From bcc039cb31863ca74e49abd55a9b6e82fdf8d62b Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Wed, 31 Jul 2019 11:30:56 +0200 Subject: [PATCH] [doc] egress works with table on NetFPGA --- doc/Design.tex | 7 +++ doc/Results.tex | 18 ++++++- doc/appendix.tex | 107 +++++++++++++++++++++++++++++++++++++-- doc/plan.org | 61 ++++++++++++++++++++-- p4src/minip4_solution.p4 | 1 - p4src/netpfga_nat64.p4 | 98 +++++++++++++++++------------------ 6 files changed, 233 insertions(+), 59 deletions(-) diff --git a/doc/Design.tex b/doc/Design.tex index cb1d391..26faebd 100644 --- a/doc/Design.tex +++ b/doc/Design.tex @@ -4,3 +4,10 @@ Description of the theory/software/hardware that you designed. % the architecture Maybe figures here? controller, + +\section{\label{Design:NetPFGA}NetFPGA} + +Netpfga live, +Vivado +SDNET +xx k lines of supporting code diff --git a/doc/Results.tex b/doc/Results.tex index 85f799f..fceb238 100644 --- a/doc/Results.tex +++ b/doc/Results.tex @@ -18,11 +18,27 @@ test framework openvswitch \section{\label{Results:NetPFGA}NetFPGA} -\subsection{\label{Results:NetPFGA:challenges}Challenges} +General result: limited NAT64 is working, however + +\subsection{\label{Results:NetPFGA:challenge-checksum}No Payload checksumming} +\subsection{\label{Results:NetPFGA:challenges}Other Challenges} Many workarounds Table size 63, table size 64, +Table entries require arguments of all possible actions, not only used +one. + +Compile time hours + +Silent errors + +Unclear errors: broken board + +Due to the very fragile nature of the build framework from the +NetFPGA-Live repository, + +Reproducibility: \section{\label{Results:P4}P4} diff --git a/doc/appendix.tex b/doc/appendix.tex index d5865b1..218e650 100644 --- a/doc/appendix.tex +++ b/doc/appendix.tex @@ -1,5 +1,6 @@ \chapter{\label{appendixA}Test descriptions} - +\section{\label{chapterA:netpfga-setup}NetFPGA Setup} +Description of installation, commit of netpfga-live \section{\label{chapterA:section1}NetFPGA NAT64 Test cases} todo: add graphic of nsg <-> esprimo cabling @@ -13,7 +14,24 @@ ip neigh add 10.0.0.42 lladdr f8:f2:1e:09:62:d1 dev enp2s0f0 \end{verbatim} -\subsection{Test 1: do IPv4 egress settings work} +For all test cases the following network settings on esprimo: + +\begin{verbatim} +12: enp2s0f0: mtu 1500 qdisc mq state UP group default qlen 1000 + link/ether f8:f2:1e:09:62:d0 brd ff:ff:ff:ff:ff:ff + inet 10.0.0.42/24 scope global enp2s0f0 + valid_lft forever preferred_lft forever + inet6 fe80::faf2:1eff:fe09:62d0/64 scope link + valid_lft forever preferred_lft forever +13: enp2s0f1: mtu 1500 qdisc mq state UP group default qlen 1000 + link/ether f8:f2:1e:09:62:d1 brd ff:ff:ff:ff:ff:ff + inet6 2001:db8:42::42/64 scope global + valid_lft forever preferred_lft forever + inet6 fe80::faf2:1eff:fe09:62d1/64 scope link + valid_lft forever preferred_lft forever +\end{verbatim} + +\subsection{Test 1: IPv4 egress settings work} Scenario: simple egress port setting Step 1: getting correct values for table entries from python: @@ -74,7 +92,7 @@ root@ESPRIMO-P956:~# ip neigh add 10.0.0.4 lladdr f8:f2:1e:09:62:d1 dev enp2s0f0 Step 3: generating test packets, expecting 4 packets to show up on enp2s0f0: -\begin{tiny} +%\tvb \begin{verbatim} nico@ESPRIMO-P956:~$ sudo tcpdump -ni enp2s0f0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode @@ -84,11 +102,92 @@ listening on enp2s0f0, link-type EN10MB (Ethernet), capture size 262144 bytes 10:49:29.222340 IP 10.0.0.42 > 10.0.0.4: ICMP echo request, id 4440, seq 2, length 64 10:49:29.222418 IP 10.0.0.42 > 10.0.0.4: ICMP echo request, id 4440, seq 2, length 64 \end{verbatim} -\end{tiny} +%\tve Result: sucess +\subsection{Test 2: IPv6 egress} +Similar to the IPv4 setting before, just for IPv6. + +Step 1: getting IP address values + +\begin{verbatim} +>>> int(ipaddress.IPv6Address(u"2001:db8:42::4")) +42540766411362381960998550477184434180L +>>> int(ipaddress.IPv6Address(u"2001:db8:42::6")) +42540766411362381960998550477184434182L +>>> int(ipaddress.IPv6Address(u"2001:db8:42::42")) +42540766411362381960998550477184434242L +\end{verbatim} + +Step 2: setting table entries + +\begin{verbatim} +>> table_cam_add_entry realmain_v6_networks_0 realmain.set_egress_port 42540766411362381960998550477184434182 => 64 0 0 0 0 +fields = [(u'hit', 1), (u'action_run', 3), (u'out_port', 8), (u'out_port', 8), (u'mac_addr', 48), (u'task', 16), (u'table_id', 16)] +action_name = TopPipe.realmain.set_egress_port +field_vals = [1, '64', '0', '0', '0', '0'] +CAM_Init_ValidateContext() - done +WROTE 0x44020350 = 0x0006 +WROTE 0x44020354 = 0x0000 +WROTE 0x44020358 = 0x420000 +WROTE 0x4402035c = 0x20010db8 +WROTE 0x44020380 = 0x0000 +WROTE 0x44020384 = 0x0000 +WROTE 0x44020388 = 0x40000000 +WROTE 0x4402038c = 0x0001 +READ 0x44020344 = 0x0001 +WROTE 0x44020340 = 0x0001 +READ 0x44020344 = 0x0001 +READ 0x44020344 = 0x0001 +success +>> table_cam_add_entry realmain_v6_networks_0 realmain.set_egress_port 42540766411362381960998550477184434242 => 64 0 0 0 0 +fields = [(u'hit', 1), (u'action_run', 3), (u'out_port', 8), (u'out_port', 8), (u'mac_addr', 48), (u'task', 16), (u'table_id', 16)] +action_name = TopPipe.realmain.set_egress_port +field_vals = [1, '64', '0', '0', '0', '0'] +CAM_Init_ValidateContext() - done +WROTE 0x44020350 = 0x0042 +WROTE 0x44020354 = 0x0000 +WROTE 0x44020358 = 0x420000 +WROTE 0x4402035c = 0x20010db8 +WROTE 0x44020380 = 0x0000 +WROTE 0x44020384 = 0x0000 +WROTE 0x44020388 = 0x40000000 +WROTE 0x4402038c = 0x0001 +READ 0x44020344 = 0x0001 +WROTE 0x44020340 = 0x0001 +READ 0x44020344 = 0x0001 +READ 0x44020344 = 0x0001 +success +>> +\end{verbatim} + +Step 3: setting neighbor entries + +\begin{verbatim} +nico@ESPRIMO-P956:~$ sudo ip -6 neigh add 2001:db8:42::6 lladdr f8:f2:1e:09:62:d0 dev enp2s0f1 +nico@ESPRIMO-P956:~$ sudo ip -6 neigh add 2001:db8:42::4 lladdr f8:f2:1e:09:62:d0 dev enp2s0f1 +\end{verbatim} + +Step 4: generating test packets + +\begin{verbatim} +nico@ESPRIMO-P956:~$ ping6 -c2 2001:db8:42::6 +PING 2001:db8:42::6(2001:db8:42::6) 56 data bytes + + +nico@ESPRIMO-P956:~$ sudo tcpdump -ni enp2s0f1 +tcpdump: verbose output suppressed, use -v or -vv for full protocol decode +listening on enp2s0f1, link-type EN10MB (Ethernet), capture size 262144 bytes +11:30:17.287577 IP6 2001:db8:42::42 > 2001:db8:42::6: ICMP6, echo request, seq 1, length 64 +11:30:17.287599 IP6 2001:db8:42::42 > 2001:db8:42::6: ICMP6, echo request, seq 1, length 64 +11:30:18.310178 IP6 2001:db8:42::42 > 2001:db8:42::6: ICMP6, echo request, seq 2, length 64 +11:30:18.310258 IP6 2001:db8:42::42 > 2001:db8:42::6: ICMP6, echo request, seq 2, length 64 + +\end{verbatim} + +Result: success, packet is seen twice. \chapter{\label{appendixB}Appendix B?} diff --git a/doc/plan.org b/doc/plan.org index 377faf1..6e87e2b 100644 --- a/doc/plan.org +++ b/doc/plan.org @@ -7267,7 +7267,7 @@ success *** DONE 2019-07-28: ping6 test for getting packet: failure CLOSED: [2019-07-28 Sun 12:43] -*** TODO 2019-07-28: !!!!!!! NETPFGA PORT MAPPINGS +*** TODO 2019-07-28: *NETPFGA PORT MAPPINGS* nf_port_map = { "nf0":0b00000001, "nf1":0b00000100, @@ -7283,8 +7283,6 @@ nf_port_map = { | port 1 | 0b00000100 | 4 | | | port 2 | 0b00010000 | 16 | esprimo enp2s0f0 | | port 3 | 0b01000000 | 64 | esprimo enp2s0f1 | -| | | | | - *** DONE 2019-07-28: testing with port = 64 (first or last in theory): LAST! WORKS! CLOSED: [2019-07-28 Sun 13:19] #+BEGIN_CENTER @@ -8064,7 +8062,8 @@ listening on enp2s0f1, link-type EN10MB (Ethernet), capture size 262144 bytes - eth1 on nsg: seeing ipv4 and ipv6 - eth1 on nsg: seeing icmp (ipv4) - enp2s0f0 SEES icmp6! -*** TODO 2019-07-29: test table entries for moving to different port +*** DONE 2019-07-29: test table entries for moving to different port + CLOSED: [2019-07-31 Wed 10:04] #+BEGIN_CENTER >> table_cam_add_entry realmain_dummy_table_for_netpfga_0 realmain.set_egress_port 34525 => 64 fields = [(u'hit', 1), (u'action_run', 2), (u'out_port', 8)] @@ -8092,6 +8091,60 @@ It works!!!!! *** DONE 2019-07-29: documentation: `portland.sty' not found: removed include CLOSED: [2019-07-29 Mon 20:27] +*** TODO 2019-07-31: Test final NAT64 code: v6 egress +#+BEGIN_CENTER +>>> int(ipaddress.IPv6Address(u"2001:db8:42::70b4")) +42540766411362381960998550477184463028L + +>>> int(ipaddress.IPv6Address(u"2001:db8:42::6")) +42540766411362381960998550477184434182L + +>>> int(ipaddress.IPv4Address(u"10.0.0.42")) +167772202 + +>>> int(ipaddress.IPv4Address(u"10.0.0.42")) +167772202 + +>> table_cam_add_entry realmain_v4_networks_0 realmain.set_egress_port 167772202 => 16 0 0 0 0 +fields = [(u'hit', 1), (u'action_run', 3), (u'out_port', 8), (u'out_port', 8), (u'mac_addr', 48), (u'task', 16), (u'table_id', 16)] +action_name = TopPipe.realmain.set_egress_port +field_vals = [1, '16', '0', '0', '0', '0'] +CAM_Init_ValidateContext() - done +WROTE 0x44020250 = 0xa00002a +WROTE 0x44020280 = 0x0000 +WROTE 0x44020284 = 0x0000 +WROTE 0x44020288 = 0x10000000 +WROTE 0x4402028c = 0x0001 +READ 0x44020244 = 0x0001 +WROTE 0x44020240 = 0x0001 +READ 0x44020244 = 0x0001 +READ 0x44020244 = 0x0001 +success +>> + +>>> int(ipaddress.IPv4Address(u"10.0.0.4")) +167772164 +>> table_cam_add_entry realmain_v4_networks_0 realmain.set_egress_port 167772164 => 16 0 0 0 0 +fields = [(u'hit', 1), (u'action_run', 3), (u'out_port', 8), (u'out_port', 8), (u'mac_addr', 48), (u'task', 16), (u'table_id', 16)] +action_name = TopPipe.realmain.set_egress_port +field_vals = [1, '16', '0', '0', '0', '0'] +CAM_Init_ValidateContext() - done +WROTE 0x44020250 = 0xa000004 +WROTE 0x44020280 = 0x0000 +WROTE 0x44020284 = 0x0000 +WROTE 0x44020288 = 0x10000000 +WROTE 0x4402028c = 0x0001 +READ 0x44020244 = 0x0001 +WROTE 0x44020240 = 0x0001 +READ 0x44020244 = 0x0001 +READ 0x44020244 = 0x0001 +success +>> + + +#+END_CENTER +*** 2019-07-31: reading about \verb vs. \texttt + - probably want \verb, but cannot use in \newcommand ** The NetPFGA saga Problems encountered: - The logfile for a compile run is 10k+ lines diff --git a/p4src/minip4_solution.p4 b/p4src/minip4_solution.p4 index c8320cc..0e33bec 100644 --- a/p4src/minip4_solution.p4 +++ b/p4src/minip4_solution.p4 @@ -74,7 +74,6 @@ control RealMain( #include "netpfga_nat64.p4" - } } diff --git a/p4src/netpfga_nat64.p4 b/p4src/netpfga_nat64.p4 index 6727411..52eae36 100644 --- a/p4src/netpfga_nat64.p4 +++ b/p4src/netpfga_nat64.p4 @@ -2,61 +2,61 @@ bool apply_v6networks = false; bool apply_v4networks = false; if(hdr.ipv6.isValid()) { - apply_v6networks = true; + apply_v6networks = true; - if(nat64.apply().hit) { /* generic / static nat64 done */ - if(hdr.icmp6.isValid()) { - nat64_icmp6_generic(); + if(nat64.apply().hit) { /* generic / static nat64 done */ + if(hdr.icmp6.isValid()) { + nat64_icmp6_generic(); - if(hdr.icmp6.type == ICMP6_ECHO_REPLY) { - hdr.icmp.type = ICMP_ECHO_REPLY; - hdr.icmp.code = 0; - } - if(hdr.icmp6.type == ICMP6_ECHO_REQUEST) { - hdr.icmp.type = ICMP_ECHO_REQUEST; - hdr.icmp.code = 0; - } - } - - if(hdr.udp.isValid()) { - delta_udp_from_v6_to_v4 - } - - if(hdr.tcp.isValid()) { - delta_tcp_from_v6_to_v4 - } - apply_v4networks = false; - apply_v6networks = true; + if(hdr.icmp6.type == ICMP6_ECHO_REPLY) { + hdr.icmp.type = ICMP_ECHO_REPLY; + hdr.icmp.code = 0; } - } else if(hdr.ipv4.isValid()) { - apply_v4networks = true; - - if(nat46.apply().hit) { - if(hdr.icmp.isValid()) { - nat46_icmp_generic(); - - if(hdr.icmp.type == ICMP_ECHO_REPLY) { - hdr.icmp6.type = ICMP6_ECHO_REPLY; - } - if(hdr.icmp.type == ICMP_ECHO_REQUEST) { - hdr.icmp6.type = ICMP6_ECHO_REQUEST; - } - } - if(hdr.udp.isValid()) { - delta_udp_from_v4_to_v6 - } - if(hdr.tcp.isValid()) { - delta_tcp_from_v4_to_v6 - } - apply_v4networks = true; - apply_v6networks = false; + if(hdr.icmp6.type == ICMP6_ECHO_REQUEST) { + hdr.icmp.type = ICMP_ECHO_REQUEST; + hdr.icmp.code = 0; } } - if(apply_v4networks == true) { - v4_networks.apply(); + if(hdr.udp.isValid()) { + delta_udp_from_v6_to_v4 } - if(apply_v6networks == true) { - v6_networks.apply(); + if(hdr.tcp.isValid()) { + delta_tcp_from_v6_to_v4 } + apply_v4networks = false; + apply_v6networks = true; + } +} else if(hdr.ipv4.isValid()) { + apply_v4networks = true; + + if(nat46.apply().hit) { + if(hdr.icmp.isValid()) { + nat46_icmp_generic(); + + if(hdr.icmp.type == ICMP_ECHO_REPLY) { + hdr.icmp6.type = ICMP6_ECHO_REPLY; + } + if(hdr.icmp.type == ICMP_ECHO_REQUEST) { + hdr.icmp6.type = ICMP6_ECHO_REQUEST; + } + } + if(hdr.udp.isValid()) { + delta_udp_from_v4_to_v6 + } + if(hdr.tcp.isValid()) { + delta_tcp_from_v4_to_v6 + } + apply_v4networks = true; + apply_v6networks = false; + } +} + +if(apply_v4networks == true) { + v4_networks.apply(); +} + +if(apply_v6networks == true) { + v6_networks.apply(); +}