Skip to content

Commit

Permalink
Refactor tunnels
Browse files Browse the repository at this point in the history
Signed-off-by: Marian Pritsak <[email protected]>
  • Loading branch information
marian-pritsak committed Oct 27, 2023
1 parent c18ea3f commit 1f969d0
Show file tree
Hide file tree
Showing 9 changed files with 366 additions and 202 deletions.
26 changes: 13 additions & 13 deletions dash-pipeline/bmv2/dash_conntrack.p4
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ control ConntrackIn(inout headers_t hdr,
action conntrackIn_allow (IPv4Address original_overlay_sip, IPv4Address original_overlay_dip) {
/* Invalidate entry based on TCP flags */
// If FIN is 1 (0b000001), or if RST is 1 (0b000100):
if ((hdr.tcp.flags & 0b000101 /* FIN/RST */) != 0) {
if ((hdr.customer_tcp.flags & 0b000101 /* FIN/RST */) != 0) {
set_entry_expire_time(EXPIRE_TIME_PROFILE_NOW); // New PNA extern
/* set entry to be purged */
}
Expand All @@ -54,7 +54,7 @@ control ConntrackIn(inout headers_t hdr,

action conntrackIn_miss() {
// TODO: Should this be ((hdr.tcp.flags & 0x2) != 0) instead?
if (hdr.tcp.flags == 0x2 /* SYN */) {
if (hdr.customer_tcp.flags == 0x2 /* SYN */) {
if (meta.direction == dash_direction_t.OUTBOUND) {
// New PNA Extern
add_entry("conntrackIn_allow",
Expand All @@ -67,14 +67,14 @@ control ConntrackIn(inout headers_t hdr,

table conntrackIn {
key = {
directionNeutralAddr(meta.direction, hdr.ipv4.src_addr, hdr.ipv4.dst_addr):
directionNeutralAddr(meta.direction, hdr.customer_ipv4.src_addr, hdr.customer_ipv4.dst_addr):
exact @name("ipv4_addr1");
directionNeutralAddr(meta.direction, hdr.ipv4.dst_addr, hdr.ipv4.src_addr):
directionNeutralAddr(meta.direction, hdr.customer_ipv4.dst_addr, hdr.customer_ipv4.src_addr):
exact @name("ipv4_addr2");
hdr.ipv4.protocol : exact;
directionNeutralPort(meta.direction, hdr.tcp.src_port, hdr.tcp.dst_port):
hdr.customer_ipv4.protocol : exact;
directionNeutralPort(meta.direction, hdr.customer_tcp.src_port, hdr.customer_tcp.dst_port):
exact @name("tcp_port1");
directionNeutralPort(meta.direction, hdr.tcp.dst_port, hdr.tcp.src_port):
directionNeutralPort(meta.direction, hdr.customer_tcp.dst_port, hdr.customer_tcp.src_port):
exact @name("tcp_port2");
meta.eni_id : exact;
}
Expand All @@ -99,7 +99,7 @@ control ConntrackOut(inout headers_t hdr,
action conntrackOut_allow () {
/* Invalidate entry based on TCP flags */
// If FIN is 1 (0b000001), or if RST is 1 (0b000100):
if ((hdr.tcp.flags & 0b000101 /* FIN/RST */) != 0) {
if ((hdr.customer_tcp.flags & 0b000101 /* FIN/RST */) != 0) {
set_entry_expire_time(EXPIRE_TIME_PROFILE_NOW); // New PNA extern
/* set entry to be purged */
}
Expand All @@ -109,7 +109,7 @@ control ConntrackOut(inout headers_t hdr,

action conntrackOut_miss() {
// TODO: Should this be ((hdr.tcp.flags & 0x2) != 0) instead?
if (hdr.tcp.flags == 0x2 /* SYN */) {
if (hdr.customer_tcp.flags == 0x2 /* SYN */) {
if (meta.direction == dash_direction_t.INBOUND) {
// New PNA Extern
add_entry("conntrackOut_allow", {}, EXPIRE_TIME_PROFILE_LONG);
Expand All @@ -120,14 +120,14 @@ control ConntrackOut(inout headers_t hdr,

table conntrackOut {
key = {
directionNeutralAddr(meta.direction, hdr.ipv4.src_addr, hdr.ipv4.dst_addr):
directionNeutralAddr(meta.direction, hdr.customer_ipv4.src_addr, hdr.customer_ipv4.dst_addr):
exact @name("ipv4_addr1");
directionNeutralAddr(meta.direction, hdr.ipv4.dst_addr, hdr.ipv4.src_addr):
directionNeutralAddr(meta.direction, hdr.customer_ipv4.dst_addr, hdr.customer_ipv4.src_addr):
exact @name("ipv4_addr2");
hdr.ipv4.protocol : exact;
directionNeutralPort(meta.direction, hdr.tcp.src_port, hdr.tcp.dst_port):
directionNeutralPort(meta.direction, hdr.customer_tcp.src_port, hdr.customer_tcp.dst_port):
exact @name("tcp_port1");
directionNeutralPort(meta.direction, hdr.tcp.dst_port, hdr.tcp.src_port):
directionNeutralPort(meta.direction, hdr.customer_tcp.dst_port, hdr.customer_tcp.src_port):
exact @name("tcp_port2");
meta.eni_id : exact;
}
Expand Down
39 changes: 26 additions & 13 deletions dash-pipeline/bmv2/dash_headers.p4
Original file line number Diff line number Diff line change
Expand Up @@ -94,19 +94,32 @@ header ipv6_t {
const bit<16> IPV6_HDR_SIZE=320/8;

struct headers_t {
ethernet_t ethernet;
ipv4_t ipv4;
ipv4options_t ipv4options;
ipv6_t ipv6;
udp_t udp;
tcp_t tcp;
vxlan_t vxlan;
nvgre_t nvgre;
ethernet_t inner_ethernet;
ipv4_t inner_ipv4;
ipv6_t inner_ipv6;
udp_t inner_udp;
tcp_t inner_tcp;
/* Underlay 1 headers */
ethernet_t u1_ethernet;
ipv4_t u1_ipv4;
ipv4options_t u1_ipv4options;
ipv6_t u1_ipv6;
udp_t u1_udp;
tcp_t u1_tcp;
vxlan_t u1_vxlan;
nvgre_t u1_nvgre;

/* Underlay 0 headers */
ethernet_t u0_ethernet;
ipv4_t u0_ipv4;
ipv4options_t u0_ipv4options;
ipv6_t u0_ipv6;
udp_t u0_udp;
tcp_t u0_tcp;
vxlan_t u0_vxlan;
nvgre_t u0_nvgre;

/* Customer headers */
ethernet_t customer_ethernet;
ipv4_t customer_ipv4;
ipv6_t customer_ipv6;
udp_t customer_udp;
tcp_t customer_tcp;
}

enum bit<16> dash_encapsulation_t {
Expand Down
17 changes: 9 additions & 8 deletions dash-pipeline/bmv2/dash_inbound.p4
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@

#include "dash_headers.p4"
#include "dash_service_tunnel.p4"
#include "dash_vxlan.p4"
#include "dash_acl.p4"
#include "dash_conntrack.p4"

Expand Down Expand Up @@ -36,13 +35,15 @@ control inbound(inout headers_t hdr,
ConntrackOut.apply(hdr, meta);
#endif //PNA_CONNTRACK

vxlan_encap(hdr,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
hdr.ethernet.dst_addr,
meta.encap_data.vni);
tunnel_encap(hdr,
meta,
meta.encap_data.overlay_dmac,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
dash_encapsulation_t.VXLAN,
meta.encap_data.vni);
}
}

Expand Down
1 change: 1 addition & 0 deletions dash-pipeline/bmv2/dash_metadata.p4
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ struct metadata_t {
bit<16> mapping_meter_class;
bit<16> meter_class;
bit<32> meter_bucket_index;
bit<16> tunnel_pointer;
}

#endif /* _SIRIUS_METADATA_P4_ */
66 changes: 23 additions & 43 deletions dash-pipeline/bmv2/dash_outbound.p4
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,8 @@ control outbound(inout headers_t hdr,
/* assert(is_overlay_dip_v4_or_v6 == 1 && is_overlay_sip_v4_or_v6 == 1);
assert(is_overlay_dip_mask_v4_or_v6 == 1 && is_overlay_sip_mask_v4_or_v6 == 1);
assert(is_underlay_dip_v4_or_v6 != 1 && is_underlay_sip_v4_or_v6 != 1); */
meta.encap_data.original_overlay_dip = hdr.ipv4.src_addr;
meta.encap_data.original_overlay_sip = hdr.ipv4.dst_addr;
meta.encap_data.original_overlay_dip = hdr.u0_ipv4.src_addr;
meta.encap_data.original_overlay_sip = hdr.u0_ipv4.dst_addr;

service_tunnel_encode(hdr,
overlay_dip,
Expand All @@ -74,7 +74,7 @@ control outbound(inout headers_t hdr,
/* encapsulation will be done in apply block based on dash_encapsulation */
meta.encap_data.underlay_dip = underlay_dip == 0 ? meta.encap_data.original_overlay_dip : (IPv4Address)underlay_dip;
meta.encap_data.underlay_sip = underlay_sip == 0 ? meta.encap_data.original_overlay_sip : (IPv4Address)underlay_sip;
meta.encap_data.overlay_dmac = hdr.ethernet.dst_addr;
meta.encap_data.overlay_dmac = hdr.u0_ethernet.dst_addr;
meta.encap_data.dash_encapsulation = dash_encapsulation;
meta.encap_data.service_tunnel_key = tunnel_key;
set_route_meter_attrs(meter_policy_en, meter_class);
Expand Down Expand Up @@ -148,14 +148,14 @@ control outbound(inout headers_t hdr,
bit<24> tunnel_key,
bit<16> meter_class,
bit<1> meter_class_override) {
meta.encap_data.overlay_dmac = hdr.ethernet.dst_addr;
meta.encap_data.overlay_dmac = hdr.u0_ethernet.dst_addr;
meta.encap_data.dash_encapsulation = dash_encapsulation;
meta.encap_data.vni = tunnel_key;

service_tunnel_encode(hdr,
overlay_dip,
0xffffffffffffffffffffffff,
(overlay_sip & ~meta.eni_data.pl_sip_mask) | meta.eni_data.pl_sip | (IPv6Address)hdr.ipv4.dst_addr,
(overlay_sip & ~meta.eni_data.pl_sip_mask) | meta.eni_data.pl_sip | (IPv6Address)hdr.u0_ipv4.dst_addr,
0xffffffffffffffffffffffff);

set_tunnel(underlay_dip,
Expand Down Expand Up @@ -247,46 +247,26 @@ control outbound(inout headers_t hdr,
}
}

if (meta.encap_data.dash_encapsulation == dash_encapsulation_t.VXLAN) {
vxlan_encap(hdr,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
meta.encap_data.overlay_dmac,
meta.encap_data.vni);
} else if (meta.encap_data.dash_encapsulation == dash_encapsulation_t.NVGRE) {
nvgre_encap(hdr,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
meta.encap_data.overlay_dmac,
meta.encap_data.vni);
} else {
drop();
}
tunnel_encap(hdr,
meta,
meta.encap_data.overlay_dmac,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
meta.encap_data.dash_encapsulation,
meta.encap_data.vni);
}
route_service_tunnel: {
if (meta.encap_data.dash_encapsulation == dash_encapsulation_t.VXLAN) {
vxlan_encap(hdr,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
meta.encap_data.overlay_dmac,
meta.encap_data.service_tunnel_key);
} else if (meta.encap_data.dash_encapsulation == dash_encapsulation_t.NVGRE) {
nvgre_encap(hdr,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
meta.encap_data.overlay_dmac,
meta.encap_data.service_tunnel_key);
} else {
drop();
}
tunnel_encap(hdr,
meta,
meta.encap_data.overlay_dmac,
meta.encap_data.underlay_dmac,
meta.encap_data.underlay_smac,
meta.encap_data.underlay_dip,
meta.encap_data.underlay_sip,
meta.encap_data.dash_encapsulation,
meta.encap_data.vni);
}
}
}
Expand Down
Loading

0 comments on commit 1f969d0

Please sign in to comment.