/* -*- P4_16 -*- */ #include #include #include "headers.p4" #include "parsers.p4" #include "checksums.p4" #include "settings.p4" /************************************************************************* ************** I N G R E S S P R O C E S S I N G ******************* *************************************************************************/ control MyIngress(inout headers hdr, inout metadata meta, inout standard_metadata_t standard_metadata) { /********************** GENERAL ACTIONS ***********************************/ action drop() { mark_to_drop(); } action set_egress_port (port_t out_port) { standard_metadata.egress_spec = out_port; } action controller_reply(task_t task) { meta.task = task; meta.ingress_port = standard_metadata.ingress_port; clone3(CloneType.I2E, 100, meta); } action controller_debug_table_id(table_t table_id) { meta.table_id = table_id; controller_reply(TASK_DEBUG); } action controller_debug() { controller_reply(TASK_DEBUG); } action multicast_pkg(mcast_t mcast_grp) { /* Output PKG on correct ports (plural) */ standard_metadata.mcast_grp = mcast_grp; } /********************** NAT64 / NAT46 ACTIONS ***********************************/ /* changes for icmp6 -> icmp */ action nat64_icmp6_generic() { hdr.icmp.setValid(); hdr.ipv4.protocol = PROTO_ICMP; // overwrite generic same protocol assumption /* trigger checksumming */ meta.switch_task = TASK_CHECKSUM_ICMP; meta.chk_icmp = 1; hdr.icmp6.setInvalid(); /* not needed, as we don't translate them (yet/ever) */ hdr.icmp6_na_ns.setInvalid(); hdr.icmp6_option_link_layer_addr.setInvalid(); } /* NAT64 protocol unspecific changes */ action nat64_generic(ipv4_addr_t src, ipv4_addr_t dst) { hdr.ipv4.setValid(); /* Stuff that might need to be fixed */ hdr.ipv4.version = (bit<4>)4; hdr.ipv4.diff_serv = (bit<6>)0; // no ToS hdr.ipv4.ecn = (bit<2>)0; // unsupported /* 5 is ok as long as we don't use options / padding / anything after the destination address */ hdr.ipv4.ihl = (bit<4>) 5; // internet header length: 4*5 = 20 hdr.ipv4.totalLen = (bit<16>) hdr.ipv6.payload_length + 20; // ok under above constraints hdr.ipv4.identification = (bit<16>) 0; // no support for fragments hdr.ipv4.flags = (bit<3>) 0; // DF bit and more fragments, unsupported ATM hdr.ipv4.fragOffset = (bit<13>) 0; // 0 as there are no fragments /* Stuff that should be fine */ hdr.ethernet.ethertype = TYPE_IPV4; hdr.ipv4.dst_addr = dst; hdr.ipv4.src_addr = src; hdr.ipv4.ttl = hdr.ipv6.hop_limit; hdr.ipv4.protocol = hdr.ipv6.next_header; hdr.ipv6.setInvalid(); } /* nat64_prefix is the same as the matching key, but without the mask */ action nat64_static(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) { ipv6_addr_t src_offset = hdr.ipv6.src_addr - v6_src; ipv4_addr_t src = v4_dst + (ipv4_addr_t) src_offset; ipv4_addr_t dst = (ipv4_addr_t) (hdr.ipv6.dst_addr - nat64_prefix); nat64_generic(src, dst); } /* From https://tools.ietf.org/html/rfc792 (IPv4) Echo or Echo Reply Message 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data ... +-+-+-+-+- From https://tools.ietf.org/html/rfc4443#section-4.1 4.1. Echo Request Message 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data ... +-+-+-+-+- 4.2. Echo Reply Message 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data ... +-+-+-+-+- Type / code are different in ICMP4 and ICMP6! */ /* changes for icmp6 -> icmp */ action nat46_icmp_generic() { hdr.icmp6.setValid(); hdr.ipv6.next_header = PROTO_ICMP6; meta.chk_icmp6 = 1; hdr.icmp.setInvalid(); } /* NAT46: protocol unspecific changes */ action nat46_generic(ipv6_addr_t src, ipv6_addr_t dst) { hdr.ipv6.setValid(); hdr.ipv4.setInvalid(); hdr.ethernet.ethertype = TYPE_IPV6; hdr.ipv6.dst_addr = dst; hdr.ipv6.src_addr = src; hdr.ipv6.version = (bit<4>)6; hdr.ipv6.traffic_class = (bit<8>) hdr.ipv4.diff_serv; hdr.ipv6.flow_label = (bit<20>) 0; hdr.ipv6.payload_length = (bit<16>) hdr.ipv4.totalLen - 20; hdr.ipv6.next_header = hdr.ipv4.protocol; hdr.ipv6.hop_limit = hdr.ipv4.ttl; } /* matching key: v4_network specified again */ action nat46_static(ipv6_addr_t v6_src, ipv4_addr_t v4_dst, ipv6_addr_t nat64_prefix) { ipv6_addr_t src = nat64_prefix + (ipv6_addr_t) hdr.ipv4.src_addr; ipv4_addr_t dst_offset = hdr.ipv4.dst_addr - v4_dst; ipv6_addr_t dst = v6_src + (ipv6_addr_t) dst_offset; nat46_generic(src, dst); } table nat64 { key = { hdr.ipv6.dst_addr: lpm; } actions = { controller_debug; nat64_static; controller_debug_table_id; NoAction; } size = NAT64_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_NAT64); } table nat46 { key = { hdr.ipv4.dst_addr: lpm; } actions = { controller_debug; nat46_static; controller_debug_table_id; NoAction; } size = NAT64_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_NAT46); } /********************** ICMP6 + NDP ***********************************/ /* old/unused action */ action icmp6_answer() { if(hdr.icmp6.isValid()) { if(hdr.icmp6.code == ICMP6_ECHO_REQUEST) { ipv6_addr_t tmp = hdr.ipv6.src_addr; hdr.ipv6.src_addr = hdr.ipv6.dst_addr; hdr.ipv6.dst_addr = tmp; hdr.icmp6.code = ICMP6_ECHO_REPLY; } } } action icmp6_neighbor_solicitation(ipv6_addr_t addr, mac_addr_t mac_addr) { /* egress = ingress */ standard_metadata.egress_spec = standard_metadata.ingress_port; /* 1. IPv6 changes */ hdr.ipv6.dst_addr = hdr.ipv6.src_addr; hdr.ipv6.src_addr = addr; /* 2. ICMP6 changes */ hdr.icmp6.type = ICMP6_NA; hdr.icmp6.code = 0; hdr.icmp6.checksum = 42; // checksum is calculated in deparser - marking with 42 to see whether it is calculated /* 3. icmp6/neighbor advertisement: values taken from real world answers */ hdr.icmp6_na_ns.router = 0; hdr.icmp6_na_ns.solicitated = 1; hdr.icmp6_na_ns.override = 1; hdr.icmp6_na_ns.reserved = 0; hdr.icmp6_na_ns.target_addr = addr; /* 4. Link layer options */ hdr.icmp6_option_link_layer_addr.type = ICMP6_NDP_OPT_TARGET_LL; hdr.icmp6_option_link_layer_addr.ll_length = 1; /* 1* 64 bit */ hdr.icmp6_option_link_layer_addr.mac_addr = mac_addr; /* 5. Checksum trigger/info */ meta.chk_icmp6_na_ns = 1; meta.cast_length = (bit<32>) hdr.ipv6.payload_length; } action icmp6_echo_reply() { mac_addr_t mac_tmp = hdr.ethernet.dst_addr; hdr.ethernet.dst_addr = hdr.ethernet.src_addr; hdr.ethernet.src_addr = mac_tmp; ipv6_addr_t addr_tmp = hdr.ipv6.dst_addr; hdr.ipv6.dst_addr = hdr.ipv6.src_addr; hdr.ipv6.src_addr = addr_tmp; hdr.icmp6.type = ICMP6_ECHO_REPLY; meta.chk_icmp6 = 1; meta.cast_length = (bit<32>) hdr.ipv6.payload_length; } table icmp6 { key = { hdr.ipv6.dst_addr: lpm; hdr.icmp6.type: exact; } actions = { controller_debug; icmp6_neighbor_solicitation; icmp6_echo_reply; controller_debug_table_id; NoAction; } size = ICMP6_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_ICMP6); // default_action = NoAction; } /********************** debugging / general support ***********************************/ // table port2mcast { // key = { // standard_metadata.ingress_port : exact; // } // actions = { // multicast_pkg; // controller_debug; // NoAction; // } // size = NDP_TABLE_SIZE; // default_action = NoAction; // } // /* Handle multicast registration of NDP */ // table addr2mcast { // key = { // hdr.ipv6.dst_addr: exact; // } // actions = { // multicast_pkg; // controller_debug; // NoAction; // } // size = NDP_TABLE_SIZE; // default_action = NoAction; // } /********************** ARP ***********************************/ action arp_reply(mac_addr_t mac_addr) { ipv4_addr_t tmp = hdr.arp.src_ipv4_addr; /* fill the ethernet header */ hdr.ethernet.src_addr = mac_addr; hdr.ethernet.dst_addr = hdr.arp.src_mac_addr; /* fill the arp header */ hdr.arp.dst_mac_addr = hdr.arp.src_mac_addr; hdr.arp.dst_ipv4_addr = tmp; hdr.arp.src_mac_addr = mac_addr; hdr.arp.src_ipv4_addr = hdr.arp.dst_ipv4_addr; hdr.arp.opcode = ARP_REPLY; } table v4_arp { key = { hdr.ethernet.dst_addr: exact; hdr.arp.opcode: exact; hdr.arp.dst_ipv4_addr: lpm; } actions = { controller_debug_table_id; arp_reply; NoAction; } size = ICMP6_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_ARP); } table v4_arp_egress { key = { hdr.arp.dst_ipv4_addr: lpm; } actions = { controller_debug_table_id; set_egress_port; NoAction; } size = ICMP6_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_ARP_EGRESS); } /********************** ROUTING (egress definiton) TABLES ***********************************/ table v6_networks { key = { hdr.ipv6.dst_addr: lpm; } actions = { set_egress_port; controller_debug; controller_reply; controller_debug_table_id; NoAction; } size = ROUTING_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_V6_NETWORKS); } table v4_networks { key = { hdr.ipv4.dst_addr: lpm; } actions = { set_egress_port; controller_debug; controller_debug_table_id; NoAction; } size = ROUTING_TABLE_SIZE; default_action = controller_debug_table_id(TABLE_V4_NETWORKS); } /********************** APPLYING TABLES ***********************************/ apply { if(hdr.ipv6.isValid()) { if(nat64.apply().hit) { /* generic nat64 done */ if(hdr.icmp6.isValid()) { nat64_icmp6_generic(); if(hdr.icmp6.type == ICMP6_ECHO_REPLY) { hdr.icmp.type = ICMP_ECHO_REPLY; } if(hdr.icmp6.type == ICMP6_ECHO_REQUEST) { hdr.icmp.type = ICMP_ECHO_REQUEST; } } v4_networks.apply(); /* apply egress for IPv4 */ exit; /* no further v6 processing */ } icmp6.apply(); /* icmp6 echo, icmp6 ndp */ v6_networks.apply(); /* regular egress / routing */ } else if(hdr.ipv4.isValid()) { if(nat46.apply().hit) { if(hdr.icmp.isValid()) { nat46_icmp_generic(); if(hdr.icmp.type == ICMP_ECHO_REPLY) { hdr.icmp6.type = ICMP6_ECHO_REPLY; } if(hdr.icmp.type == ICMP_ECHO_REQUEST) { hdr.icmp6.type = ICMP6_ECHO_REQUEST; } } v6_networks.apply(); exit; } v4_networks.apply(); /* regular routing, egress */ } else if(hdr.arp.isValid()) { if(v4_arp.apply().hit) { v4_arp_egress.apply(); } } } } /************************************************************************* **************** E G R E S S P R O C E S S I N G ******************* *************************************************************************/ control MyEgress(inout headers hdr, inout metadata meta, inout standard_metadata_t standard_metadata) { apply { // ingress clone if (standard_metadata.instance_type == 1){ hdr.cpu.setValid(); hdr.cpu.task = meta.task; hdr.cpu.ethertype = hdr.ethernet.ethertype; hdr.cpu.ingress_port = (bit<16>) meta.ingress_port; hdr.cpu.table_id = meta.table_id; hdr.ethernet.ethertype = TYPE_CPU; } } } /************************************************************************* *********************** S W I T C H ******************************* *************************************************************************/ V1Switch( MyParser(), MyVerifyChecksum(), MyIngress(), MyEgress(), MyComputeChecksum(), MyDeparser() ) main;