nico/master-thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add code to mimic if in action

Browse source 
New table logic, new actions
This commit is contained in:
Nico Schottelius 2019-03-27 19:43:49 +01:00
parent ac96fe467d
commit d6264a32a4
2 changed files with 74 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
p4app/controller.py
View file

@ -38,6 +38,17 @@ table_id_fields = {
5: 'TABLE_V4_NETWORKS' 5: 'TABLE_V4_NETWORKS'
} }
table_proto = {
'ICMP6_ECHO_REQUEST' : 128,
'ICMP6_ECHO_REPLY' : 129,
'ICMP6_NS' : 135,
'ICMP6_NA' : 136,
'ICMP_ECHO_REPLY' : 0,
'ICMP_ECHO_REQUEST' : 8
}
class CpuHeader(Packet): class CpuHeader(Packet):
name = 'CpuPacket' name = 'CpuPacket'
fields_desc = [ fields_desc = [
@ -273,17 +284,41 @@ class L2Controller(object):
v6_src, v6_dst, v4_dst, v6_src, v6_dst, v4_dst,
v4_src, v4_dst, v6_src)) v4_src, v4_dst, v6_src))
# [str(v6_src) self.controller.table_add("nat64_icmp6",
self.controller.table_add("nat64", "nat64_static", "nat64_icmp6_echo_request",
[str(v6_dst)], [str(v6_dst),
str(table_proto['ICMP6_ECHO_REQUEST'])
],
[str(v6_src.network_address), [str(v6_src.network_address),
str(v4_dst.network_address), str(v4_dst.network_address),
str(v6_dst.network_address)] str(v6_dst.network_address)]
) )
# [str(v4_src) self.controller.table_add("nat64_icmp6",
self.controller.table_add("nat46", "nat46_static", "nat64_icmp6_echo_reply",
[str(v4_dst)], [str(v6_dst),
str(table_proto['ICMP6_ECHO_REPLY'])
],
[str(v6_src.network_address),
str(v4_dst.network_address),
str(v6_dst.network_address)]
)
self.controller.table_add("nat46_icmp",
"nat46_icmp_echo_reply",
[str(v4_dst)
str(table_proto['ICMP_ECHO_REPLY'])
],
[str(v6_src.network_address),
str(v4_dst.network_address),
str(v6_dst.network_address)]
)
self.controller.table_add("nat46_icmp",
"nat46_icmp_echo_request",
[str(v4_dst)
str(table_proto['ICMP_ECHO_REQUEST'])
],
[str(v6_src.network_address), [str(v6_src.network_address),
str(v4_dst.network_address), str(v4_dst.network_address),
str(v6_dst.network_address)] str(v6_dst.network_address)]

111
p4src/static-mapping.p4
View file

@ -48,28 +48,28 @@ control MyIngress(inout headers hdr,
/********************** NAT64 / NAT46 ACTIONS ***********************************/ /********************** NAT64 / NAT46 ACTIONS ***********************************/
/* if replacing actions */
action nat64_icmp6_echo_request(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) {
nat64_static(v6_src, v4_dst, nat64_prefix);
nat64_icmp6();
action mimic_assign_echo_request()
{
hdr.icmp.type = ICMP_ECHO_REQUEST; hdr.icmp.type = ICMP_ECHO_REQUEST;
} }
/* changes for icmp6 -> icmp action nat64_icmp6_echo_reply(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) {
- first echo request/reply nat64_static(v6_src, v4_dst, nat64_prefix);
- later maybe other nat64_icmp6();
*/
hdr.icmp.type = ICMP_ECHO_REPLY;
}
/* changes for icmp6 -> icmp */
action nat64_icmp6() action nat64_icmp6()
{ {
hdr.icmp.setValid(); hdr.icmp.setValid();
hdr.ipv4.protocol = PROTO_ICMP; // overwrite generic same protocol assumption hdr.ipv4.protocol = PROTO_ICMP; // overwrite generic same protocol assumption
// if(hdr.icmp6.type == ICMP6_ECHO_REQUEST) {
// mimic_assign_echo_request();
// }
// if(hdr.icmp6.type == ICMP6_ECHO_REPLY) {
// hdr.icmp.type = ICMP_ECHO_REPLY;
// }
/* trigger checksumming */ /* trigger checksumming */
meta.switch_task = TASK_CHECKSUM_ICMP; meta.switch_task = TASK_CHECKSUM_ICMP;
@ -80,7 +80,6 @@ control MyIngress(inout headers hdr,
hdr.icmp6_option_link_layer_addr.setInvalid(); hdr.icmp6_option_link_layer_addr.setInvalid();
} }
/* NAT64 protocol unspecific changes */ /* NAT64 protocol unspecific changes */
action nat64_generic(ipv4_addr_t src, ipv4_addr_t dst) { action nat64_generic(ipv4_addr_t src, ipv4_addr_t dst) {
hdr.ipv4.setValid(); hdr.ipv4.setValid();
@ -117,6 +116,8 @@ control MyIngress(inout headers hdr,
/* NAT46: protocol unspecific changes */ /* NAT46: protocol unspecific changes */
action nat46_generic(ipv6_addr_t src, ipv6_addr_t dst) { action nat46_generic(ipv6_addr_t src, ipv6_addr_t dst) {
hdr.ipv6.setValid(); hdr.ipv6.setValid();
hdr.ipv4.setInvalid();
hdr.ethernet.ethertype = TYPE_IPV6; hdr.ethernet.ethertype = TYPE_IPV6;
hdr.ipv6.dst_addr = dst; hdr.ipv6.dst_addr = dst;
@ -130,10 +131,8 @@ control MyIngress(inout headers hdr,
hdr.ipv6.next_header = hdr.ipv4.protocol; hdr.ipv6.next_header = hdr.ipv4.protocol;
hdr.ipv6.hop_limit = hdr.ipv4.ttl; hdr.ipv6.hop_limit = hdr.ipv4.ttl;
hdr.ipv4.setInvalid();
} }
/* nat64_prefix is the same as the matching key, but without the mask */ /* nat64_prefix is the same as the matching key, but without the mask */
action nat64_static(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) { action nat64_static(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) {
ipv6_addr_t src_offset = hdr.ipv6.src_addr - v6_src; ipv6_addr_t src_offset = hdr.ipv6.src_addr - v6_src;
@ -142,7 +141,14 @@ control MyIngress(inout headers hdr,
ipv4_addr_t dst = (ipv4_addr_t) (hdr.ipv6.dst_addr - nat64_prefix); ipv4_addr_t dst = (ipv4_addr_t) (hdr.ipv6.dst_addr - nat64_prefix);
nat64_generic(src, dst); nat64_generic(src, dst);
}
action nat46_icmp_echo_request(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) {
; /* TBD */
}
action nat46_icmp_echo_reply(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) {
; /* TBD */
} }
/* matching key: v4_network specified again */ /* matching key: v4_network specified again */
@ -153,19 +159,17 @@ control MyIngress(inout headers hdr,
ipv6_addr_t dst = v6_src + (ipv6_addr_t) dst_offset; ipv6_addr_t dst = v6_src + (ipv6_addr_t) dst_offset;
nat46_generic(src, dst); nat46_generic(src, dst);
/* fix the protocol specific translations */
// switch() ...
} }
table nat64 { table nat64_icmp6 {
key = { key = {
hdr.ipv6.dst_addr: lpm; hdr.ipv6.dst_addr: lpm;
hdr.ipv6.next_header: exact; hdr.icmp6.type: exact;
} }
actions = { actions = {
controller_debug; controller_debug;
nat64_static; nat64_icmp6_echo_reply;
nat64_icmp6_echo_request;
controller_debug_table_id; controller_debug_table_id;
NoAction; NoAction;
} }
@ -173,14 +177,15 @@ control MyIngress(inout headers hdr,
default_action = controller_debug_table_id(TABLE_NAT64); default_action = controller_debug_table_id(TABLE_NAT64);
} }
table nat46 { table nat46_icmp {
key = { key = {
// hdr.ipv4.src_addr: lpm;
hdr.ipv4.dst_addr: lpm; hdr.ipv4.dst_addr: lpm;
hdr.icmp.type: exact;
} }
actions = { actions = {
controller_debug; controller_debug;
nat46_static; nat46_icmp_echo_reply;
nat46_icmp_echo_request;
controller_debug_table_id; controller_debug_table_id;
NoAction; NoAction;
} }
@ -228,7 +233,6 @@ control MyIngress(inout headers hdr,
hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */ hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */
hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr; hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr;
/* version1: rebuilding packet */ /* version1: rebuilding packet */
/* /*
truncate((bit<32>)(112 + 320 + 32)/8); truncate((bit<32>)(112 + 320 + 32)/8);
@ -369,64 +373,15 @@ control MyIngress(inout headers hdr,
} }
/********************** APPLYING TABLES ***********************************/ /********************** APPLYING TABLES ***********************************/
apply {
/* V2: matching all protocols in same table */
if(hdr.ipv6.isValid()) {
switch(nat64.apply().action_run) {
nat64_icmp6: { nat64_icmp6_if_table.apply() }
nat64_tcp: { ... } // nothing, directly handled
nat64_udp: { ... } // nothing, directly handled
}
/* not sure how to get .hit & .action_run */
if(there_was_a_hit_in_nat64) {
v4_networks.apply(); /* apply egress for IPv4 */
exit; /* no further v6 processing */
}
}
/* V3: matching protocols in distinct tables */
if(hdr.ipv6.isValid()) {
switch(nat64_icmp6.apply().hit) {
v4_networks.apply(); /* apply egress for IPv4 */
exit; /* no further v6 processing */
}
/* the next two might be able to be merged */
switch(nat64_udp.apply().hit) {
v4_networks.apply(); /* apply egress for IPv4 */
exit; /* no further v6 processing */
}
switch(nat64_tcp.apply().hit) {
v4_networks.apply(); /* apply egress for IPv4 */
exit; /* no further v6 processing */
}
}
switch(nat64.apply().action_run) {
nat64_icmp6: { nat64_icmp6_if_table.apply() }
nat64_tcp: { ... } // nothing, directly handled
nat64_udp: { ... } // nothing, directly handled
}
/* not sure how to get .hit & .action_run */
if(there_was_a_hit_in_nat64) {
v4_networks.apply(); /* apply egress for IPv4 */
exit; /* no further v6 processing */
}
}
apply { apply {
if(hdr.ipv6.isValid()) { if(hdr.ipv6.isValid()) {
icmp6.apply(); /* icmp6 echo, icmp6 ndp */ icmp6.apply(); /* icmp6 echo, icmp6 ndp */
switch(nat64.apply().action_run) {
nat64_icmp6: { nat64_icmp6_if_table.apply() }
} if(nat64_icmp6.apply().hit) {
v4_networks.apply(); /* apply egress for IPv4 */
v4_networks.apply(); /* apply egress */
exit; /* no further v6 processing */ exit; /* no further v6 processing */
} }
v6_networks.apply(); /* egress / routing */ v6_networks.apply(); /* egress / routing */
} else if(hdr.ipv4.isValid()) { } else if(hdr.ipv4.isValid()) {
if(nat46.apply().hit) { /* v4->v6 */ if(nat46.apply().hit) { /* v4->v6 */