Add support of IPv4/v6 outer source network for services

yanet-platform · Oct 16, 2023 · e85b95f · e85b95f
1 parent 3e7fffe
commit e85b95f
Show file tree

Hide file tree

Showing 24 changed files with 507 additions and 22 deletions.
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/001-expect.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/001-expect.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/001-send.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/001-send.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/002-expect.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/002-expect.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/002-send.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/002-send.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/003-expect.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/003-expect.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/003-send.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/003-send.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/004-expect.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/004-expect.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/004-send.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/004-send.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/005-expect.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/005-expect.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/005-send.pcap b/autotest/units/001_one_port/068_balancer_outer_source_network/005-send.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/autotest.yaml b/autotest/units/001_one_port/068_balancer_outer_source_network/autotest.yaml
@@ -0,0 +1,32 @@
+steps:
+- ipv4Update: 
+  - "0.0.0.0/0 -> 200.0.0.1"
+  - "100.0.0.0/8 -> 100.0.0.5"
+- ipv6Update: "::/0 -> fe80::1"
+- cli:
+    - balancer real enable balancer0 10.0.0.1 tcp 80 2000::1 80
+    - balancer real enable balancer0 10.0.0.42 tcp 80 100.0.0.42 80
+    - balancer real enable balancer0 2001:dead:beef::1 tcp 80 2000::1 80
+    - balancer real enable balancer0 2001:dead:beef::2 tcp 80 100.0.0.6 80
+    - balancer real enable balancer0 2002:dead:beef::3 tcp 80 2000::2 80
+    - balancer real flush
+- sendPackets:
+    - port: kni0
+      send: 001-send.pcap
+      expect: 001-expect.pcap
+- sendPackets:
+    - port: kni0
+      send: 002-send.pcap
+      expect: 002-expect.pcap
+- sendPackets:
+    - port: kni0
+      send: 003-send.pcap
+      expect: 003-expect.pcap
+- sendPackets:
+    - port: kni0
+      send: 004-send.pcap
+      expect: 004-expect.pcap
+- sendPackets:
+    - port: kni0
+      send: 005-send.pcap
+      expect: 005-expect.pcap
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/controlplane.conf b/autotest/units/001_one_port/068_balancer_outer_source_network/controlplane.conf
@@ -0,0 +1,48 @@
+{
+  "modules": {
+    "lp0.100": {
+      "type": "logicalPort",
+      "physicalPort": "kni0",
+      "vlanId": "100",
+      "macAddress": "00:11:22:33:44:55",
+      "nextModule": "acl0"
+    },
+    "lp0.200": {
+      "type": "logicalPort",
+      "physicalPort": "kni0",
+      "vlanId": "200",
+      "macAddress": "00:11:22:33:44:55",
+      "nextModule": "acl0"
+    },
+    "acl0": {
+      "type": "acl",
+      "nextModules": [
+        "balancer0",
+        "route0"
+      ]
+    },
+    "balancer0": {
+      "type": "balancer",
+      "source": "2000:51b::1",
+      "source_ipv4": "100.0.0.22",
+      "services": "services.conf",
+      "nextModule": "route0"
+    },
+    "route0": {
+      "type": "route",
+      "interfaces": {
+        "kni0.100": {
+          "neighborIPv6Address": "fe80::1",
+          "neighborIPv4Address": "100.0.0.5",
+          "neighborMacAddress": "00:00:00:00:00:01",
+          "nextModule": "lp0.100"
+        },
+        "kni0.200": {
+          "neighborIPv4Address": "200.0.0.1",
+          "neighborMacAddress": "00:00:00:00:00:02",
+          "nextModule": "lp0.200"
+        }
+      }
+    }
+  }
+}
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/gen.py b/autotest/units/001_one_port/068_balancer_outer_source_network/gen.py
@@ -0,0 +1,94 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+from scapy.all import *
+
+
+def write_pcap(filename, *packetsList):
+    if len(packetsList) == 0:
+        PcapWriter(filename)._write_header(Ether())
+        return
+
+    PcapWriter(filename)
+
+    for packets in packetsList:
+        if type(packets) == list:
+            for packet in packets:
+                packet.time = 0
+                wrpcap(filename, [p for p in packet], append=True)
+        else:
+            packets.time = 0
+            wrpcap(filename, [p for p in packets], append=True)
+
+
+write_pcap("001-send.pcap",
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IP(dst="10.0.0.1", src="1.1.0.1", ttl=64) / TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IP(dst="10.0.0.1", src="1.1.0.2", ttl=64) / TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IP(dst="10.0.0.1", src="1.1.0.3", ttl=64) / TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IP(dst="10.0.0.1", src="1.1.0.4", ttl=64) / TCP(dport=80, sport=12380),
+)
+
+write_pcap("001-expect.pcap",
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="2000::1", src="2001:dead:beef::0101:0001:0:1", hlim=63)/IP(dst="10.0.0.1", src="1.1.0.1", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="2000::1", src="2001:dead:beef::0101:0002:0:1", hlim=63)/IP(dst="10.0.0.1", src="1.1.0.2", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="2000::1", src="2001:dead:beef::0101:0003:0:1", hlim=63)/IP(dst="10.0.0.1", src="1.1.0.3", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IPv6(dst="2000::1", src="2001:dead:beef::0101:0004:0:1", hlim=63)/IP(dst="10.0.0.1", src="1.1.0.4", ttl=64)/TCP(dport=80, sport=12380),
+)
+
+
+write_pcap("002-send.pcap",
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="10.0.0.42", src="1.1.0.1", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="10.0.0.42", src="1.1.0.2", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="10.0.0.42", src="1.1.0.3", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IP(dst="10.0.0.42", src="1.1.0.4", ttl=64)/TCP(dport=80, sport=12380),
+)
+
+write_pcap("002-expect.pcap",
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.42", src="123.0.0.12", ttl=63)/IP(dst="10.0.0.42", src="1.1.0.1", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.42", src="123.0.0.12", ttl=63)/IP(dst="10.0.0.42", src="1.1.0.2", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.42", src="123.0.0.12", ttl=63)/IP(dst="10.0.0.42", src="1.1.0.3", ttl=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.42", src="123.0.0.12", ttl=63)/IP(dst="10.0.0.42", src="1.1.0.4", ttl=64)/TCP(dport=80, sport=12380),
+)
+
+write_pcap("003-send.pcap",
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2001:dead:beef::1", src="2002::1", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2001:dead:beef::1", src="2002::2", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2001:dead:beef::1", src="2002::3", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2001:dead:beef::1", src="2002::4", hlim=64) / TCP(dport=80, sport=12443)
+)
+
+write_pcap("003-expect.pcap",
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::1", src="2001:dead:beef:1234::1:1", hlim=63) / IPv6(dst="2001:dead:beef::1", src="2002::1", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::1", src="2001:dead:beef:1234::2:1", hlim=63) / IPv6(dst="2001:dead:beef::1", src="2002::2", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::1", src="2001:dead:beef:1234::3:1", hlim=63) / IPv6(dst="2001:dead:beef::1", src="2002::3", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::1", src="2001:dead:beef:1234::4:1", hlim=63) / IPv6(dst="2001:dead:beef::1", src="2002::4", hlim=64) / TCP(dport=80, sport=12443)
+)
+
+
+write_pcap("004-send.pcap",
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IPv6(dst="2001:dead:beef::2", src="2002::10", hlim=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IPv6(dst="2001:dead:beef::2", src="2002::11", hlim=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IPv6(dst="2001:dead:beef::2", src="2002::12", hlim=64)/TCP(dport=80, sport=12380),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02")/Dot1Q(vlan=200)/IPv6(dst="2001:dead:beef::2", src="2002::13", hlim=64)/TCP(dport=80, sport=12380),
+)
+
+write_pcap("004-expect.pcap",
+           Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.6", src="123.0.12.0", ttl=63) /IPv6(dst="2001:dead:beef::2", src="2002::10", hlim=64)/TCP(dport=80, sport=12380),
+           Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.6", src="123.0.12.0", ttl=63) /IPv6(dst="2001:dead:beef::2", src="2002::11", hlim=64)/TCP(dport=80, sport=12380),
+           Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.6", src="123.0.12.0", ttl=63) /IPv6(dst="2001:dead:beef::2", src="2002::12", hlim=64)/TCP(dport=80, sport=12380),
+           Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55")/Dot1Q(vlan=100)/IP(dst="100.0.0.6", src="123.0.12.0", ttl=63) /IPv6(dst="2001:dead:beef::2", src="2002::13", hlim=64)/TCP(dport=80, sport=12380),
+)
+
+write_pcap("005-send.pcap",
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2002:dead:beef::3", src="2002::1", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2002:dead:beef::3", src="2002::2", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2002:dead:beef::3", src="2002::3", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:11:22:33:44:55", src="00:00:00:00:00:02") / Dot1Q(vlan=200) / IPv6(dst="2002:dead:beef::3", src="2002::4", hlim=64) / TCP(dport=80, sport=12443)
+)
+
+write_pcap("005-expect.pcap",
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::2", src="2001:dead:beef:1234:5600:0000:0100:0001", hlim=63) / IPv6(dst="2002:dead:beef::3", src="2002::1", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::2", src="2001:dead:beef:1234:5600:0000:0200:0001", hlim=63) / IPv6(dst="2002:dead:beef::3", src="2002::2", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::2", src="2001:dead:beef:1234:5600:0000:0300:0001", hlim=63) / IPv6(dst="2002:dead:beef::3", src="2002::3", hlim=64) / TCP(dport=80, sport=12443),
+            Ether(dst="00:00:00:00:00:01", src="00:11:22:33:44:55") / Dot1Q(vlan=100) / IPv6(dst="2000::2", src="2001:dead:beef:1234:5600:0000:0400:0001", hlim=63) / IPv6(dst="2002:dead:beef::3", src="2002::4", hlim=64) / TCP(dport=80, sport=12443)
+)
diff --git a/autotest/units/001_one_port/068_balancer_outer_source_network/services.conf b/autotest/units/001_one_port/068_balancer_outer_source_network/services.conf
@@ -0,0 +1,72 @@
+[
+  {
+    "vip": "10.0.0.1",
+    "proto": "tcp",
+    "vport": "80",
+    "scheduler": "wrr",
+    "ipv4_outer_source_network": "123.0.0.12/32",
+    "ipv6_outer_source_network": "2001:dead:beef::/64",
+    "reals": [
+      {
+        "ip": "2000::1",
+        "port": "80"
+      }
+    ]
+  },
+  {
+    "vip": "10.0.0.42",
+    "proto": "tcp",
+    "vport": "80",
+    "scheduler": "wrr",
+    "ipv4_outer_source_network": "123.0.0.12/32",
+    "ipv6_outer_source_network": "2001:dead:beef::/64",
+    "reals": [
+      {
+        "ip": "100.0.0.42",
+        "port": "80"
+      }
+    ]
+  },
+  {
+    "vip": "2001:dead:beef::1",
+    "proto": "tcp",
+    "vport": "80",
+    "scheduler": "wrr",
+    "ipv4_outer_source_network": "123.0.12.0/24",
+    "ipv6_outer_source_network": "2001:dead:beef:1234::/80",
+    "reals": [
+      {
+        "ip": "2000::1",
+        "port": "80"
+      }
+    ]
+  },
+  {
+    "vip": "2001:dead:beef::2",
+    "proto": "tcp",
+    "vport": "80",
+    "scheduler": "wrr",
+    "ipv4_outer_source_network": "123.0.12.0/24",
+    "ipv6_outer_source_network": "2001:dead:beef:1234::/80",
+    "reals": [
+      {
+        "ip": "100.0.0.6",
+        "port": "80"
+      }
+    ]
+  },
+  {
+    "vip": "2002:dead:beef::3",
+    "proto": "tcp",
+    "vport": "80",
+    "scheduler": "wrr",
+    "ipv4_outer_source_network": "123.0.12.0/24",
+    "ipv6_outer_source_network": "2001:dead:beef:1234:5600::/66",
+    "reals": [
+      {
+        "ip": "2000::2",
+        "port": "80"
+      }
+    ]
+  }
+]
diff --git a/common/controlplaneconfig.h b/common/controlplaneconfig.h
@@ -310,6 +310,8 @@ using service_t = std::tuple<balancer_service_id_t,
                              ::balancer::scheduler_params,
                              ::balancer::forwarding_method,
                              uint8_t, ///< flags: mss_fix|ops
+                             std::optional<common::ipv4_prefix_t>, ///< ipv4_outer_source_network
+                             std::optional<common::ipv6_prefix_t>, ///< ipv6_outer_source_network
                              std::vector<real_t>>;
 
 class config_t

diff --git a/common/idp.h b/common/idp.h
@@ -265,7 +265,9 @@ using service = std::tuple<balancer_service_id_t, /// service id
                            balancer::forwarding_method, // tunneling method (default ipip)
                            uint32_t, /// default_wlc_power
                            uint32_t, ///< real_start
-                           uint32_t>; ///< real_size
+                           uint32_t, ///< real_size
+                           std::optional<common::ipv4_prefix_t>, ///< ipv4_outer_source_network
+                           std::optional<common::ipv6_prefix_t>>; ///< ipv6_outer_source_network>
 using real = std::tuple<balancer_real_id_t, ///< real id
                         common::ip_address_t,
                         tCounterId>;