||
In v6_networks I use a match on `hdr.ipv6.dst_addr: lpm;`
|
||||
What I would like to be able is to get the network address ; I can do that manually, if I have the mask
|
||||
I can also re-inject this parameter by another action argument, but I'd assume that I can somewhere read this out from the table / match
|
||||
nico [2:00 PM]
|
||||
If I have a match in a table that matches on LPM, it can be any IP address in a network
|
||||
For calculating the NAT64/NAT46 translation, I will need the base address, i.e. network address to do subtractions/additions
|
||||
So it is fully data plane, what I would like to do
|
||||
I'll commit sample code to show the use case more clearly
|
||||
https://gitlab.ethz.ch/nicosc/master-thesis/blob/master/p4src/static-mapping.p4#L73
|
||||
GitLab
|
||||
p4src/static-mapping.p4 · master · nicosc / master-thesis
|
||||
gitlab.ethz.ch
|
||||
So the action nat64_static() is used in the table v6_networks.
|
||||
In v6_networks I use a match on `hdr.ipv6.dst_addr: lpm;`
|
||||
What I would like to be able is to get the network address ; I can do that manually, if I have the mask
|
||||
I can also re-inject this parameter by another action argument, but I'd assume that I can somewhere read this out from the table / match
|
||||
|
||||
Nate Foster [2:15 PM]
|
||||
To make sure I understand, in the data plane, you want to retrieve the address in the lpm pattern? (edited)
|
||||
Nate Foster [2:15 PM]
|
||||
To make sure I understand, in the data plane, you want to retrieve the address in the lpm pattern? (edited)
|
||||
|
||||
nico [2:16 PM]
|
||||
I want to retrieve the key
|
||||
nico [2:16 PM]
|
||||
I want to retrieve the key
|
||||
|
||||
Nate Foster [2:16 PM]
|
||||
Wait. The value `hdr.ipv6.dst_addr` is the thing used in the match.
|
||||
So you have that.
|
||||
What you don’t have is the IPv6 address and mask put into the table by the control plane.
|
||||
I assume you want the latter, right?
|
||||
Nate Foster [2:16 PM]
|
||||
Wait. The value `hdr.ipv6.dst_addr` is the thing used in the match.
|
||||
So you have that.
|
||||
What you don’t have is the IPv6 address and mask put into the table by the control plane.
|
||||
I assume you want the latter, right?
|
||||
|
||||
nico [2:17 PM]
|
||||
For example, if my matching key is 2001:db8::/32 and the real address is 2001:db8::f00, then I would like to retrieve 2001:db8:: and 32 from the table
|
||||
exactly :slightly_smiling_face:
|
||||
I can "fix" this by adding another argument, but it feels somewhat wrong to do that
|
||||
Because the table already knows this information
|
||||
nico [2:17 PM]
|
||||
For example, if my matching key is 2001:db8::/32 and the real address is 2001:db8::f00, then I would like to retrieve 2001:db8:: and 32 from the table
|
||||
exactly :slightly_smiling_face:
|
||||
I can "fix" this by adding another argument, but it feels somewhat wrong to do that
|
||||
Because the table already knows this information
|
||||
|
||||
Nate Foster [2:26 PM]
|
||||
I can’t think of a way other than the action parameter hack.
|
||||
Nate Foster [2:26 PM]
|
||||
I can’t think of a way other than the action parameter hack.
|
||||
|
||||
nico [2:26 PM]
|
||||
Oh, ok
|
||||
Is it because the information is "lost in hardware"?
|
||||
nico [2:26 PM]
|
||||
Oh, ok
|
||||
Is it because the information is "lost in hardware"?
|
||||
|
||||
Nate Foster [2:31 PM]
|
||||
No you’re right that most implementations have the value in memory. And one can imagine a different table API that allowed one to retrieve it in the data plane.
|
||||
But unless I am missing something obvious, P4 hides it…
|
||||
Nate Foster [2:31 PM]
|
||||
No you’re right that most implementations have the value in memory. And one can imagine a different table API that allowed one to retrieve it in the data plane.
|
||||
But unless I am missing something obvious, P4 hides it…
|
||||
|
||||
**** ICMP6: checksum over payload
|
||||
***** Result
|
||||
Need to duplicate information
|
||||
|
||||
**** DONE ICMP6: checksum over payload
|
||||
- variable length, up to 65k
|
||||
Exists:
|
||||
Exists!
|
||||
**** Synchronisation with the controller
|
||||
- Double data type definition -> might differ
|
||||
- TYPE_CPU for ethernet
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue