From ce212ed9e1ec7b7c1d17134a671c702ec9633d38 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Mon, 1 Jul 2019 11:03:10 +0200 Subject: [PATCH] Checksums: ipv4 diff not needed; minip4: enable icmp, arp --- bin/checksum_delta_diff_test.py | 29 +++ doc/plan.org | 22 +- netpfga/minip4/src/minip4_solution-nat64.p4 | 266 ++++++++++---------- p4src/minip4.p4 | 1 + 4 files changed, 183 insertions(+), 135 deletions(-) create mode 120000 p4src/minip4.p4 diff --git a/bin/checksum_delta_diff_test.py b/bin/checksum_delta_diff_test.py index b685599..79a0c01 100644 --- a/bin/checksum_delta_diff_test.py +++ b/bin/checksum_delta_diff_test.py @@ -27,6 +27,9 @@ def checksum_scapy(pkt): # Only the diff between v4 and v6 "counts" # +# b) +# Not needed + def sum_for_udp(packet): sums = "" sums += struct.pack("H", packet[UDP].sport) @@ -78,6 +81,30 @@ def sum_for_v4(packet): return sums +def sum_for_v4_from_v6(packet): + # update_checksum(meta.chk_ipv4 == 1, + # { + # hdr.ipv4.version, + # hdr.ipv4.ihl, + # hdr.ipv4.diff_serv, + # hdr.ipv4.ecn, + # hdr.ipv4.totalLen, + # hdr.ipv4.identification, + # hdr.ipv4.flags, + # hdr.ipv4.fragOffset, + # hdr.ipv4.ttl, + # hdr.ipv4.protocol, + # hdr.ipv4.src_addr, + # hdr.ipv4.dst_addr + # }, + # hdr.ipv4.hdrChecksum, + # HashAlgorithm.csum16 + # ); + + pass + + + if __name__ == '__main__': p = [] @@ -174,3 +201,5 @@ if __name__ == '__main__': print("Translating v4 to v6, expected v6 UDP checksum: {}".format( checksums["ipv4"] + header_diff_from_v6)) + + # Generate the IPv4 header checksum from IPv6: diff --git a/doc/plan.org b/doc/plan.org index fd24e5d..b2f1cbb 100644 --- a/doc/plan.org +++ b/doc/plan.org @@ -387,8 +387,22 @@ | 2019-07-01 | | | | | Meeting Laurent | | | | | | -| | - Diff'ing in python | | -| | - Phasing in netpfga code | | +| | - Diff'ing in python: | | +| | * offsetting works | | +| | * Need to adjust to actual translation code | | +| | | | +| | - Phasing in netpfga code / copy & compile & fix | | +| | * Code structure w/o apply logic | | +| | * DIFF: Output port selection | | +| | * DIFF: Sending to CPU | | +| | | | +| | - Diff'ing in P4 | | +| | * IPv4 checksum is w/o payload | | +| | | | +| | | | +| | Next steps: | | +| | - Implement in BMV2 diff | | +| | - | | | | | | | 2019-07-11 | | | | | Integrated org-documentation into latex / export working | | @@ -3918,6 +3932,10 @@ Linux package management, handling updates, etc. *** TODO Code sharing (controller, switch) Many constants double defined. Easy to make errors. +*** Checksum handling: v6->v4 adding, not checking +Currently checksums are NOT checked. For translation v6->v4 this means +we add a checksum without ever checking v4 checksum before. + ** Implementation description and limitations *** Implementation description [move todos here] **** TODO Support (non-) fragmentation diff --git a/netpfga/minip4/src/minip4_solution-nat64.p4 b/netpfga/minip4/src/minip4_solution-nat64.p4 index a08e7d3..8a7502f 100644 --- a/netpfga/minip4/src/minip4_solution-nat64.p4 +++ b/netpfga/minip4/src/minip4_solution-nat64.p4 @@ -412,168 +412,168 @@ control TopPipe(inout Parsed_packet hdr, -// /********************** ICMP6 + NDP + ICMP ***********************************/ + /********************** ICMP6 + NDP + ICMP ***********************************/ -// /* old/unused action -- is it??*/ -// action icmp6_answer() { -// if(hdr.icmp6.isValid()) { -// if(hdr.icmp6.code == ICMP6_ECHO_REQUEST) { -// ipv6_addr_t tmp = hdr.ipv6.src_addr; -// hdr.ipv6.src_addr = hdr.ipv6.dst_addr; -// hdr.ipv6.dst_addr = tmp; -// hdr.icmp6.code = ICMP6_ECHO_REPLY; -// } -// } -// } + /* old/unused action -- is it??*/ + action icmp6_answer() { + if(hdr.icmp6.isValid()) { + if(hdr.icmp6.code == ICMP6_ECHO_REQUEST) { + ipv6_addr_t tmp = hdr.ipv6.src_addr; + hdr.ipv6.src_addr = hdr.ipv6.dst_addr; + hdr.ipv6.dst_addr = tmp; + hdr.icmp6.code = ICMP6_ECHO_REPLY; + } + } + } -// action icmp6_neighbor_solicitation(ipv6_addr_t addr, mac_addr_t mac_addr) { -// /* egress = ingress */ -// standard_metadata.egress_spec = standard_metadata.ingress_port; + action icmp6_neighbor_solicitation(ipv6_addr_t addr, mac_addr_t mac_addr) { + /* egress = ingress */ + standard_metadata.egress_spec = standard_metadata.ingress_port; -// /* 1. IPv6 changes */ -// hdr.ipv6.dst_addr = hdr.ipv6.src_addr; -// hdr.ipv6.src_addr = addr; + /* 1. IPv6 changes */ + hdr.ipv6.dst_addr = hdr.ipv6.src_addr; + hdr.ipv6.src_addr = addr; -// /* 2. ICMP6 changes */ -// hdr.icmp6.type = ICMP6_NA; -// hdr.icmp6.code = 0; -// hdr.icmp6.checksum = 42; // checksum is calculated in deparser - marking with 42 to see whether it is calculated + /* 2. ICMP6 changes */ + hdr.icmp6.type = ICMP6_NA; + hdr.icmp6.code = 0; + hdr.icmp6.checksum = 42; // checksum is calculated in deparser - marking with 42 to see whether it is calculated -// /* 3. icmp6/neighbor advertisement: values taken from real world answers */ -// hdr.icmp6_na_ns.router = 0; -// hdr.icmp6_na_ns.solicitated = 1; -// hdr.icmp6_na_ns.override = 1; -// hdr.icmp6_na_ns.reserved = 0; -// hdr.icmp6_na_ns.target_addr = addr; + /* 3. icmp6/neighbor advertisement: values taken from real world answers */ + hdr.icmp6_na_ns.router = 0; + hdr.icmp6_na_ns.solicitated = 1; + hdr.icmp6_na_ns.override = 1; + hdr.icmp6_na_ns.reserved = 0; + hdr.icmp6_na_ns.target_addr = addr; -// /* 4. Link layer options */ -// hdr.icmp6_option_link_layer_addr.type = ICMP6_NDP_OPT_TARGET_LL; -// hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */ -// hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr; + /* 4. Link layer options */ + hdr.icmp6_option_link_layer_addr.type = ICMP6_NDP_OPT_TARGET_LL; + hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */ + hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr; -// /* 5. Checksum trigger/info */ -// meta.chk_icmp6_na_ns = 1; -// meta.cast_length = (bit<32>) hdr.ipv6.payload_length; -// } + /* 5. Checksum trigger/info */ + meta.chk_icmp6_na_ns = 1; + meta.cast_length = (bit<32>) hdr.ipv6.payload_length; + } -// action icmp6_echo_reply() { -// mac_addr_t mac_tmp = hdr.ethernet.dst_addr; -// hdr.ethernet.dst_addr = hdr.ethernet.src_addr; -// hdr.ethernet.src_addr = mac_tmp; + action icmp6_echo_reply() { + mac_addr_t mac_tmp = hdr.ethernet.dst_addr; + hdr.ethernet.dst_addr = hdr.ethernet.src_addr; + hdr.ethernet.src_addr = mac_tmp; -// ipv6_addr_t addr_tmp = hdr.ipv6.dst_addr; -// hdr.ipv6.dst_addr = hdr.ipv6.src_addr; -// hdr.ipv6.src_addr = addr_tmp; + ipv6_addr_t addr_tmp = hdr.ipv6.dst_addr; + hdr.ipv6.dst_addr = hdr.ipv6.src_addr; + hdr.ipv6.src_addr = addr_tmp; -// hdr.icmp6.type = ICMP6_ECHO_REPLY; + hdr.icmp6.type = ICMP6_ECHO_REPLY; -// meta.chk_icmp6 = 1; + meta.chk_icmp6 = 1; -// meta.cast_length = (bit<32>) hdr.ipv6.payload_length; -// } + meta.cast_length = (bit<32>) hdr.ipv6.payload_length; + } -// table icmp6 { -// key = { -// hdr.ipv6.dst_addr: lpm; -// hdr.icmp6.type: exact; -// } -// actions = { -// controller_debug; -// icmp6_neighbor_solicitation; -// icmp6_echo_reply; -// controller_debug_table_id; -// NoAction; -// } -// size = ICMP6_TABLE_SIZE; -// default_action = controller_debug_table_id(TABLE_ICMP6); -// } + table icmp6 { + key = { + hdr.ipv6.dst_addr: lpm; + hdr.icmp6.type: exact; + } + actions = { + controller_debug; + icmp6_neighbor_solicitation; + icmp6_echo_reply; + controller_debug_table_id; + NoAction; + } + size = ICMP6_TABLE_SIZE; + default_action = controller_debug_table_id(TABLE_ICMP6); + } -// action icmp_echo_reply() { -// mac_addr_t mac_tmp = hdr.ethernet.dst_addr; -// ipv4_addr_t ipv4_tmp = hdr.ipv4.src_addr; + action icmp_echo_reply() { + mac_addr_t mac_tmp = hdr.ethernet.dst_addr; + ipv4_addr_t ipv4_tmp = hdr.ipv4.src_addr; -// /* swap ethernet addresses */ -// hdr.ethernet.dst_addr = hdr.ethernet.src_addr; -// hdr.ethernet.src_addr = mac_tmp; + /* swap ethernet addresses */ + hdr.ethernet.dst_addr = hdr.ethernet.src_addr; + hdr.ethernet.src_addr = mac_tmp; -// /* swap ipv4 addresses */ -// hdr.ipv4.src_addr = hdr.ipv4.dst_addr; -// hdr.ipv4.dst_addr = ipv4_tmp; + /* swap ipv4 addresses */ + hdr.ipv4.src_addr = hdr.ipv4.dst_addr; + hdr.ipv4.dst_addr = ipv4_tmp; -// /* set correct type */ -// hdr.icmp.type = ICMP_ECHO_REPLY; + /* set correct type */ + hdr.icmp.type = ICMP_ECHO_REPLY; -// meta.chk_icmp = 1; -// } + meta.chk_icmp = 1; + } -// table icmp { -// key = { -// hdr.ipv4.dst_addr: lpm; -// hdr.icmp.type: exact; -// } -// actions = { -// icmp_echo_reply; -// controller_debug_table_id; -// NoAction; -// } -// size = ICMP_TABLE_SIZE; -// // default_action = controller_debug_table_id(TABLE_ICMP); -// default_action = NoAction; /* do not clone on miss */ -// } + table icmp { + key = { + hdr.ipv4.dst_addr: lpm; + hdr.icmp.type: exact; + } + actions = { + icmp_echo_reply; + controller_debug_table_id; + NoAction; + } + size = ICMP_TABLE_SIZE; +// default_action = controller_debug_table_id(TABLE_ICMP); + default_action = NoAction; /* do not clone on miss */ + } // /********************** ARP ***********************************/ -// action arp_reply(mac_addr_t mac_addr) { -// /* swap */ -// ipv4_addr_t ipv4_src = hdr.arp.dst_ipv4_addr; -// ipv4_addr_t ipv4_dst = hdr.arp.src_ipv4_addr; + action arp_reply(mac_addr_t mac_addr) { + /* swap */ + ipv4_addr_t ipv4_src = hdr.arp.dst_ipv4_addr; + ipv4_addr_t ipv4_dst = hdr.arp.src_ipv4_addr; -// /* swap/add */ -// mac_addr_t mac_src = mac_addr; -// mac_addr_t mac_dst = hdr.arp.src_mac_addr; + /* swap/add */ + mac_addr_t mac_src = mac_addr; + mac_addr_t mac_dst = hdr.arp.src_mac_addr; -// /* fill the ethernet header */ -// hdr.ethernet.dst_addr = mac_dst; -// hdr.ethernet.src_addr = mac_src; + /* fill the ethernet header */ + hdr.ethernet.dst_addr = mac_dst; + hdr.ethernet.src_addr = mac_src; -// /* fill the arp header */ -// hdr.arp.dst_mac_addr = mac_dst; -// hdr.arp.src_mac_addr = mac_src; + /* fill the arp header */ + hdr.arp.dst_mac_addr = mac_dst; + hdr.arp.src_mac_addr = mac_src; -// /* swapping */ -// hdr.arp.dst_ipv4_addr = ipv4_dst; -// hdr.arp.src_ipv4_addr = ipv4_src; + /* swapping */ + hdr.arp.dst_ipv4_addr = ipv4_dst; + hdr.arp.src_ipv4_addr = ipv4_src; -// hdr.arp.opcode = ARP_REPLY; -// } + hdr.arp.opcode = ARP_REPLY; + } -// table v4_arp { -// key = { -// hdr.ethernet.dst_addr: exact; -// hdr.arp.opcode: exact; -// hdr.arp.dst_ipv4_addr: lpm; -// } -// actions = { -// controller_debug_table_id; -// arp_reply; -// NoAction; -// } -// size = ICMP6_TABLE_SIZE; -// default_action = controller_debug_table_id(TABLE_ARP); -// } + table v4_arp { + key = { + hdr.ethernet.dst_addr: exact; + hdr.arp.opcode: exact; + hdr.arp.dst_ipv4_addr: lpm; + } + actions = { + controller_debug_table_id; + arp_reply; + NoAction; + } + size = ICMP6_TABLE_SIZE; + default_action = controller_debug_table_id(TABLE_ARP); + } -// table v4_arp_egress { -// key = { -// hdr.arp.dst_ipv4_addr: lpm; -// } -// actions = { -// controller_debug_table_id; -// set_egress_port; -// NoAction; -// } -// size = ICMP6_TABLE_SIZE; -// default_action = controller_debug_table_id(TABLE_ARP_EGRESS); -// } + table v4_arp_egress { + key = { + hdr.arp.dst_ipv4_addr: lpm; + } + actions = { + controller_debug_table_id; + set_egress_port; + NoAction; + } + size = ICMP6_TABLE_SIZE; + default_action = controller_debug_table_id(TABLE_ARP_EGRESS); + } // /********************** ROUTING (egress definiton) TABLES ***********************************/ diff --git a/p4src/minip4.p4 b/p4src/minip4.p4 new file mode 120000 index 0000000..211e85a --- /dev/null +++ b/p4src/minip4.p4 @@ -0,0 +1 @@ +../netpfga/minip4/src/minip4_solution-nat64.p4 \ No newline at end of file