Add support for external subnets (#129)

Author: Nieuwejaar

Cargo.lock

@@ -16,6 +16,7 @@ control ingress(
     inout ingress_metadata_t ingress,
     inout egress_metadata_t egress,
 ) {
+    attached()      attached;
     local()         local;
     router()        router;
     nat_ingress()   nat;
@@ -53,6 +54,7 @@ control ingress(
             // rack and should be sent to the scrimlet.
             else { fwd_to_scrimlet(); return; }
         } else {
+            attached.apply(ingress, hdr);
             nat.apply(hdr, ingress, egress); // check for ingress nat
         }
 
@@ -158,18 +160,28 @@ control nat_ingress(
     }
 
     apply {
-        if (hdr.ipv4.isValid()) { nat_v4.apply(); }
-        if (hdr.ipv6.isValid()) { nat_v6.apply(); }
+        if (ingress.forward_needed == false) {
+            if (hdr.ipv4.isValid()) { nat_v4.apply(); }
+            if (hdr.ipv6.isValid()) { nat_v6.apply(); }
+        }
+        if (ingress.forward_needed == true) {
+            forward_packet();
+        }
     }
 
     action forward_to_sled(bit<128> target, bit<24> vni, bit<48> mac) {
-        ingress.nat = true;
+        ingress.forward_tgt = target;
+        ingress.forward_vni = vni;
+        ingress.forward_mac = mac;
+        ingress.forward_needed = true;
+    }
 
+    action forward_packet() {
         bit<16> orig_l3_len = 0;
         bit<16> orig_l3_csum = 0;
 
         hdr.inner_eth = hdr.ethernet;
-        hdr.inner_eth.dst = mac;
+        hdr.inner_eth.dst = ingress.forward_mac;
         hdr.inner_eth.setValid();
         if (hdr.vlan.isValid()) {
             hdr.inner_eth.ether_type = hdr.vlan.ether_type;
@@ -218,7 +230,7 @@ control nat_ingress(
         hdr.ipv6.hop_limit = 8w255;
         // XXX hardcoded boundary services addr
         hdr.ipv6.src = 128w0xfd000099000000000000000000000001;
-        hdr.ipv6.dst = target;
+        hdr.ipv6.dst = ingress.forward_tgt;
         hdr.ipv6.setValid();
 
         // set up outer udp
@@ -235,7 +247,7 @@ control nat_ingress(
         hdr.geneve.crit = 1w0;
         hdr.geneve.reserved = 6w0;
         hdr.geneve.protocol = 16w0x6558;
-        hdr.geneve.vni = vni;
+        hdr.geneve.vni = ingress.forward_vni;
         hdr.geneve.reserved2 = 8w0;
         hdr.geneve.setValid();
 
@@ -266,7 +278,6 @@ control nat_ingress(
         });
         hdr.udp.checksum = 16w0;
     }
-
 }
 
 control local(
@@ -300,6 +311,42 @@ control local(
     action local()    { is_local = true; }
 }
 
+control attached(
+    inout ingress_metadata_t ingress,
+    inout headers_t hdr,
+) {
+    table attached_subnet_v4 {
+        key = {
+            hdr.ipv4.dst:   lpm;
+        }
+        actions = { forward_to_sled; }
+        default_action = NoAction;
+    }
+
+    table attached_subnet_v6 {
+        key = {
+            hdr.ipv6.dst:   lpm;
+        }
+        actions = { forward_to_sled; }
+        default_action = NoAction;
+    }
+
+    apply {
+        if (hdr.ipv4.isValid()) {
+            attached_subnet_v4.apply();
+        } else if (hdr.ipv6.isValid()) {
+            attached_subnet_v6.apply();
+        }
+    }
+
+    action forward_to_sled(bit<128> target, bit<24> vni, bit<48> mac) {
+        ingress.forward_tgt = target;
+        ingress.forward_vni = vni;
+        ingress.forward_mac = mac;
+        ingress.forward_needed = true;
+    }
+}
+
 control resolver(
     inout headers_t hdr,
     inout egress_metadata_t egress,

p4/sidecar-lite.p4

@@ -3,10 +3,13 @@
 #include <headers.p4>
 
 struct ingress_metadata_t {
+    bit<128> forward_tgt;
+    bit<24> forward_vni;
+    bit<48> forward_mac;
     bit<16> port;
     bit<16> nat_id;
     bit<16> path_idx;
-    bool nat;
+    bool forward_needed;
     bool lldp;
 
     // Used as mutable scratchpad shared between parser states.

p4/softnpu.p4

@@ -213,6 +213,8 @@ const LOCAL_V6: &str = "ingress.local.local_v6";
 const LOCAL_V4: &str = "ingress.local.local_v4";
 const NAT_V4: &str = "ingress.nat.nat_v4";
 const NAT_V6: &str = "ingress.nat.nat_v6";
+const ATTACHED_SUBNET_V4: &str = "ingress.attached.attached_subnet_v4";
+const ATTACHED_SUBNET_V6: &str = "ingress.attached.attached_subnet_v6";
 const RESOLVER_V4: &str = "ingress.resolver.resolver_v4";
 const RESOLVER_V6: &str = "ingress.resolver.resolver_v6";
 const MAC_REWRITE: &str = "ingress.mac.mac_rewrite";
@@ -1005,7 +1007,36 @@ fn dump_tables(table: &BTreeMap<String, Vec<TableEntry>>) {
         };
         println!("{dst_nat_id} -> {target}");
     }
-
+    println!("attached subnet v4:");
+    for e in table.get(ATTACHED_SUBNET_V4).unwrap() {
+        let subnet = match get_addr_subnet(&e.keyset_data) {
+            Some((a, m)) => format!("{a}/{m}"),
+            _ => continue,
+        };
+        let target = match get_addr_vni_mac(&e.parameter_data) {
+            Some((addr, vni, m)) => format!(
+                "{} {}/{:02x}:{:02x}:{:02x}:{:02x}:{:02x}:{:02x}",
+                addr, vni, m[5], m[4], m[3], m[2], m[1], m[0],
+            ),
+            None => "?".into(),
+        };
+        println!("{subnet} -> {target}");
+    }
+    println!("attached subnet v6:");
+    for e in table.get(ATTACHED_SUBNET_V6).unwrap() {
+        let subnet = match get_addr_subnet(&e.keyset_data) {
+            Some((a, m)) => format!("{a}/{m}"),
+            _ => continue,
+        };
+        let target = match get_addr_vni_mac(&e.parameter_data) {
+            Some((addr, vni, m)) => format!(
+                "{} {}/{:02x}:{:02x}:{:02x}:{:02x}:{:02x}:{:02x}",
+                addr, vni, m[5], m[4], m[3], m[2], m[1], m[0],
+            ),
+            None => "?".into(),
+        };
+        println!("{subnet} -> {target}");
+    }
     println!("port_mac:");
     for e in table.get(MAC_REWRITE).unwrap() {
         let port = u16::from_le_bytes([e.keyset_data[0], e.keyset_data[1]]);