MAP: Add API support for MAP input feature.

Change-Id: I336919a1d3a9d1b404e375a30575cce5e5335137 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-12-17 13:43:52 -06:00
parent c6cb18b29d
commit f34597fc86
4 changed files with 216 additions and 0 deletions
--- a/src/plugins/map/map.api
+++ b/src/plugins/map/map.api
@ -125,6 +125,22 @@ define map_rule_details
  u16 psid;
 };

+/** \brief Enable or disable a MAP interface
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param sw_if_index - 
+    @param is_enable - 0=disable, 1=enable interface
+    @param is_translation -  0=encapsulation, 1=translation
+*/
+autoreply define map_if_enable_disable
+{
+  u32 client_index;
+  u32 context;
+  u32 sw_if_index;
+  bool is_enable;
+  bool is_translation; /* 0 - encapsulation, 1 - translation */
+};
+
 /** \brief Request for a single block of summary stats
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
@ -264,6 +280,19 @@ autoreply define map_param_set_traffic_class
 };


+/** \brief Set MAP TCP parammeters
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @parma tcp_mss - TCP MSS clamping value
+*/
+autoreply define map_param_set_tcp
+{
+  u32 client_index;
+  u32 context;
+  u16 tcp_mss;
+};
+
+
 /** \brief Request for a single block of MAP parameters
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
--- a/src/plugins/map/map.c
+++ b/src/plugins/map/map.c
@ -1169,6 +1169,9 @@ show_map_stats_command_fn (vlib_main_t * vm, unformat_input_t * input,
  else
    vlib_cli_output (vm, "MAP traffic-class: %x", mm->tc);

+  if (mm->tcp_mss)
+    vlib_cli_output (vm, "MAP TCP MSS clamping: %u", mm->tcp_mss);
+
  vlib_cli_output (vm,
 		   "MAP IPv6 inbound security check: %s, fragmented packet security check: %s",
 		   mm->sec_check ? "enabled" : "disabled",
@ -1329,6 +1332,56 @@ map_params_reass_command_fn (vlib_main_t * vm, unformat_input_t * input,
 }


+static clib_error_t *
+map_if_command_fn (vlib_main_t * vm,
+		   unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+  unformat_input_t _line_input, *line_input = &_line_input;
+  clib_error_t *error = NULL;
+  bool is_enable = true, is_translation = false;
+  vnet_main_t *vnm = vnet_get_main ();
+  u32 sw_if_index = ~0;
+
+  /* Get a line of input. */
+  if (!unformat_user (input, unformat_line_input, line_input))
+    return 0;
+
+  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat
+	  (line_input, "%U", unformat_vnet_sw_interface, vnm, &sw_if_index))
+	;
+      else if (unformat (line_input, "del"))
+	is_enable = false;
+      else if (unformat (line_input, "map-t"))
+	is_translation = true;
+      else
+	{
+	  error = clib_error_return (0, "unknown input `%U'",
+				     format_unformat_error, line_input);
+	  goto done;
+	}
+    }
+
+done:
+  unformat_free (line_input);
+
+  if (sw_if_index == ~0)
+    {
+      error = clib_error_return (0, "unknown interface");
+      return error;
+    }
+
+  int rv = map_if_enable_disable (is_enable, sw_if_index, is_translation);
+  if (rv)
+    {
+      error = clib_error_return (0, "failure enabling MAP on interface");
+    }
+
+  return error;
+}
+
+
 /*
 * packet trace format function
 */
@ -1913,6 +1966,45 @@ map_ip6_reass_conf_buffers (u32 buffers)
  return 0;
 }

+static clib_error_t *
+map_tcp_mss_command_fn (vlib_main_t * vm,
+			unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+  unformat_input_t _line_input, *line_input = &_line_input;
+  clib_error_t *error = NULL;
+  u32 tcp_mss = 0;
+
+  /* Get a line of input. */
+  if (!unformat_user (input, unformat_line_input, line_input))
+    return 0;
+
+  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat (line_input, "%u", &tcp_mss))
+	;
+      else
+	{
+	  error = clib_error_return (0, "unknown input `%U'",
+				     format_unformat_error, line_input);
+	  goto done;
+	}
+    }
+
+  if (tcp_mss >= (0x1 << 16))
+    {
+      error = clib_error_return (0, "invalid value `%u'", tcp_mss);
+      goto done;
+    }
+
+  map_param_set_tcp (tcp_mss);
+
+done:
+  unformat_free (line_input);
+
+  return error;
+}
+
+
 /* *INDENT-OFF* */

 /*?
@ -1948,6 +2040,22 @@ VLIB_CLI_COMMAND(map_traffic_class_command, static) = {
  .function = map_traffic_class_command_fn,
 };

+/*?
+ * TCP MSS clamping
+ *
+ * @cliexpar
+ * @cliexstart{map params tcp-mss}
+ *
+ * This command is used to set the TCP MSS in translated
+ * or encapsulated packets.
+ * @cliexend
+ ?*/
+VLIB_CLI_COMMAND(map_tcp_mss_command, static) = {
+  .path = "map params tcp-mss",
+  .short_help = "map params tcp-mss <value>",
+  .function = map_tcp_mss_command_fn,
+};
+
 /*?
 * Bypass IP4/IP6 lookup
 *
@ -2124,6 +2232,16 @@ VLIB_CLI_COMMAND(show_map_fragments_command, static) = {
  .function = show_map_fragments_command_fn,
 };

+/*?
+ * Enable MAP processing on interface (input feature)
+ *
+ ?*/
+VLIB_CLI_COMMAND(map_if_command, static) = {
+  .path = "map interface",
+  .short_help = "map interface <interface-name> [map-t] [del]",
+  .function = map_if_command_fn,
+};
+
 VLIB_PLUGIN_REGISTER() = {
  .version = VPP_BUILD_VER,
  .description = "Mapping of address and port (MAP)",
--- a/src/plugins/map/map.h
+++ b/src/plugins/map/map.h
@ -40,6 +40,8 @@ int map_create_domain (ip4_address_t * ip4_prefix, u8 ip4_prefix_len,
 int map_delete_domain (u32 map_domain_index);
 int map_add_del_psid (u32 map_domain_index, u16 psid, ip6_address_t * tep,
 		      u8 is_add);
+int map_if_enable_disable (bool is_enable, u32 sw_if_index,
+			   bool is_translation);
 u8 *format_map_trace (u8 * s, va_list * args);

 int map_param_set_fragmentation (bool inner, bool ignore_df);
@ -51,6 +53,7 @@ int map_param_set_reassembly (bool is_ipv6, u16 lifetime_ms,
 			      u32 * reass, u32 * packets);
 int map_param_set_security_check (bool enable, bool fragments);
 int map_param_set_traffic_class (bool copy, u8 tc);
+int map_param_set_tcp (u16 tcp_mss);


 typedef enum
@ -265,6 +268,8 @@ typedef struct {
  bool sec_check_frag;		/* Inbound security check for (subsequent) fragments */
  bool icmp6_enabled;		/* Send destination unreachable for security check failure */

+  u16 tcp_mss;			/* TCP MSS clamp value */
+
  /* ICMPv6 -> ICMPv4 relay parameters */
  ip4_address_t icmp4_src_address;
  vlib_simple_counter_main_t icmp_relayed;
--- a/src/plugins/map/map_api.c
+++ b/src/plugins/map/map_api.c
@ -526,6 +526,29 @@ static void
 }


+int
+map_param_set_tcp (u16 tcp_mss)
+{
+  map_main_t *mm = &map_main;
+
+  mm->tcp_mss = tcp_mss;
+
+  return 0;
+}
+
+
+static void
+vl_api_map_param_set_tcp_t_handler (vl_api_map_param_set_tcp_t * mp)
+{
+  map_main_t *mm = &map_main;
+  vl_api_map_param_set_tcp_reply_t *rmp;
+  int rv = 0;
+
+  map_param_set_tcp (ntohs (mp->tcp_mss));
+  REPLY_MACRO (VL_API_MAP_PARAM_SET_TCP_REPLY);
+}
+
+
 static void
 vl_api_map_param_get_t_handler (vl_api_map_param_get_t * mp)
 {
@ -581,12 +604,52 @@ vl_api_map_param_get_t_handler (vl_api_map_param_get_t * mp)
 }


+int
+map_if_enable_disable (bool is_enable, u32 sw_if_index, bool is_translation)
+{
+  if (is_translation == false)
+    {
+      vnet_feature_enable_disable ("ip4-unicast", "ip4-map", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+      vnet_feature_enable_disable ("ip6-unicast", "ip6-map", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+    }
+  else
+    {
+      vnet_feature_enable_disable ("ip4-unicast", "ip4-map-t", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+      vnet_feature_enable_disable ("ip6-unicast", "ip6-map-t", sw_if_index,
+				   is_enable ? 1 : 0, 0, 0);
+    }
+  return 0;
+}
+
+
+static void
+vl_api_map_if_enable_disable_t_handler (vl_api_map_if_enable_disable_t * mp)
+{
+  map_main_t *mm = &map_main;
+  vl_api_map_if_enable_disable_reply_t *rmp;
+  int rv = 0;
+
+  VALIDATE_SW_IF_INDEX (mp);
+
+  rv =
+    map_if_enable_disable (mp->is_enable, htonl (mp->sw_if_index),
+			   mp->is_translation);
+
+  BAD_SW_IF_INDEX_LABEL;
+  REPLY_MACRO (VL_API_MAP_IF_ENABLE_DISABLE_REPLY);
+}
+
+
 #define foreach_map_plugin_api_msg		\
 _(MAP_ADD_DOMAIN, map_add_domain)		\
 _(MAP_DEL_DOMAIN, map_del_domain)		\
 _(MAP_ADD_DEL_RULE, map_add_del_rule)		\
 _(MAP_DOMAIN_DUMP, map_domain_dump)		\
 _(MAP_RULE_DUMP, map_rule_dump)			\
+_(MAP_IF_ENABLE_DISABLE, map_if_enable_disable)	\
 _(MAP_SUMMARY_STATS, map_summary_stats)		\
 _(MAP_PARAM_SET_FRAGMENTATION, map_param_set_fragmentation)	\
 _(MAP_PARAM_SET_ICMP, map_param_set_icmp)	\
@ -595,6 +658,7 @@ _(MAP_PARAM_ADD_DEL_PRE_RESOLVE, map_param_add_del_pre_resolve)	\
 _(MAP_PARAM_SET_REASSEMBLY, map_param_set_reassembly)		\
 _(MAP_PARAM_SET_SECURITY_CHECK, map_param_set_security_check)	\
 _(MAP_PARAM_SET_TRAFFIC_CLASS, map_param_set_traffic_class)	\
+_(MAP_PARAM_SET_TCP, map_param_set_tcp)	\
 _(MAP_PARAM_GET, map_param_get)

 #define vl_msg_name_crc_list