xref: /illumos-gate/usr/src/uts/common/inet/ilb/ilb_conn.h (revision 5422785d352a2bb398daceab3d1898a8aa64d006)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef _INET_ILB_CONN_H
28 #define	_INET_ILB_CONN_H
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 struct ilb_conn_s;
35 
36 /*
37  * Struct of the conn hash table bucket
38  *
39  * ilb_connp: the first conn hash entry in the bucket
40  * ilb_conn_hash_lock: mutex to protect the list in the bucket
41  * ilb_conn_cnt: number of conn hash entries in this bucket
42  */
43 typedef struct ilb_conn_hash_s {
44 	struct ilb_conn_s	*ilb_connp;
45 	kmutex_t		ilb_conn_hash_lock;
46 	uint32_t		 ilb_conn_cnt;
47 #if defined(_LP64) || defined(_I32LPx)
48 	char			ilb_conn_hash_pad[44];
49 #else
50 	char			ilb_conn_hash_pad[52];
51 #endif
52 } ilb_conn_hash_t;
53 
54 /*
55  * Extracted rule/server info for faster access without holding a reference
56  * to a rule or server.
57  */
58 typedef struct ilb_rule_info_s {
59 	ilb_topo_impl_t		topo;
60 	ilb_nat_info_t		info;
61 } ilb_rule_info_t;
62 
63 /* Info about a TCP connection for tracking */
64 struct ilb_tcp_track {
65 	uint32_t		ack;
66 	uint32_t		fss;
67 	boolean_t		fin_sent;
68 	boolean_t		fin_acked;
69 };
70 
71 /*
72  * Struct to store NAT info of a connection (one direction)
73  *
74  * conn_daddr: destination address to be matched to find this info
75  * conn_saddr: source address to be matched
76  * conn_dport: destination port to be matched
77  * conn_sport: source port to be matched
78  * conn_ip_sum: IP checksum adjustment for NAT
79  * conn_tp_sum: tranport checksum adjustment for NAT
80  * conn_tcp_track: TCP connection tracking info
81  * conn_atime: last access time of this conn cache
82  * conn_pkt_cnt: packets processed using this conn
83  * conn_next: next conn info (for conn info linked list)
84  * conn_prev: previous conn info (for conn info linked list)
85  * conn_hash: back pointer to the conn hash table bucket
86  */
87 struct ilb_conn_info {
88 	in6_addr_t		conn_daddr;
89 	in6_addr_t		conn_saddr;
90 	in_port_t		conn_dport;
91 	in_port_t		conn_sport;
92 	uint32_t		conn_ip_sum;
93 	uint32_t		conn_tp_sum;
94 
95 	struct ilb_tcp_track	conn_tcp_track;
96 
97 	/* Last access time */
98 	int64_t			conn_atime;
99 	uint64_t		conn_pkt_cnt;
100 
101 	struct ilb_conn_s	*conn_next;
102 	struct ilb_conn_s	*conn_prev;
103 	ilb_conn_hash_t		*conn_hash;
104 };
105 
106 /*
107  * Struct (an entry in the conn hash table) to store a NAT info of a
108  * connection (both directions, client to server and server to client)
109  *
110  * conn_l4: transport protocol used in this NAT connection
111  * conn_expry: expiry time of this entry
112  * conn_cr_time: creation time of this entry
113  * conn_c2s: client to back end server info
114  * conn_s2c_ back end server to client info
115  * conn_server: pointer to the back end server structure
116  * conn_rule_cache: rule information needed for this entry (copied from
117  *                  the ilb_rule_t struct)
118  * conn_sticky: pointer to the sticky info of this client, used to do
119  *              reference counting on the sticky info.
120  * conn_gc: indicates whether this entry needs to be garbage collected
121  */
122 typedef struct ilb_conn_s {
123 	int			conn_l4;
124 
125 	int64_t			conn_expiry;
126 	int64_t			conn_cr_time;
127 
128 	/* Client to server, hash and check info */
129 	struct ilb_conn_info	conn_c2s;
130 #define	conn_c2s_daddr		conn_c2s.conn_daddr
131 #define	conn_c2s_saddr		conn_c2s.conn_saddr
132 #define	conn_c2s_dport		conn_c2s.conn_dport
133 #define	conn_c2s_sport		conn_c2s.conn_sport
134 #define	conn_c2s_next		conn_c2s.conn_next
135 #define	conn_c2s_prev		conn_c2s.conn_prev
136 #define	conn_c2s_hash		conn_c2s.conn_hash
137 #define	conn_c2s_atime		conn_c2s.conn_atime
138 #define	conn_c2s_pkt_cnt	conn_c2s.conn_pkt_cnt
139 #define	conn_c2s_ip_sum		conn_c2s.conn_ip_sum
140 #define	conn_c2s_tp_sum		conn_c2s.conn_tp_sum
141 #define	conn_c2s_tcp_ack	conn_c2s.conn_tcp_track.ack
142 #define	conn_c2s_tcp_fss	conn_c2s.conn_tcp_track.fss
143 #define	conn_c2s_tcp_fin_sent	conn_c2s.conn_tcp_track.fin_sent
144 #define	conn_c2s_tcp_fin_acked	conn_c2s.conn_tcp_track.fin_acked
145 
146 	/* Server to client, hash and check info */
147 	struct ilb_conn_info	conn_s2c;
148 #define	conn_s2c_daddr		conn_s2c.conn_daddr
149 #define	conn_s2c_saddr		conn_s2c.conn_saddr
150 #define	conn_s2c_dport		conn_s2c.conn_dport
151 #define	conn_s2c_sport		conn_s2c.conn_sport
152 #define	conn_s2c_next		conn_s2c.conn_next
153 #define	conn_s2c_prev		conn_s2c.conn_prev
154 #define	conn_s2c_hash		conn_s2c.conn_hash
155 #define	conn_s2c_atime		conn_s2c.conn_atime
156 #define	conn_s2c_pkt_cnt	conn_s2c.conn_pkt_cnt
157 #define	conn_s2c_ip_sum		conn_s2c.conn_ip_sum
158 #define	conn_s2c_tp_sum		conn_s2c.conn_tp_sum
159 #define	conn_s2c_tcp_ack	conn_s2c.conn_tcp_track.ack
160 #define	conn_s2c_tcp_fss	conn_s2c.conn_tcp_track.fss
161 #define	conn_s2c_tcp_fin_sent	conn_s2c.conn_tcp_track.fin_sent
162 #define	conn_s2c_tcp_fin_acked	conn_s2c.conn_tcp_track.fin_acked
163 
164 	ilb_server_t		*conn_server;
165 	ilb_rule_info_t		conn_rule_cache;
166 
167 	/*
168 	 * If the rule is sticky enabled, all ilb_conn_t created from this
169 	 * rule will have conn_sticky set to the ilb_sticky_t entry.  Otherwise
170 	 * conn_sticky is NULL.
171 	 */
172 	struct ilb_sticky_s	*conn_sticky;
173 
174 	boolean_t		conn_gc;
175 } ilb_conn_t;
176 
177 /*
178  * Struct of the sticky hash table bucket
179  *
180  * sticky_head: the sticky hash list of this bucket
181  * sticky_lock: mutex to protect the list
182  * sticki_cnt: number of sticky hash entries in this bucket
183  */
184 typedef struct ilb_sticky_hash_s {
185 	list_t			sticky_head;
186 	kmutex_t		sticky_lock;
187 	uint32_t		sticky_cnt;
188 #if defined(_LP64) || defined(_I32LPx)
189 	char			sticky_pad[20];
190 #else
191 	char			sticky_pad[36];
192 #endif
193 } ilb_sticky_hash_t;
194 
195 /*
196  * Struct to store sticky info of a client.
197  *
198  * rule_instance: the rule instance for this entry, for look up purpose
199  * rule_name: the rule name for this entry
200  * server: the back end server for this client
201  * src: the client source address
202  * expire: the expiry time of this entry
203  * atime: the last access time of this entry
204  * nat_src_idx: the index to the NAT source array for this client
205  * refcnt: reference count
206  * list: linked list node
207  * hash: back pointer to the sticky hash buckey of this entry
208  */
209 typedef struct ilb_sticky_s {
210 	uint_t			rule_instance;
211 	char			rule_name[ILB_RULE_NAMESZ];
212 	ilb_server_t		*server;
213 	in6_addr_t		src;
214 	int64_t			expiry;
215 	int64_t			atime;
216 	int			nat_src_idx;
217 
218 	uint32_t		refcnt;
219 	list_node_t		list;
220 	ilb_sticky_hash_t	*hash;
221 } ilb_sticky_t;
222 
223 extern void ilb_conn_hash_init(ilb_stack_t *);
224 extern void ilb_conn_hash_fini(ilb_stack_t *);
225 extern void ilb_conn_cache_fini(void);
226 extern void ilb_sticky_hash_init(ilb_stack_t *);
227 extern void ilb_sticky_hash_fini(ilb_stack_t *);
228 extern void ilb_sticky_cache_fini(void);
229 
230 extern boolean_t ilb_check_conn(ilb_stack_t *, int, void *, int, void *,
231     in6_addr_t *, in6_addr_t *, in_port_t, in_port_t, uint32_t, in6_addr_t *);
232 extern boolean_t ilb_check_icmp_conn(ilb_stack_t *, mblk_t *, int, void *,
233     void *, in6_addr_t *);
234 extern int ilb_conn_add(ilb_stack_t *, ilb_rule_t *, ilb_server_t *,
235     in6_addr_t *, in_port_t, in6_addr_t *, in_port_t, ilb_nat_info_t *,
236     uint32_t *, uint32_t *, struct ilb_sticky_s *);
237 
238 extern ilb_server_t *ilb_sticky_find_add(ilb_stack_t *, ilb_rule_t *,
239     in6_addr_t *, ilb_server_t *, struct ilb_sticky_s **, uint16_t *);
240 void ilb_sticky_refrele(struct ilb_sticky_s *);
241 
242 #ifdef __cplusplus
243 }
244 #endif
245 
246 #endif /* _INET_ILB_CONN_H */
247