def evaluate(self): for chunknum, chunk in zip(range(len(self.parallelizer.chunks)), self.parallelizer.chunks): write_to = self.source_folder + '/' + self.source + str(self.generation) + 'chunk:' + repr(chunknum)+ '.lisp' lisp.start_writing(write_to) lisp.comment("----Automatically generated code") lisp.comment("----Autogened by agents.py - Joe Doliner") lisp.comment("----Generated on: " + str(datetime.date.today())) lisp.comment("------------- at: " + time.strftime('%H:%M:%S', time.localtime(time.time()))) for agent in chunk: if(agent.argcount == self.datumlength): stream_to = self.source_folder + '/' + self.stream + '_' + str(self.generation) + '_' + agent.name agent.stream = stream_to lisp.comment("Opening file... " + stream_to) lisp.open_stream(stream_to) lisp.lprint("Evaluating " + agent.client.name + "...") lisp.comment("Code to evaluate agent " + agent.name) for datum in self.data: agent.evaluate(datum) lisp.close_stream() lisp.comment("----Evaluation ends here") lisp.comment("----signal that the evaluation has ended to the host") #the following writes code to signal the grader when it's done lisp.comment("Opening fifo..." + self.parallelizer.fifo) lisp.open_stream(self.parallelizer.fifo) lisp.streamprint("'" + str(chunknum)) lisp.close_stream() lisp.stop_writing() if(self.required): self.parallelizer.load_file(chunknum, self.required) self.parallelizer.load_file(chunknum, write_to)
# lisp.lisp_close_socket(lisp_send_sockets[0], "") lisp.lisp_close_socket(lisp_send_sockets[1], "") lisp.lisp_close_socket(lisp_ipc_listen_socket, "lisp-ms") return #enddef #------------------------------------------------------------------------------ # # Main entry point for process. # if (lisp_ms_startup() == False): lisp.lprint("lisp_ms_startup() failed") lisp.lisp_print_banner("Map-Server abnormal exit") exit(1) #endif while (True): opcode, source, port, packet = \ lisp.lisp_receive(lisp_ipc_listen_socket, True) if (source == ""): break if (opcode == "command"): lispconfig.lisp_process_command( lisp_ipc_listen_socket, opcode, packet, "lisp-ms", [lisp_ms_commands, lisp.lisp_policy_commands]) elif (opcode == "api"): lisp.lisp_process_api("lisp-ms", lisp_ipc_listen_socket, packet)
def lisp_itr_kernel_filter(sources, dyn_eids): if (os.getenv("LISP_NO_IPTABLES") != None): lisp.lprint("User selected to suppress installing iptables rules") return #endif os.system("sudo iptables -t raw -N lisp") os.system("sudo iptables -t raw -A PREROUTING -j lisp") os.system("sudo ip6tables -t raw -N lisp") os.system("sudo ip6tables -t raw -A PREROUTING -j lisp") # # Have kernel process packets for local addresses when sourced from site # EIDs. We do not want the lisp-itr process to process such packets. # We want the kernel to deliver packets to and from local applications. # And we want the kernel to forward decapsulated packets out interfaces # leading the EIDs. # add = "sudo ip{}tables -t raw -A lisp -j ACCEPT -d {}" addr_set = ["127.0.0.1", "::1", "224.0.0.0/4 -p igmp", "ff00::/8", "fe80::/16"] addr_set += sources + lisp.lisp_get_all_addresses() for addr in addr_set: if (lisp.lisp_is_mac_string(addr)): continue six = "" if addr.find(":") == -1 else "6" os.system(add.format(six, addr)) #endfor # # When source and destination addresses are EIDs for this LISP site, # we want the kernel to do local routing. But as a PITR, we don't want # the kernel to route everything (EID-prefix 0.0.0.0/0) or we can't have # this process encapsulate for any source address to a destination EID. # if (lisp.lisp_pitr == False): add = "sudo ip{}tables -t raw -A lisp -j ACCEPT -s {} -d {}" check = "sudo ip{}tables -t raw -C lisp -j ACCEPT -s {} -d {}" for source in sources: if (lisp.lisp_is_mac_string(source)): continue if (source in dyn_eids): continue six = "" if source.find(":") == -1 else "6" for s in sources: if (lisp.lisp_is_mac_string(s)): continue if (s in dyn_eids): continue if (s.find(".") != -1 and source.find(".") == -1): continue if (s.find(":") != -1 and source.find(":") == -1): continue if (commands.getoutput(check.format(six, source, s)) == ""): continue #endif os.system(add.format(six, source, s)) #endfor #endfor #endif # # Now put in drop rules for each "lisp database-mapping" EID-prefix. # drop = "sudo ip{}tables -t raw -A lisp -j DROP -s {}" for source in sources: if (lisp.lisp_is_mac_string(source)): continue six = "" if source.find(":") == -1 else "6" os.system(drop.format(six, source)) #endif # # Print out rules we just configured. # rules = commands.getoutput("sudo iptables -t raw -S lisp").split("\n") rules += commands.getoutput("sudo ip6tables -t raw -S lisp").split("\n") lisp.lprint("Using kernel filters: {}".format(rules)) # # Check if we need to put in a iptables rule workaround for the virtio TCP # checksum corruption problem for KVM guest OSes. Check environmnt # variable LISP_VIRTIO_BUG. # # Note a debian host system that runs docker will need the following # command so ip6tables works inside of the docker container: # # sudo modprobe ip6table_filter # if (os.getenv("LISP_VIRTIO_BUG") != None): c = ("sudo iptables -A POSTROUTING -t mangle -p tcp -j " + \ "CHECKSUM --checksum-fill; ") c += ("sudo iptables -A POSTROUTING -t mangle -p udp -j " + \ "CHECKSUM --checksum-fill; ") c += ("sudo ip6tables -A POSTROUTING -t mangle -p tcp -j " + \ "CHECKSUM --checksum-fill; ") c += ("sudo ip6tables -A POSTROUTING -t mangle -p udp -j " + \ "CHECKSUM --checksum-fill") os.system(c) virtio = lisp.bold("virtio", False) lisp.lprint("{} bug workaround, configure '{}'".format(virtio, c)) #endif return
def lisp_itr_data_plane(packet, device, input_interface, macs, my_sa): global lisp_send_sockets global lisp_ephem_port global lisp_raw_socket, lisp_raw_v6_socket global lisp_ipc_listen_socket # # Check RLOC-probe Map-Reply. We need to grab the TTL from IP header. # orig_packet = packet packet, source, port, ttl = lisp.lisp_is_rloc_probe(packet, 1) if (orig_packet != packet): if (source == None): return lisp.lisp_parse_packet(lisp_send_sockets, packet, source, port, ttl) return #endif packet = lisp.lisp_packet(packet) if (packet.decode(False, None, None) == None): return # # For locally source packets from this system, the MAC address may # be the default router. Check source to see if assigned to this system, # and if so, accept on interface "device". # if (my_sa): input_interface = device # # Get instance-ID for incoming interface. # source_eid = packet.inner_source iid = lisp.lisp_get_interface_instance_id(input_interface, source_eid) packet.inner_dest.instance_id = iid packet.inner_source.instance_id = iid # # Print some useful header fields and strip outer headers.. # if (macs != ""): macs = ", MACs: " + macs + "," packet.print_packet("Receive {}{}".format(device, macs), False) # # Drop packet if input interface not found based on MAC address used. # if (device != input_interface and device != "lispers.net"): lisp.dprint("Not our MAC address on interface {}, pcap interface {}". \ format(input_interface, device)) return #endif lisp_decent = lisp.lisp_decent_push_configured if (lisp_decent): multicast = packet.inner_dest.is_multicast_address() local = packet.inner_source.is_local() lisp_decent = (local and multicast) #endif if (lisp_decent == False): # # Only forward packets from source-EIDs. # db = lisp.lisp_db_for_lookups.lookup_cache(packet.inner_source, False) if (db == None): lisp.dprint("Packet received from non-EID source") return #endif # # Check to see if we are doing dynamic-EID discovery. # if (db.dynamic_eid_configured()): i = lisp.lisp_allow_dynamic_eid(input_interface, packet.inner_source) if (i): lisp.lisp_itr_discover_eid(db, packet.inner_source, input_interface, i, lisp_ipc_listen_socket) else: e = lisp.green(packet.inner_source.print_address(), False) lisp.dprint("Disallow dynamic-EID {} on interface {}".format(e, input_interface)) return #endif #endif if (packet.inner_source.is_local() and packet.udp_dport == lisp.LISP_CTRL_PORT): return #endif # # Do input processing for currently supported packet types.. # if (packet.inner_version == 4): igmp, packet.packet = lisp.lisp_ipv4_input(packet.packet) if (packet.packet == None): return packet.inner_ttl -= 1 elif (packet.inner_version == 6): packet.packet = lisp.lisp_ipv6_input(packet) if (packet.packet == None): return packet.inner_ttl -= 1 else: packet.packet = lisp.lisp_mac_input(packet.packet) if (packet.packet == None): return packet.encap_port = lisp.LISP_L2_DATA_PORT #endif # # First check if destination is to any local EID-prefixes from database- # mapping commands. In this case, we need to natively forward. # if (lisp_xtr_loopback == False): db = lisp.lisp_db_for_lookups.lookup_cache(packet.inner_dest, False) if (db and db.dynamic_eid_configured == False): lisp.dprint(("Packet destined to local EID-prefix {}, " + \ "natively forwarding").format(db.print_eid_tuple())) packet.send_packet(lisp_raw_socket, packet.inner_dest) return #endif #endif # # Do map-cache lookup. # mc = lisp.lisp_map_cache_lookup(packet.inner_source, packet.inner_dest) if (mc): mc.add_recent_source(packet.inner_source) # # If "secondary-iid" is configured, we want to check the secondary # map-cache if a lookup miss occured in the default IID for this source # EID-prefix. If destination EID found in secondary map-cache, use it. # Otherwise, send Map-Request for EID in default IID. # secondary_iid = db.secondary_iid if (db != None) else None if (secondary_iid and mc and mc.action == lisp.LISP_NATIVE_FORWARD_ACTION): dest_eid = packet.inner_dest dest_eid.instance_id = secondary_iid mc = lisp.lisp_map_cache_lookup(packet.inner_source, dest_eid) if (mc): mc.add_recent_source(packet.inner_source) #endif # # Map-cache lookup miss. # if (mc == None or lisp.lisp_mr_or_pubsub(mc.action)): if (lisp.lisp_rate_limit_map_request(packet.inner_dest)): return pubsub = (mc and mc.action == lisp.LISP_SEND_PUBSUB_ACTION) lisp.lisp_send_map_request(lisp_send_sockets, lisp_ephem_port, packet.inner_source, packet.inner_dest, None, pubsub) if (packet.is_trace()): lisp.lisp_trace_append(packet, reason="map-cache miss") #endif return #endif # # Send Map-Request to see if there is a RLOC change or to refresh an # entry that is about to time out. # if (mc and mc.is_active() and mc.has_ttl_elapsed()): if (lisp.lisp_rate_limit_map_request(packet.inner_dest) == False): lisp.lprint("Refresh map-cache entry {}".format( \ lisp.green(mc.print_eid_tuple(), False))) lisp.lisp_send_map_request(lisp_send_sockets, lisp_ephem_port, packet.inner_source, packet.inner_dest, None) #endif #endif # # Update stats for entry. Stats per RLOC is done in lisp_mapping.select_ # rloc(). # mc.last_refresh_time = time.time() mc.stats.increment(len(packet.packet)) # # Encapsulate, native forward, or encapsulate-and-replciate packet. # dest_rloc, dest_port, nonce, action, rle, rloc_entry = \ mc.select_rloc(packet, lisp_ipc_listen_socket) if (dest_rloc == None and rle == None): if (action == lisp.LISP_NATIVE_FORWARD_ACTION): lisp.dprint("Natively forwarding") packet.send_packet(lisp_raw_socket, packet.inner_dest) if (packet.is_trace()): lisp.lisp_trace_append(packet, reason="not an EID") #endif return #endif r = "No reachable RLOCs found" lisp.dprint(r) if (packet.is_trace()): lisp.lisp_trace_append(packet, reason=r) return #endif if (dest_rloc and dest_rloc.is_null()): r = "Drop action RLOC found" lisp.dprint(r) if (packet.is_trace()): lisp.lisp_trace_append(packet, reason=r) return #endif # # Setup outer header for either unicast or multicast transmission.. # packet.outer_tos = packet.inner_tos packet.outer_ttl = 32 if (igmp) else packet.inner_ttl # # Do unicast encapsulation. # if (dest_rloc): packet.outer_dest.copy_address(dest_rloc) version = packet.outer_dest.afi_to_version() packet.outer_version = version source_rloc = lisp.lisp_myrlocs[0] if (version == 4) else \ lisp.lisp_myrlocs[1] packet.outer_source.copy_address(source_rloc) if (packet.is_trace()): if (lisp.lisp_trace_append(packet, rloc_entry=rloc_entry) \ == False): return #endif # # Encode new LISP, UDP, and outer header. # if (packet.encode(nonce) == None): return if (len(packet.packet) <= 1500): packet.print_packet("Send", True) # # Send out on raw socket. # raw_socket = lisp_raw_v6_socket if version == 6 else lisp_raw_socket packet.send_packet(raw_socket, packet.outer_dest) elif (rle): # # Do replication of RLE is returned. Since we are an ITR, replicate to # level-0 RTRs (or ETRs) only (or first-level boxes only).. # level = rle.rle_nodes[0].level orig_len = len(packet.packet) for node in rle.rle_forwarding_list: if (node.level != level): return packet.outer_dest.copy_address(node.address) if (lisp_decent): packet.inner_dest.instance_id = 0xffffff version = packet.outer_dest.afi_to_version() packet.outer_version = version source_rloc = lisp.lisp_myrlocs[0] if (version == 4) else \ lisp.lisp_myrlocs[1] packet.outer_source.copy_address(source_rloc) if (packet.is_trace()): if (lisp.lisp_trace_append(packet) == False): return #endif if (packet.encode(None) == None): return # # Replicate out on raw socket. # packet.print_packet("Replicate-to-L{}".format(node.level), True) packet.send_packet(lisp_raw_socket, packet.outer_dest) # # We need to strip the encapsulation header so we can add a new # one for the next replication. # strip_len = len(packet.packet) - orig_len packet.packet = packet.packet[strip_len::] #endfor #endif # # Don't need packet structure anymore. # del(packet) return
def lisp_itr_get_capture_info(): global lisp_pcap_lock lisp.lisp_set_exception() # # Wait for database-mapping commands to execute. We need to retrieve # EID-prefixes we need to listen on. # sources, dyn_eids = lisp_itr_get_local_eid_prefixes() # # If "ipc-data-plane = yes" is configured, we do not need to do any # data-plane forwarding. There is another module running with the # lispers.net control-plane that is doing data-plane forwarding. We'll # get punts via the lispers.net-itr named socket. But we do have to # packet capture RLOC-probe replies. Also capture multicast Map-Register # messages for LISP-Decent. # cp_pfilter = None if (lisp.lisp_ipc_data_plane): lisp.lprint(lisp.bold("Data-plane packet capture disabled", False)) cp_pfilter = "(udp src port 4342 and ip[28] == 0x28)" + \ " or (ip[16] >= 224 and ip[16] < 240 and (ip[28] & 0xf0) == 0x30)" lisp.lprint("Control-plane capture: '{}'".format(cp_pfilter)) else: lisp.lprint("Capturing packets for source-EIDs {}".format( \ lisp.green(str(sources), False))) #endif if (lisp.lisp_pitr): lisp.lprint("Configured for PITR functionality") # # We want the kernel to handle any packets with source AND destination # that matches any EID-prefixes for the site. Any other case, we want # the pcap filters to get the packet to this lisp-itr process. # l2_overlay = lisp.lisp_l2_overlay if (l2_overlay == False): if (lisp.lisp_is_linux()): lisp_itr_kernel_filter(sources, dyn_eids) #endif # # Build packet capture filter so we get packets for configured source EID- # prefixes. # if (cp_pfilter == None): if (lisp.lisp_pitr): pfilter = lisp_itr_build_pcap_filter(sources, [], False, True) else: pfilter = lisp_itr_build_pcap_filter(sources, dyn_eids, l2_overlay, False) #endif else: pfilter = cp_pfilter #endif # # User can select which interfaces to pcap on. # interfaces = lisp_get_active_interfaces() pcap_list = os.getenv("LISP_PCAP_LIST") if (pcap_list == None): us = "" rloc_interfaces = [] else: eid_interfaces = list(set(pcap_list.split()) & set(interfaces)) rloc_interfaces = list(set(pcap_list.split()) ^ set(interfaces)) us = "user-selected " lisp.lprint("User pcap-list: {}, active-interfaces: {}".format( \ pcap_list, interfaces)) interfaces = eid_interfaces #endif # # Start a pcap thread so we can receive packets from applications on this # system. But make sure the device is up on A10 devices. If ethernet MAC # capturing, do not listen on non ethernet interfaces. # mac_capturing = (pfilter.find("ether host") != -1) for device in interfaces: if (device in ["lo", "lispers.net"] and mac_capturing): lisp.lprint(("Capturing suppressed on interface {}, " + \ "MAC filters configured").format(device)) continue #endif args = [device, pfilter, lisp_pcap_lock] lisp.lprint("Capturing packets on {}interface {}".format(us, device)) threading.Thread(target=lisp_itr_pcap_thread, args=args).start() #endfor if (cp_pfilter): return # # Start a pcap thread so we can receive RLOC-probe Map-Replies packets on # RLOC interfaces. This is only called when LISP_PCAP_LIST is set. # probe_pfilter = "(udp src port 4342 and ip[28] == 0x28)" for device in rloc_interfaces: args = [device, probe_pfilter, lisp_pcap_lock] lisp.lprint("Capture RLOC-probe replies on RLOC interface {}".format( \ device)) threading.Thread(target=lisp_itr_pcap_thread, args=args).start() #endfor return
def lisp_itr_build_pcap_filter(sources, dyn_eids, l2_overlay, pitr): if (l2_overlay): pfilter = "ether[6:4] >= 0 and ether[10:2] >= 0" lisp.lprint("Using pcap filter: '{}'".format(pfilter)) return(pfilter) #endif ether_pfilter = "(not ether proto 0x806)" probe_pfilter = " or (udp src port 4342 and ip[28] == 0x28)" decent_pfilter = \ " or (ip[16] >= 224 and ip[16] < 240 and (ip[28] & 0xf0) == 0x30)" src_pfilter = "" dst_pfilter = "" for source in sources: insert_source = source if (lisp.lisp_is_mac_string(source)): insert_source = source.split("/")[0] insert_source = insert_source.replace("-", "") mac_str = [] for i in range(0, 12, 2): mac_str.append(insert_source[i:i+2]) insert_source = "ether host " + ":".join(mac_str) #endif src_pfilter += "{}".format(insert_source) if (source not in dyn_eids): dst_pfilter += "{}".format(insert_source) if (sources[-1] == source): break src_pfilter += " or " if (source not in dyn_eids): dst_pfilter += " or " #endfor if (dst_pfilter[-4::] == " or "): dst_pfilter = dst_pfilter[0:-4] # # If "lisp-nat = yes" is configured, then we are a PETR and we need # to accept packets for local EIDs (assigned to loopback interfaces). # So allow the first one to be accepted. # lisp_nat = commands.getoutput("egrep 'lisp-nat = yes' ./lisp.config") lisp_nat = (lisp_nat != "" and lisp_nat[0] == " ") loopback = lisp.lisp_get_loopback_address() if (lisp_nat) else None addr_pfilter = "" addresses = lisp.lisp_get_all_addresses() for addr in addresses: if (addr == loopback): continue addr_pfilter += "{}".format(addr) if (addresses[-1] == addr): break addr_pfilter += " or " #endif if (src_pfilter != ""): src_pfilter = " and (src net {})".format(src_pfilter) #endif if (dst_pfilter != ""): dst_pfilter = " and not (dst net {})".format(dst_pfilter) #endif if (addr_pfilter != ""): addr_pfilter = " and not (dst host {})".format(addr_pfilter) #endif # # A PITR wants to see packets from anywhere so it can encap to possible # LISP sites. But we want the kernel to route and consume for RLOCs for # this system. # if (pitr): dst_pfilter = "" addr_pfilter = addr_pfilter.replace("dst ", "") #endif # # Concatenate all the filters. # pfilter = ether_pfilter + src_pfilter + dst_pfilter + addr_pfilter pfilter += probe_pfilter pfilter += decent_pfilter lisp.lprint("Using pcap filter: '{}'".format(pfilter)) return(pfilter)
"json-name" : [False], "json-string" : [False] }], "show itr-map-cache" : [lisp_itr_show_command, { }], "show itr-rloc-probing" : [lisp_itr_show_rloc_probe_command, { }], "show itr-keys" : [lisp_itr_show_keys_command, {}], "show itr-dynamic-eid" : [lispconfig.lisp_show_dynamic_eid_command, { }] } #------------------------------------------------------------------------------ # # Main entry point for process. # if (lisp_itr_startup() == False): lisp.lprint("lisp_itr_startup() failed") lisp.lisp_print_banner("ITR abnormal exit") exit(1) #endif socket_list = [lisp_ephem_listen_socket, lisp_ipc_listen_socket, lisp_ephem_nat_socket, lisp_ipc_punt_socket] # # Should we listen to the map-cache/punt IPC socket if it exists. # listen_on_ipc_socket = True ephem_sockets = [lisp_ephem_listen_socket] * 3 ephem_nat_sockets = [lisp_ephem_nat_socket] * 3 while (True):
def O0O(lisp_packet, thread_name): global II1iII1i, i1I1I, iiI1I global iiI1iIiI, OOo if 12 - 12: i11iIiiIii - i1IIi - OoO0O00.i1IIi - OOooOOo + O0 oO0OOOO0 = lisp_packet if 26 - 26: Ii1I if 35 - 35: Ii1I - I1IiiI % o0oOOo0O0Ooo.OoooooooOO % Ii1I if 47 - 47: iII111i - Ii1I.II111iiii + OoooooooOO.i11iIiiIii if 94 - 94: o0oOOo0O0Ooo * Ii1I / Oo0Ooo / Ii1I oO0 = oO0OOOO0.packet O0OO0O = oO0 O0OO0O, OO, IIIIii, OoOoO = lisp.lisp_is_rloc_probe(O0OO0O, -1) if (oO0 != O0OO0O): if (OO == None): return lisp.lisp_parse_packet(II1iII1i, O0OO0O, OO, IIIIii, OoOoO) return if 43 - 43: i11iIiiIii + Oo0Ooo * II111iiii * I1Ii111 * O0 if 64 - 64: OOooOOo % iIii1I11I1II1 * oO0o if 79 - 79: O0 if 78 - 78: I1ii11iIi11i + OOooOOo - I1Ii111 if 38 - 38: o0oOOo0O0Ooo - oO0o + iIii1I11I1II1 / OoOoOO00 % Oo0Ooo oO0OOOO0.packet = lisp.lisp_reassemble(oO0OOOO0.packet) if (oO0OOOO0.packet == None): return if 57 - 57: OoO0O00 / ooOoO0o if 29 - 29: iIii1I11I1II1 + OoOoOO00 * OoO0O00 * OOooOOo.I1IiiI * I1IiiI if 7 - 7: IiII * I1Ii111 % Ii1I - o0oOOo0O0Ooo if 13 - 13: Ii1I.i11iIiiIii if 56 - 56: I1ii11iIi11i % O0 - I1IiiI if (lisp.lisp_flow_logging): oO0OOOO0 = copy.deepcopy(oO0OOOO0) if 100 - 100: Ii1I - O0 % oO0o * OOooOOo + I1IiiI if (oO0OOOO0.decode(True, None, lisp.lisp_decap_stats) == None): return if 88 - 88: OoooooooOO - OoO0O00 * O0 * OoooooooOO.OoooooooOO if 33 - 33: I1Ii111 + iII111i * oO0o / iIii1I11I1II1 - I1IiiI if 54 - 54: I1Ii111 / OOooOOo.oO0o % iII111i if 57 - 57: i11iIiiIii.I1ii11iIi11i - Ii1I - oO0o + OoOoOO00 oO0OOOO0.print_packet("Receive-({})".format(thread_name), True) if 63 - 63: OoOoOO00 * iII111i if 69 - 69: O0.OoO0O00 if 49 - 49: I1IiiI - I11i if 74 - 74: iIii1I11I1II1 * I1ii11iIi11i + OoOoOO00 / i1IIi / II111iiii.Oo0Ooo oO0OOOO0.strip_outer_headers() if 62 - 62: OoooooooOO * I1IiiI if 58 - 58: OoOoOO00 % o0oOOo0O0Ooo if 50 - 50: I1Ii111.o0oOOo0O0Ooo if 97 - 97: O0 + OoOoOO00 if 89 - 89: o0oOOo0O0Ooo + OoO0O00 * I11i * Ii1I if 37 - 37: OoooooooOO - O0 - o0oOOo0O0Ooo if 77 - 77: OOooOOo * iIii1I11I1II1 if 98 - 98: I1IiiI % Ii1I * OoooooooOO if 51 - 51: iIii1I11I1II1.OoOoOO00 / oO0o + o0oOOo0O0Ooo if 33 - 33: ooOoO0o.II111iiii % iII111i + o0oOOo0O0Ooo if 71 - 71: Oo0Ooo % OOooOOo if (oO0OOOO0.lisp_header.get_instance_id() == 0xffffff): O00oO000O0O = lisp.lisp_control_header() O00oO000O0O.decode(oO0OOOO0.packet) if (O00oO000O0O.is_info_request()): I1i1i1iii = lisp.lisp_info() I1i1i1iii.decode(oO0OOOO0.packet) I1i1i1iii.print_info() if 16 - 16: Ii1I + IiII * O0 % i1IIi.I1IiiI if 67 - 67: OoooooooOO / I1IiiI * Ii1I + I11i if 65 - 65: OoooooooOO - I1ii11iIi11i / ooOoO0o / II111iiii / i1IIi if 71 - 71: I1Ii111 + Ii1I if 28 - 28: OOooOOo I11ii1IIiIi = I1i1i1iii.hostname if ( I1i1i1iii.hostname != None) else "" OoOOo0OOoO = oO0OOOO0.outer_source ooO0O00Oo0o = oO0OOOO0.udp_sport if (lisp.lisp_store_nat_info(I11ii1IIiIi, OoOOo0OOoO, ooO0O00Oo0o)): i1I1iI1iIi111i(II1iII1i, I11ii1IIiIi, OoOOo0OOoO, ooO0O00Oo0o) if 65 - 65: I1ii11iIi11i.I11i - I1Ii111 * IiII / I1Ii111 / ooOoO0o else: OO = oO0OOOO0.outer_source.print_address_no_iid() OoOoO = oO0OOOO0.outer_ttl oO0OOOO0 = oO0OOOO0.packet if (lisp.lisp_is_rloc_probe_request(oO0OOOO0[28]) == False and lisp.lisp_is_rloc_probe_reply(oO0OOOO0[28]) == False): OoOoO = -1 oO0OOOO0 = oO0OOOO0[28::] lisp.lisp_parse_packet(II1iII1i, oO0OOOO0, OO, 0, OoOoO) if 40 - 40: ooOoO0o * IiII * i11iIiiIii return if 57 - 57: ooOoO0o if 29 - 29: OoOoOO00 - IiII * OoooooooOO + OoooooooOO.II111iiii + OoooooooOO if 74 - 74: Ii1I - IiII / iII111i * O0 - OOooOOo if 19 - 19: I1IiiI if 25 - 25: Ii1I / ooOoO0o if 31 - 31: OOooOOo.O0 % I1IiiI.o0oOOo0O0Ooo + IiII if (lisp.lisp_ipc_data_plane): lisp.dprint("Drop packet, external data-plane active") return if 71 - 71: I1Ii111.II111iiii if 62 - 62: OoooooooOO.I11i if 61 - 61: OoOoOO00 - OOooOOo - i1IIi if 25 - 25: O0 * I11i + I1ii11iIi11i.o0oOOo0O0Ooo.o0oOOo0O0Ooo if 58 - 58: I1IiiI lisp.lisp_decap_stats["good-packets"].increment(len(oO0OOOO0.packet)) if 53 - 53: i1IIi if 59 - 59: o0oOOo0O0Ooo if 81 - 81: OoOoOO00 - OoOoOO00.iII111i if 73 - 73: I11i % i11iIiiIii - I1IiiI if (oO0OOOO0.inner_dest.is_mac()): oO0OOOO0.packet = lisp.lisp_mac_input(oO0OOOO0.packet) if (oO0OOOO0.packet == None): return oO0OOOO0.encap_port = lisp.LISP_VXLAN_DATA_PORT elif (oO0OOOO0.inner_version == 4): oO0OOOO0.packet = lisp.lisp_ipv4_input(oO0OOOO0.packet) if (oO0OOOO0.packet == None): return oO0OOOO0.inner_ttl = oO0OOOO0.outer_ttl elif (oO0OOOO0.inner_version == 6): oO0OOOO0.packet = lisp.lisp_ipv6_input(oO0OOOO0) if (oO0OOOO0.packet == None): return oO0OOOO0.inner_ttl = oO0OOOO0.outer_ttl else: lisp.dprint("Cannot parse inner packet header") return if 7 - 7: O0 * i11iIiiIii * Ii1I + ooOoO0o % OoO0O00 - ooOoO0o if 39 - 39: Oo0Ooo * OOooOOo % OOooOOo - OoooooooOO + o0oOOo0O0Ooo - I11i if 23 - 23: i11iIiiIii if 30 - 30: o0oOOo0O0Ooo - i1IIi % II111iiii + I11i * iIii1I11I1II1 if 81 - 81: IiII % i1IIi.iIii1I11I1II1 Ii1Iii1iIi = lisp.lisp_map_cache_lookup(oO0OOOO0.inner_source, oO0OOOO0.inner_dest) if 82 - 82: I1ii11iIi11i / I1IiiI % iIii1I11I1II1 / i1IIi - I1IiiI if 7 - 7: I1Ii111 * OoO0O00 - ooOoO0o + OOooOOo * I1IiiI % OoO0O00 if 15 - 15: OoOoOO00 % I1IiiI * I11i if 81 - 81: ooOoO0o - iIii1I11I1II1 - i1IIi / I1Ii111 - O0 * I11i if 20 - 20: oO0o % IiII if (Ii1Iii1iIi and (Ii1Iii1iIi.action == lisp.LISP_NATIVE_FORWARD_ACTION or Ii1Iii1iIi.eid.address == 0)): III1i1i11i = lisp.lisp_db_for_lookups.lookup_cache( oO0OOOO0.inner_source, False) if (III1i1i11i and III1i1i11i.secondary_iid): oOo0 = oO0OOOO0.inner_dest oOo0.instance_id = III1i1i11i.secondary_iid Ii1Iii1iIi = lisp.lisp_map_cache_lookup(oO0OOOO0.inner_source, oOo0) if 56 - 56: o0oOOo0O0Ooo + II111iiii + OoOoOO00 - ooOoO0o.OoOoOO00 if 84 - 84: OoO0O00 + i1IIi - II111iiii.I1ii11iIi11i * OoooooooOO + I1IiiI if 38 - 38: OOooOOo + II111iiii % ooOoO0o % OoOoOO00 - Ii1I / OoooooooOO if 73 - 73: o0oOOo0O0Ooo * O0 - i11iIiiIii if 85 - 85: Ii1I % iII111i + I11i / o0oOOo0O0Ooo.oO0o + OOooOOo if 62 - 62: i11iIiiIii + i11iIiiIii - o0oOOo0O0Ooo if (Ii1Iii1iIi == None or Ii1Iii1iIi.action == lisp.LISP_SEND_MAP_REQUEST_ACTION): if (lisp.lisp_rate_limit_map_request(oO0OOOO0.inner_source, oO0OOOO0.inner_dest)): return lisp.lisp_send_map_request(II1iII1i, II1Ii1iI1i, oO0OOOO0.inner_source, oO0OOOO0.inner_dest, None) return if 28 - 28: iII111i.iII111i % iIii1I11I1II1 * iIii1I11I1II1.o0oOOo0O0Ooo / iII111i if 27 - 27: OoO0O00 + ooOoO0o - i1IIi if 69 - 69: IiII - O0 % I1ii11iIi11i + i11iIiiIii.OoOoOO00 / OoO0O00 if 79 - 79: O0 * i11iIiiIii - IiII / IiII if 48 - 48: O0 if 93 - 93: i11iIiiIii - I1IiiI * I1ii11iIi11i * I11i % O0 + OoooooooOO if (Ii1Iii1iIi and Ii1Iii1iIi.is_active() and Ii1Iii1iIi.has_ttl_elapsed()): lisp.lprint("Refresh map-cache entry {}".format( lisp.green(Ii1Iii1iIi.print_eid_tuple(), False))) if 25 - 25: IiII + Ii1I / ooOoO0o.o0oOOo0O0Ooo % O0 * OoO0O00 lisp.lisp_send_map_request(II1iII1i, II1Ii1iI1i, oO0OOOO0.inner_source, oO0OOOO0.inner_dest, None) if 84 - 84: ooOoO0o % Ii1I + i11iIiiIii if 28 - 28: Oo0Ooo + OoO0O00 * OOooOOo % oO0o.I11i % O0 if 16 - 16: I11i - iIii1I11I1II1 / I1IiiI.II111iiii + iIii1I11I1II1 if 19 - 19: OoO0O00 - Oo0Ooo.O0 if 60 - 60: II111iiii + Oo0Ooo if 9 - 9: ooOoO0o * OoooooooOO - iIii1I11I1II1 + OoOoOO00 / OoO0O00.OoO0O00 Ii1Iii1iIi.stats.increment(len(oO0OOOO0.packet)) if 49 - 49: II111iiii if 25 - 25: OoooooooOO - I1IiiI.I1IiiI * oO0o if 81 - 81: iII111i + IiII if 98 - 98: I1IiiI o00o0, II1I, II1I1I1Ii, OOOOoO00o0O, I1I1I1IIi1III = Ii1Iii1iIi.select_rloc( oO0OOOO0, None) if 5 - 5: Oo0Ooo % ooOoO0o % i11iIiiIii + o0oOOo0O0Ooo / I1ii11iIi11i - I1ii11iIi11i if (o00o0 == None and I1I1I1IIi1III == None): if (OOOOoO00o0O == lisp.LISP_NATIVE_FORWARD_ACTION): lisp.dprint("Natively forwarding") oO0OOOO0.send_packet(iiI1iIiI, oO0OOOO0.inner_dest) return if 45 - 45: I1ii11iIi11i % I1IiiI - i11iIiiIii lisp.dprint("No reachable RLOCs found") return if 11 - 11: iIii1I11I1II1 * iIii1I11I1II1 * I1IiiI if (o00o0 and o00o0.is_null()): lisp.dprint("Drop action RLOC found") return if 46 - 46: OoOoOO00 + OoO0O00 if 70 - 70: iII111i / iIii1I11I1II1 if 85 - 85: OoooooooOO % i1IIi * OoooooooOO / I1ii11iIi11i if 96 - 96: OoooooooOO + oO0o if 44 - 44: oO0o oO0OOOO0.outer_tos = oO0OOOO0.inner_tos oO0OOOO0.outer_ttl = oO0OOOO0.inner_ttl if 20 - 20: I11i + Ii1I / O0 % iIii1I11I1II1 if 88 - 88: OoOoOO00 / II111iiii if 87 - 87: I1ii11iIi11i - I1ii11iIi11i - iII111i + oO0o if 82 - 82: oO0o / iIii1I11I1II1.I1IiiI.OOooOOo / o0oOOo0O0Ooo if (o00o0): oO0OOOO0.encap_port = II1I if (II1I == 0): oO0OOOO0.encap_port = lisp.LISP_DATA_PORT oO0OOOO0.outer_dest.copy_address(o00o0) iiI1I1 = oO0OOOO0.outer_dest.afi_to_version() oO0OOOO0.outer_version = iiI1I1 ooO = lisp.lisp_myrlocs[0] if (iiI1I1 == 4) else lisp.lisp_myrlocs[1] if 6 - 6: iIii1I11I1II1.ooOoO0o % o0oOOo0O0Ooo oO0OOOO0.outer_source.copy_address(ooO) if 50 - 50: iII111i + O0 + Ii1I.II111iiii / o0oOOo0O0Ooo if 17 - 17: Ii1I % iIii1I11I1II1 - iIii1I11I1II1 if 78 - 78: iII111i + I11i.ooOoO0o - iII111i.Ii1I if 30 - 30: I1IiiI + OoO0O00 % Ii1I * iII111i / Oo0Ooo - I11i if (oO0OOOO0.encode(II1I1I1Ii) == None): return if (len(oO0OOOO0.packet) <= 1500): oO0OOOO0.print_packet("Send", True) if 64 - 64: iIii1I11I1II1 if 21 - 21: Oo0Ooo.II111iiii if 54 - 54: II111iiii % II111iiii if 86 - 86: O0 % Ii1I * ooOoO0o * iIii1I11I1II1 * i1IIi * I11i OOOoOOO0oO = OOo if iiI1I1 == 6 else iiI1iIiI oO0OOOO0.send_packet(OOOoOOO0oO, oO0OOOO0.outer_dest) if 28 - 28: ooOoO0o + i11iIiiIii / I11i % OoOoOO00 % Oo0Ooo - O0 elif (I1I1I1IIi1III): if 54 - 54: i1IIi + II111iiii if 83 - 83: I1ii11iIi11i - I1IiiI + OOooOOo if 5 - 5: Ii1I if 46 - 46: IiII ii1iIi1iIiI1i = len(oO0OOOO0.packet) for iiI1iIii1i in I1I1I1IIi1III.rle_forwarding_list: oO0OOOO0.outer_dest.copy_address(iiI1iIii1i.address) oO0OOOO0.encap_port = lisp.LISP_DATA_PORT if iiI1iIii1i.translated_port == 0 else iiI1iIii1i.translated_port if 70 - 70: OoO0O00 * O0.I11i + I1IiiI.IiII if 14 - 14: iIii1I11I1II1 % iIii1I11I1II1 * i11iIiiIii - OoO0O00 - I11i iiI1I1 = oO0OOOO0.outer_dest.afi_to_version() oO0OOOO0.outer_version = iiI1I1 ooO = lisp.lisp_myrlocs[0] if (iiI1I1 == 4) else lisp.lisp_myrlocs[1] if 63 - 63: OoO0O00 oO0OOOO0.outer_source.copy_address(ooO) if 69 - 69: iIii1I11I1II1.I1ii11iIi11i % ooOoO0o + iIii1I11I1II1 / O0 / I1ii11iIi11i if (oO0OOOO0.encode(None) == None): return if 61 - 61: OOooOOo % OOooOOo * o0oOOo0O0Ooo / o0oOOo0O0Ooo oO0OOOO0.print_packet("Replicate-to-L{}".format(iiI1iIii1i.level), True) oO0OOOO0.send_packet(iiI1iIiI, oO0OOOO0.outer_dest) if 75 - 75: IiII.ooOoO0o if 50 - 50: OoOoOO00 if 60 - 60: ooOoO0o * iIii1I11I1II1 * I1ii11iIi11i * Oo0Ooo if 69 - 69: Ii1I * O0.i11iIiiIii / Ii1I.o0oOOo0O0Ooo if 63 - 63: I11i + o0oOOo0O0Ooo.II111iiii - I1IiiI oOOO00o000o = len(oO0OOOO0.packet) - ii1iIi1iIiI1i oO0OOOO0.packet = oO0OOOO0.packet[oOOO00o000o::] if 9 - 9: oO0o + I11i / I11i if (lisp.lisp_flow_logging): oO0OOOO0 = copy.deepcopy(oO0OOOO0) if 12 - 12: OoooooooOO % o0oOOo0O0Ooo * I11i % iIii1I11I1II1 / Ii1I if 27 - 27: i11iIiiIii % II111iiii % I11i.O0 - Oo0Ooo + OoOoOO00 if 57 - 57: iIii1I11I1II1 / I11i - i1IIi if 51 - 51: IiII if 25 - 25: OoooooooOO + IiII * I1ii11iIi11i if 92 - 92: I1IiiI + I11i + O0 / o0oOOo0O0Ooo + I1Ii111 del (oO0OOOO0) return if 18 - 18: ooOoO0o * OoOoOO00.iII111i / I1ii11iIi11i / i11iIiiIii if 21 - 21: oO0o / I1ii11iIi11i + Ii1I + OoooooooOO if 91 - 91: i11iIiiIii / i1IIi + iII111i + ooOoO0o * i11iIiiIii if 66 - 66: iIii1I11I1II1 % i1IIi - O0 + I11i * I1Ii111.IiII if 52 - 52: ooOoO0o + O0.iII111i.I1ii11iIi11i.OoO0O00 if 97 - 97: I1IiiI / iII111i if 71 - 71: II111iiii / i1IIi.I1ii11iIi11i % OoooooooOO.OoOoOO00
def II1i1IiiIIi11(mc, parms): iI1Ii11iII1, Oo0O0O0ooO0O, IIIIii, O0o0 = parms if 71 - 71: OOooOOo + ooOoO0o % i11iIiiIii + I1ii11iIi11i - IiII oO0OOoO0 = "{}:{}".format(Oo0O0O0ooO0O.print_address_no_iid(), IIIIii) I111Ii111 = lisp.green(mc.print_eid_tuple(), False) i111IiI1I = "Changed '{}' translated address:port to {} for EID {}, {} {}".format( O0o0, lisp.red(oO0OOoO0, False), I111Ii111, "{}", "{}") if 70 - 70: Ii1I.Oo0Ooo / o0oOOo0O0Ooo.Ii1I - O0 / IiII if 62 - 62: iIii1I11I1II1 * OoOoOO00 for i1 in mc.rloc_set: if (i1.rle): for OOO in i1.rle.rle_nodes: if (OOO.rloc_name != O0o0): continue OOO.store_translated_rloc(Oo0O0O0ooO0O, IIIIii) Oo0oOOo = OOO.address.print_address_no_iid() + ":" + str( OOO.translated_port) if 58 - 58: II111iiii * OOooOOo * I1ii11iIi11i / OOooOOo lisp.lprint(i111IiI1I.format("RLE", Oo0oOOo)) if 75 - 75: oO0o if 50 - 50: Ii1I / Oo0Ooo - oO0o - I11i % iII111i - oO0o if 91 - 91: OoO0O00 / I11i - II111iiii.I11i if (i1.rloc_name != O0o0): continue if 18 - 18: o0oOOo0O0Ooo if 98 - 98: iII111i * iII111i / iII111i + I11i if 34 - 34: ooOoO0o if 15 - 15: I11i * ooOoO0o * Oo0Ooo % i11iIiiIii % OoOoOO00 - OOooOOo if 68 - 68: I1Ii111 % i1IIi.IiII.I1ii11iIi11i if 92 - 92: iII111i.I1Ii111 Oo0oOOo = i1.rloc.print_address_no_iid() + ":" + str( i1.translated_port) if 31 - 31: I1Ii111.OoOoOO00 / O0 if (lisp.lisp_crypto_keys_by_rloc_encap.has_key(Oo0oOOo)): o000O0o = lisp.lisp_crypto_keys_by_rloc_encap[Oo0oOOo] lisp.lisp_crypto_keys_by_rloc_encap[oO0OOoO0] = o000O0o if 42 - 42: OoOoOO00 if 41 - 41: Oo0Ooo.ooOoO0o + O0 * o0oOOo0O0Ooo % Oo0Ooo * Oo0Ooo if 19 - 19: iII111i if 46 - 46: I1ii11iIi11i - Ii1I.iIii1I11I1II1 / I1ii11iIi11i if 7 - 7: i1IIi / I1IiiI * I1Ii111.IiII.iIii1I11I1II1 i1.delete_from_rloc_probe_list(mc.eid, mc.group) i1.store_translated_rloc(Oo0O0O0ooO0O, IIIIii) i1.add_to_rloc_probe_list(mc.eid, mc.group) lisp.lprint(i111IiI1I.format("RLOC", Oo0oOOo)) if 13 - 13: OOooOOo / i11iIiiIii if 2 - 2: I1IiiI / O0 / o0oOOo0O0Ooo % OoOoOO00 % Ii1I if 52 - 52: o0oOOo0O0Ooo if 95 - 95: Ii1I if (lisp.lisp_rloc_probing): O0oOO0O = None if (mc.group.is_null()) else mc.eid oO = mc.eid if (mc.group.is_null()) else mc.group lisp.lisp_send_map_request(iI1Ii11iII1, 0, O0oOO0O, oO, i1) if 7 - 7: o0oOOo0O0Ooo - I1IiiI if 100 - 100: oO0o + I11i.OOooOOo * Ii1I if 73 - 73: i1IIi + I1IiiI if 46 - 46: OoO0O00.Oo0Ooo - OoooooooOO if 93 - 93: iII111i if 10 - 10: I11i lisp.lisp_write_ipc_map_cache(True, mc) return (True, parms) if 82 - 82: I1ii11iIi11i - iIii1I11I1II1 / OOooOOo + Ii1I if 87 - 87: oO0o * I1ii11iIi11i + OOooOOo / iIii1I11I1II1 / iII111i if 37 - 37: iII111i - ooOoO0o * oO0o % i11iIiiIii - I1Ii111 if 83 - 83: I11i / I1IiiI if 34 - 34: IiII if 57 - 57: oO0o.I11i.i1IIi if 42 - 42: I11i + I1ii11iIi11i % O0
def o0(packet, source_str, sport): if 30 - 30: O0 * OoooooooOO I1iIIIi1 = lisp.lisp_control_header() if (I1iIIIi1.decode(packet) == None): lisp.lprint("Could not decode control header") return if 17 - 17: iIii1I11I1II1.OoooooooOO / I11i % II111iiii % i1IIi / i11iIiiIii if 58 - 58: Oo0Ooo.II111iiii + oO0o - i11iIiiIii / II111iiii / O0 if 85 - 85: OoOoOO00 + OOooOOo if 10 - 10: IiII / OoO0O00 + OoOoOO00 / i1IIi if 27 - 27: Ii1I oO0OO0 = lisp.lisp_address(lisp.LISP_AFI_NONE, "", 0, 0) oO0OO0.store_address(source_str) if 82 - 82: IiII - IiII + OoOoOO00 if 8 - 8: o0oOOo0O0Ooo % iII111i * oO0o % Ii1I.ooOoO0o / ooOoO0o if 81 - 81: OoO0O00 if 99 - 99: oO0o * II111iiii * I1Ii111 if 92 - 92: Oo0Ooo if 40 - 40: OoOoOO00 / IiII if (I1iIIIi1.type == lisp.LISP_ECM): OOOoO000 = (len(II1Ii1iI1i) > 0) if (lisp.lisp_is_running("lisp-ms") and OOOoO000 == False): packet = lisp.lisp_packet_ipc(packet, source_str, sport) lisp.lisp_ipc(packet, i111I, "lisp-ms") return if 57 - 57: II111iiii if 54 - 54: Oo0Ooo + oO0o + i11iIiiIii if 28 - 28: oO0o if 70 - 70: IiII if 34 - 34: I1Ii111 % IiII if (OOOoO000): lisp.lisp_process_ecm(II1iII1i, packet, oO0OO0, sport) return if 3 - 3: II111iiii / OOooOOo + IiII.ooOoO0o.OoO0O00 lisp.lprint("Map-Resolver dropping ECM, DDT or Map-Server not " + "configured") if 83 - 83: oO0o + OoooooooOO return if 22 - 22: Ii1I % iII111i * OoooooooOO - o0oOOo0O0Ooo / iIii1I11I1II1 if 86 - 86: OoooooooOO.iII111i % OoOoOO00 / I11i * iII111i / o0oOOo0O0Ooo if 64 - 64: i11iIiiIii if 38 - 38: IiII / I1IiiI - IiII.I11i if 69 - 69: OoooooooOO + I1ii11iIi11i if (I1iIIIi1.type == lisp.LISP_MAP_REFERRAL): lisp.lisp_process_map_referral(II1iII1i, packet, oO0OO0) return if 97 - 97: OOooOOo - OoO0O00 / Ii1I.i11iIiiIii % oO0o * oO0o if 1 - 1: I1IiiI % ooOoO0o if 65 - 65: I1IiiI + OoOoOO00 / OOooOOo if 83 - 83: o0oOOo0O0Ooo.iII111i - Oo0Ooo if 65 - 65: iIii1I11I1II1 / ooOoO0o.IiII - II111iiii lisp.lprint( "Map-Resolver received an unexpected LISP packet, type: {}".format( I1iIIIi1.type)) if 72 - 72: iIii1I11I1II1 / IiII % iII111i % OOooOOo - I11i % OOooOOo return if 100 - 100: Oo0Ooo + i11iIiiIii if 71 - 71: I11i / o0oOOo0O0Ooo / I1Ii111 % OOooOOo if 51 - 51: IiII * O0 / II111iiii.Ii1I % OOooOOo / I1IiiI if 9 - 9: I1IiiI % I1IiiI % II111iiii if 30 - 30: IiII + I1Ii111 - IiII.IiII - II111iiii + O0 if 86 - 86: i1IIi if 41 - 41: OoOoOO00 * I11i / OoOoOO00 % oO0o
def lisp_rtr_data_plane(lisp_packet, thread_name): global lisp_send_sockets, lisp_ephem_prot, lisp_data_packet global lisp_raw_socket, lisp_raw_v6_socket global lisp_trace_listen_socket global lisp_rtr_source_rloc global lisp_rtr_fast_mode ts = lisp_latency_debug(None, "RTR") # # Try switching packet fast. # if (lisp_rtr_fast_mode): if (lisp_rtr_fast_data_plane(lisp_packet.packet)): return #endif # # Feature-rich forwarding path. # packet = lisp_packet is_lisp_packet = packet.is_lisp_packet(packet.packet) # # Check RLOC-probe Map-Request. We need to grab the TTL from IP header. # if (is_lisp_packet == False): orig_packet = packet.packet pkt, source, port, ttl = lisp.lisp_is_rloc_probe(orig_packet, -1) if (orig_packet != pkt): if (source == None): return lisp.lisp_parse_packet(lisp_send_sockets, pkt, source, port, ttl) return #endif #endif # # First check if we are assembling IPv4 fragments. # packet.packet = lisp.lisp_reassemble(packet.packet) if (packet.packet == None): return # # We need to cache the input encapsualted packet as well as the output # encapsulated packet. # if (lisp.lisp_flow_logging): packet = copy.deepcopy(packet) # # If we are a PITR as well, we are receiving non encapsulated packets # via return packets from doing LISP-NAT. Print some useful header fields # and strip outer headers. Strip outer headers if LISP encapsulated packet # and start inner header forwarding logic. # if (is_lisp_packet): if (packet.decode(True, None, lisp.lisp_decap_stats) == None): return packet.print_packet("Receive-({})".format(thread_name), True) packet.strip_outer_headers() else: if (packet.decode(False, None, None) == None): return packet.print_packet("Receive-({})".format(thread_name), False) #endif # # If instance-id is 0xffffff, this is a Info-Request packet encapsulated # to port 4341. We need to store the source port and source RLOC for # NAT-traversal reasons. # # We don't need to send an Info-Reply from the 4341 data port. There is no # information the xTR needs. It has the translated address from the # map-server, and the NAT is ready for packets from port 4341 since we # received this Info-Request. # if (is_lisp_packet and packet.lisp_header.get_instance_id() == 0xffffff): header = lisp.lisp_control_header() header.decode(packet.packet) if (header.is_info_request()): info = lisp.lisp_info() info.decode(packet.packet) info.print_info() # # Store/refresh NAT state and Fix map-cache entries if there was # a change. # h = info.hostname if (info.hostname != None) else "" s = packet.outer_source p = packet.udp_sport if (lisp.lisp_store_nat_info(h, s, p)): lisp_fix_rloc_encap_state(lisp_send_sockets, h, s, p) #endif else: source = packet.outer_source.print_address_no_iid() ttl = packet.outer_ttl packet = packet.packet if (lisp.lisp_is_rloc_probe_request(packet[28]) == False and lisp.lisp_is_rloc_probe_reply(packet[28]) == False): ttl = -1 packet = packet[28::] lisp.lisp_parse_packet(lisp_send_sockets, packet, source, 0, ttl) #endif return #endif # # Packets are arriving on pcap interface. Need to check if another data- # plane is running. If so, don't deliver duplicates. # if (lisp.lisp_ipc_data_plane): lisp.dprint("Drop packet, external data-plane active") return #endif # # Increment global stats. # if (is_lisp_packet): lisp.lisp_decap_stats["good-packets"].increment(len(packet.packet)) #endif # # Process inner header (checksum and decrement ttl). # igmp = None if (packet.inner_dest.is_mac()): packet.packet = lisp.lisp_mac_input(packet.packet) if (packet.packet == None): return packet.encap_port = lisp.LISP_VXLAN_DATA_PORT elif (packet.inner_version == 4): igmp, packet.packet = lisp.lisp_ipv4_input(packet.packet) if (packet.packet == None): return packet.inner_ttl = packet.outer_ttl elif (packet.inner_version == 6): packet.packet = lisp.lisp_ipv6_input(packet) if (packet.packet == None): return packet.inner_ttl = packet.outer_ttl else: lisp.dprint("Cannot parse inner packet header") return #endif # # Process decap node trace function. # if (packet.is_trace()): if (lisp.lisp_trace_append(packet, ed="decap") == False): return packet.outer_source.afi = lisp.LISP_AFI_NONE packet.outer_dest.afi = lisp.LISP_AFI_NONE #endif # # Should we glean source information from packet and add it to the # map-cache?? # allow, nil = lisp.lisp_allow_gleaning(packet.inner_source, None, packet.outer_source) if (allow): igmp_packet = packet.packet if (igmp) else None lisp.lisp_glean_map_cache(packet.inner_source, packet.outer_source, packet.udp_sport, igmp_packet) if (igmp): return #endif # # Is the destination gleaned which means we should suppress a mapping # system lookup. # deid = packet.inner_dest if (deid.is_multicast_address()): gleaned_dest, nil = lisp.lisp_allow_gleaning(packet.inner_source, deid, None) else: gleaned_dest, nil = lisp.lisp_allow_gleaning(deid, None, None) #endif packet.gleaned_dest = gleaned_dest # # Do map-cache lookup. If no entry found, send Map-Request. # mc = lisp.lisp_map_cache_lookup(packet.inner_source, packet.inner_dest) # # Check if we are doing secondary-instance-ids only when we have a # map-cache entry in the IID that is possibly a non-LISP site. # if (mc and (mc.action == lisp.LISP_NATIVE_FORWARD_ACTION or mc.eid.address == 0)): db = lisp.lisp_db_for_lookups.lookup_cache(packet.inner_source, False) if (db and db.secondary_iid): dest_eid = packet.inner_dest dest_eid.instance_id = db.secondary_iid mc = lisp.lisp_map_cache_lookup(packet.inner_source, dest_eid) if (mc): packet.gleaned_dest = mc.gleaned else: gleaned_dest, nil = lisp.lisp_allow_gleaning(dest_eid, None, None) packet.gleaned_dest = gleaned_dest #endif #endif #endif # # Map-cache lookup miss. Do not send Map-Request to mapping system if # dest-EID is configured to be gleaned. We want to give preference to # the gleaned mapping and not the mapping in the mapping system. # if (mc == None and gleaned_dest): lisp.lprint("Suppress Map-Request for gleaned EID {}".format( \ lisp.green(packet.inner_dest.print_address(), False))) return #endif if (mc == None or mc.action == lisp.LISP_SEND_MAP_REQUEST_ACTION): if (lisp.lisp_rate_limit_map_request(packet.inner_source, packet.inner_dest)): return lisp.lisp_send_map_request(lisp_send_sockets, lisp_ephem_port, packet.inner_source, packet.inner_dest, None) if (packet.is_trace()): s = lisp_trace_listen_socket r = "map-cache miss" lisp.lisp_trace_append(packet, reason=r, lisp_socket=s) #endif return #endif # # Send Map-Request to see if there is a RLOC change or to refresh an # entry that is about to time out. # if (mc and mc.is_active() and mc.has_ttl_elapsed() and mc.gleaned == False): lisp.lprint("Refresh map-cache entry {}".format( \ lisp.green(mc.print_eid_tuple(), False))) lisp.lisp_send_map_request(lisp_send_sockets, lisp_ephem_port, packet.inner_source, packet.inner_dest, None) #endif # # Update stats for entry. Stats per RLOC is done in lisp_mapping.select_ # rloc(). # mc.stats.increment(len(packet.packet)) # # Encapsulate or native forward packet. # dest_rloc, dest_port, nonce, action, rle, rloc_entry = \ mc.select_rloc(packet, None) if (dest_rloc == None and rle == None): if (action == lisp.LISP_NATIVE_FORWARD_ACTION): lisp.dprint("Natively forwarding") packet.send_packet(lisp_raw_socket, packet.inner_dest) if (packet.is_trace()): s = lisp_trace_listen_socket r = "not an EID" lisp.lisp_trace_append(packet, reason=r, lisp_socket=s) #endif lisp_latency_debug(ts, "RTR") return #endif r = "No reachable RLOCs found" lisp.dprint(r) if (packet.is_trace()): s = lisp_trace_listen_socket lisp.lisp_trace_append(packet, reason=r, lisp_socket=s) #endif return #endif if (dest_rloc and dest_rloc.is_null()): lisp.dprint("Drop action RLOC found") if (packet.is_trace()): s = lisp_trace_listen_socket r = "drop action" lisp.lisp_trace_append(packet, reason=r, lisp_socket=s) #endif return #endif # # Setup outer header for either unicast or multicast transmission.. # packet.outer_tos = packet.inner_tos packet.outer_ttl = packet.inner_ttl # # Do unicast encapsulation. # if (dest_rloc): packet.encap_port = dest_port if (dest_port == 0): packet.encap_port = lisp.LISP_DATA_PORT packet.outer_dest.copy_address(dest_rloc) version = packet.outer_dest.afi_to_version() packet.outer_version = version source_rloc = lisp_rtr_source_rloc if (version == 4) else \ lisp.lisp_myrlocs[1] packet.outer_source.copy_address(source_rloc) if (packet.is_trace()): s = lisp_trace_listen_socket if (lisp.lisp_trace_append(packet, rloc_entry=rloc_entry, lisp_socket=s) == False): return #endif # # Encode new LISP, UDP, and outer header. # if (packet.encode(nonce) == None): return if (len(packet.packet) <= 1500): packet.print_packet("Send", True) # # Send out on raw socket. # raw_socket = lisp_raw_v6_socket if version == 6 else lisp_raw_socket packet.send_packet(raw_socket, packet.outer_dest) elif (rle): # # Do replication of RLE is returned. # orig_len = len(packet.packet) for node in rle.rle_forwarding_list: packet.outer_dest.copy_address(node.address) packet.encap_port = lisp.LISP_DATA_PORT if \ node.translated_port == 0 else node.translated_port version = packet.outer_dest.afi_to_version() packet.outer_version = version source_rloc = lisp.lisp_myrlocs[0] if (version == 4) else \ lisp.lisp_myrlocs[1] packet.outer_source.copy_address(source_rloc) if (packet.is_trace()): s = lisp_trace_listen_socket r = "replicate" if (lisp.lisp_trace_append(packet, reason=r, lisp_socket=s) \ == False): return #endif if (packet.encode(None) == None): return packet.print_packet("Replicate-to-L{}".format(node.level), True) packet.send_packet(lisp_raw_socket, packet.outer_dest) # # We need to strip the encapsulation header so we can add a new # one for the next replication. # strip_len = len(packet.packet) - orig_len packet.packet = packet.packet[strip_len::] if (lisp.lisp_flow_logging): packet = copy.deepcopy(packet) #endfor #endif # # Don't need packet structure anymore. # del(packet) lisp_latency_debug(ts, "RTR") return
def lisp_fast_lookup_debug(dest, mc): if (lisp.lisp_data_plane_logging == False): return hm = "miss" if mc == None else "hit!" lisp.lprint("Fast-Lookup {} {}".format(dest.print_address(), hm))
"public-key" : [True], "prefix" : [], "instance-id" : [True, 0, 0xffffffff, True], "eid-prefix" : [True], "group-prefix" : [True] }], "show delegations" : [lisp_ddt_show_delegations_command, { }], } #------------------------------------------------------------------------------ # # Main entry point for process. # if (lisp_ddt_startup()): lisp.lprint("lisp_ddt_startup() failed") lisp.lisp_print_banner("DDT-Node abnormal exit") exit(1) #endif while (True): opcode, source, port, packet = \ lisp.lisp_receive(lisp_ipc_listen_socket, True) if (source == ""): break if (opcode == "command"): lispconfig.lisp_process_command(lisp_ipc_listen_socket, opcode, packet, "lisp-ddt", [lisp_ddt_commands]) else: lisp.lisp_parse_packet(lisp_send_sockets, packet, source, port) #endif
def II11iI111i1(packet, source_str, sport): if 95 - 95: OoooooooOO - IiII * I1IiiI + OoOoOO00 iIi1 = lisp.lisp_control_header() if (iIi1.decode(packet) == None): lisp.lprint("Could not decode control header") return if 21 - 21: I11i if 92 - 92: i11iIiiIii / I1Ii111 - iII111i % ooOoO0o * I1Ii111 + Oo0Ooo if 11 - 11: OoooooooOO.I1Ii111 if 80 - 80: OoooooooOO - OOooOOo * Ii1I * I1ii11iIi11i / I1IiiI / OOooOOo if 13 - 13: I1Ii111 * ooOoO0o + i11iIiiIii * I1Ii111 - ooOoO0o Ii1i1i1i1I1Ii = lisp.lisp_address(lisp.LISP_AFI_NONE, "", 0, 0) Ii1i1i1i1I1Ii.store_address(source_str) if 25 - 25: II111iiii if 11 - 11: Oo0Ooo if 74 - 74: OoOoOO00 * o0oOOo0O0Ooo + OoOoOO00.OOooOOo * OoooooooOO % O0 if 85 - 85: ooOoO0o / O0 if 18 - 18: o0oOOo0O0Ooo % O0 * I1ii11iIi11i if 62 - 62: I1Ii111.IiII.OoooooooOO if (iIi1.type == lisp.LISP_ECM): i111 = (len(oo00) > 0) if (lisp.lisp_is_running("lisp-ms") and i111 == False): packet = lisp.lisp_packet_ipc(packet, source_str, sport) lisp.lisp_ipc(packet, o0oO0, "lisp-ms") return if 27 - 27: i11iIiiIii / I1ii11iIi11i if 84 - 84: Oo0Ooo if 43 - 43: oO0o - OoooooooOO if 3 - 3: O0 / iII111i if 31 - 31: OOooOOo + o0oOOo0O0Ooo.OoooooooOO if (i111): lisp.lisp_process_ecm(i1I1ii1II1iII, packet, Ii1i1i1i1I1Ii, sport) return if 89 - 89: II111iiii + i1IIi + II111iiii lisp.lprint("Map-Resolver dropping ECM, DDT or Map-Server not " + "configured") if 7 - 7: O0 % o0oOOo0O0Ooo + I1ii11iIi11i * iII111i - iII111i return if 42 - 42: OoOoOO00 * OoOoOO00 * I1Ii111.I11i if 51 - 51: OOooOOo % iIii1I11I1II1 - OoooooooOO % ooOoO0o * iIii1I11I1II1 % OoO0O00 if 99 - 99: oO0o * II111iiii * I1Ii111 if 92 - 92: Oo0Ooo if 40 - 40: OoOoOO00 / IiII if (iIi1.type == lisp.LISP_MAP_REFERRAL): lisp.lisp_process_map_referral(i1I1ii1II1iII, packet, Ii1i1i1i1I1Ii) return if 79 - 79: OoO0O00 - iIii1I11I1II1 + Ii1I - I1Ii111 if 93 - 93: II111iiii.I1IiiI - Oo0Ooo + OoOoOO00 if 61 - 61: II111iiii if 15 - 15: i11iIiiIii % I1IiiI * I11i / I1Ii111 if 90 - 90: iII111i lisp.lprint( "Map-Resolver received an unexpected LISP packet, type: {}".format( iIi1.type)) if 31 - 31: OOooOOo + O0 return if 87 - 87: ooOoO0o if 45 - 45: OoO0O00 / OoooooooOO - iII111i / Ii1I % IiII if 83 - 83: I1IiiI.iIii1I11I1II1 - IiII * i11iIiiIii if 20 - 20: i1IIi * I1Ii111 + II111iiii % o0oOOo0O0Ooo % oO0o if 13 - 13: Oo0Ooo if 60 - 60: I1ii11iIi11i * I1IiiI if 17 - 17: OOooOOo % Oo0Ooo / I1ii11iIi11i.IiII * OOooOOo - II111iiii