github.com/cilium/cilium@v1.16.2/bpf/node_config.h (about) 1 /* SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) */ 2 /* Copyright Authors of Cilium */ 3 4 #pragma once 5 6 /* 7 * 8 * 9 * **** WARNING **** 10 * This is just a dummy header with dummy values to allow for test 11 * compilation without the full code generation engine backend. 12 * 13 * 14 * 15 */ 16 #include "lib/utils.h" 17 18 #define CLUSTER_ID 0 19 20 #ifndef THIS_INTERFACE_MAC 21 DEFINE_MAC(THIS_INTERFACE_MAC, 0xde, 0xad, 0xbe, 0xef, 0xc0, 0xde); 22 #define THIS_INTERFACE_MAC fetch_mac(THIS_INTERFACE_MAC) 23 #endif 24 25 #ifndef ROUTER_IP 26 DEFINE_IPV6(ROUTER_IP, 0xbe, 0xef, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0); 27 #endif 28 29 #define HOST_IFINDEX 1 30 #define CILIUM_IFINDEX 1 31 #define NATIVE_DEV_MAC_BY_IFINDEX(_) { .addr = { 0xce, 0x72, 0xa7, 0x03, 0x88, 0x56 } } 32 33 #ifndef HOST_IP 34 DEFINE_IPV6(HOST_IP, 0xbe, 0xef, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xa, 0x0, 0x2, 0xf, 0xff, 0xff); 35 #endif 36 37 #ifndef SECCTX_FROM_IPCACHE 38 DEFINE_U32(SECCTX_FROM_IPCACHE, 1); 39 #define SECCTX_FROM_IPCACHE fetch_u32(SECCTX_FROM_IPCACHE) 40 #endif 41 42 #define TUNNEL_PORT 8472 43 #define TUNNEL_PROTOCOL_VXLAN 1 44 #define TUNNEL_PROTOCOL_GENEVE 2 45 #ifndef TUNNEL_PROTOCOL 46 #define TUNNEL_PROTOCOL TUNNEL_PROTOCOL_VXLAN 47 #endif 48 49 #define UNKNOWN_ID 0 50 #define HOST_ID 1 51 #define WORLD_ID 2 52 #if defined ENABLE_IPV4 && defined ENABLE_IPV6 53 # define WORLD_IPV4_ID 9 54 # define WORLD_IPV6_ID 10 55 #else 56 # define WORLD_IPV4_ID 2 57 # define WORLD_IPV6_ID 2 58 #endif 59 #define UNMANAGED_ID 3 60 #define HEALTH_ID 4 61 #define INIT_ID 5 62 #define LOCAL_NODE_ID 6 63 #define REMOTE_NODE_ID 6 64 #define KUBE_APISERVER_NODE_ID 7 65 /* This identity should never be seen on ingress or egress traffic to/from a 66 * node. 67 * It signals that the skb is overlay traffic that must be IPSec encrypted 68 * before it leaves the host. 69 */ 70 #define ENCRYPTED_OVERLAY_ID 11 71 #define HOST_IFINDEX_MAC { .addr = { 0xce, 0x72, 0xa7, 0x03, 0x88, 0x56 } } 72 #define NODEPORT_PORT_MIN 30000 73 #define NODEPORT_PORT_MAX 32767 74 #define NODEPORT_PORT_MIN_NAT (NODEPORT_PORT_MAX + 1) 75 #define NODEPORT_PORT_MAX_NAT 43835 76 77 #define CT_CONNECTION_LIFETIME_TCP 21600 78 #define CT_CONNECTION_LIFETIME_NONTCP 60 79 #define CT_SERVICE_LIFETIME_TCP 21600 80 #define CT_SERVICE_LIFETIME_NONTCP 60 81 #define CT_SERVICE_CLOSE_REBALANCE 30 82 #define CT_SYN_TIMEOUT 60 83 #define CT_CLOSE_TIMEOUT 10 84 #define CT_REPORT_INTERVAL 5 85 #ifndef CT_REPORT_FLAGS 86 # define CT_REPORT_FLAGS 0xff 87 #endif 88 89 #define KERNEL_HZ 250 /* warp: 0 jiffies */ 90 91 #define ENABLE_IDENTITY_MARK 1 92 93 #define HASH_INIT4_SEED 0xcafe 94 #define HASH_INIT6_SEED 0xeb9f 95 96 #ifndef L2_ANNOUNCEMENTS_MAX_LIVENESS 97 # define L2_ANNOUNCEMENTS_MAX_LIVENESS 3000000000ULL 98 #endif 99 100 #ifdef ENABLE_IPV4 101 #define IPV4_MASK 0xffff 102 #define IPV4_GATEWAY 0xfffff50a 103 #define IPV4_LOOPBACK 0x1ffff50a 104 #define IPV4_ENCRYPT_IFACE 0xfffff50a 105 # ifdef ENABLE_MASQUERADE_IPV4 106 # define IPV4_SNAT_EXCLUSION_DST_CIDR 0xffff0000 107 # define IPV4_SNAT_EXCLUSION_DST_CIDR_LEN 16 108 # endif /* ENABLE_MASQUERADE_IPV4 */ 109 #ifdef ENABLE_NODEPORT 110 #define SNAT_MAPPING_IPV4 test_cilium_snat_v4_external 111 #define PER_CLUSTER_SNAT_MAPPING_IPV4 test_cilium_per_cluster_snat_v4_external 112 #if defined(ENABLE_CLUSTER_AWARE_ADDRESSING) && defined(ENABLE_INTER_CLUSTER_SNAT) 113 #define IPV4_INTER_CLUSTER_SNAT 0xfffff50a 114 #endif 115 #define SNAT_MAPPING_IPV4_SIZE 524288 116 #define NODEPORT_NEIGH4_SIZE 524288 117 #endif /* ENABLE_NODEPORT */ 118 #define CAPTURE4_RULES cilium_capture4_rules 119 #define CAPTURE4_SIZE 16384 120 # ifdef ENABLE_HIGH_SCALE_IPCACHE 121 # define IPV4_NATIVE_ROUTING_CIDR 0xffff0000 122 # define IPV4_NATIVE_ROUTING_CIDR_LEN 16 123 # endif /* ENABLE_HIGH_SCALE_IPCACHE */ 124 #endif /* ENABLE_IPV4 */ 125 126 #ifdef ENABLE_IPV6 127 # ifdef ENABLE_MASQUERADE_IPV6 128 # define IPV6_SNAT_EXCLUSION_DST_CIDR { .addr = { 0xfa, 0xce, 0xff, 0xff, 0xff, 0x0 } } 129 # define IPV6_SNAT_EXCLUSION_DST_CIDR_MASK { .addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0x0 } } 130 # endif /* ENABLE_MASQUERADE_IPV6 */ 131 #ifdef ENABLE_NODEPORT 132 #define SNAT_MAPPING_IPV6 test_cilium_snat_v6_external 133 #define PER_CLUSTER_SNAT_MAPPING_IPV6 test_cilium_per_cluster_snat_v6_external 134 #define SNAT_MAPPING_IPV6_SIZE 524288 135 #define NODEPORT_NEIGH6_SIZE 524288 136 #endif /* ENABLE_NODEPORT */ 137 #define CAPTURE6_RULES cilium_capture6_rules 138 #define CAPTURE6_SIZE 16384 139 #endif /* ENABLE_IPV6 */ 140 141 #define EGRESS_POLICY_MAP test_cilium_egress_gw_policy_v4 142 #define SRV6_VRF_MAP4 test_cilium_srv6_vrf_v4 143 #define SRV6_VRF_MAP6 test_cilium_srv6_vrf_v6 144 #define SRV6_POLICY_MAP4 test_cilium_srv6_policy_v4 145 #define SRV6_POLICY_MAP6 test_cilium_srv6_policy_v6 146 #define SRV6_SID_MAP test_cilium_srv6_sid 147 #define ENDPOINTS_MAP test_cilium_lxc 148 #define EVENTS_MAP test_cilium_events 149 #define SIGNAL_MAP test_cilium_signals 150 #define METRICS_MAP test_cilium_metrics 151 #define POLICY_CALL_MAP test_cilium_policy 152 #define AUTH_MAP test_cilium_auth 153 #define CONFIG_MAP test_cilium_runtime_config 154 #define IPCACHE_MAP test_cilium_ipcache 155 #define NODE_MAP_V2 test_cilium_node_map 156 #define ENCRYPT_MAP test_cilium_encrypt_state 157 #define L2_RESPONDER_MAP4 test_cilium_l2_responder_v4 158 #define RATELIMIT_MAP test_cilium_ratelimit 159 #define TUNNEL_MAP test_cilium_tunnel_map 160 #define VTEP_MAP test_cilium_vtep_map 161 #define LB6_REVERSE_NAT_MAP test_cilium_lb6_reverse_nat 162 #define LB6_SERVICES_MAP_V2 test_cilium_lb6_services 163 #define LB6_BACKEND_MAP test_cilium_lb6_backends 164 #define LB6_REVERSE_NAT_SK_MAP test_cilium_lb6_reverse_sk 165 #define LB6_REVERSE_NAT_SK_MAP_SIZE 262144 166 #define LB4_REVERSE_NAT_MAP test_cilium_lb4_reverse_nat 167 #define LB4_SERVICES_MAP_V2 test_cilium_lb4_services 168 #define LB4_BACKEND_MAP test_cilium_lb4_backends 169 #define LB_ACT_MAP test_cilium_lb_act 170 #define LB4_REVERSE_NAT_SK_MAP test_cilium_lb4_reverse_sk 171 #define LB4_REVERSE_NAT_SK_MAP_SIZE 262144 172 #define LB4_AFFINITY_MAP test_cilium_lb4_affinity 173 #define LB6_AFFINITY_MAP test_cilium_lb6_affinity 174 #define LB_AFFINITY_MATCH_MAP test_cilium_lb_affinity_match 175 #define LB_MAGLEV_LUT_SIZE 32749 176 #define LB4_MAGLEV_MAP_OUTER test_cilium_lb4_maglev_outer 177 #define LB6_MAGLEV_MAP_OUTER test_cilium_lb6_maglev_outer 178 #define LB4_SKIP_MAP test_cilium_skip_lb4 179 #define LB6_SKIP_MAP test_cilium_skip_lb6 180 #define THROTTLE_MAP test_cilium_throttle 181 #define THROTTLE_MAP_SIZE 65536 182 #define ENABLE_ARP_RESPONDER 183 #define TUNNEL_ENDPOINT_MAP_SIZE 65536 184 #define VTEP_MAP_SIZE 8 185 #define ENDPOINTS_MAP_SIZE 65536 186 #define METRICS_MAP_SIZE 65536 187 #define CILIUM_NET_MAC { .addr = { 0xce, 0x72, 0xa7, 0x03, 0x88, 0x57 } } 188 #define CILIUM_LB_REV_NAT_MAP_MAX_ENTRIES 65536 189 #define CILIUM_LB_SERVICE_MAP_MAX_ENTRIES 65536 190 #define CILIUM_LB_BACKENDS_MAP_MAX_ENTRIES 65536 191 #define CILIUM_LB_AFFINITY_MAP_MAX_ENTRIES 65536 192 #define CILIUM_LB_REV_NAT_MAP_MAX_ENTRIES 65536 193 #define CILIUM_LB_MAGLEV_MAP_MAX_ENTRIES 65536 194 #define CILIUM_LB_SKIP_MAP_MAX_ENTRIES 100 195 #define CILIUM_LB_ACT_MAP_MAX_ENTRIES 65536 196 #define POLICY_MAP_SIZE 16384 197 #define AUTH_MAP_SIZE 512000 198 #define CONFIG_MAP_SIZE 256 199 #define IPCACHE_MAP_SIZE 512000 200 #define NODE_MAP_SIZE 16384 201 #define EGRESS_POLICY_MAP_SIZE 16384 202 #define SRV6_VRF_MAP_SIZE 16384 203 #define SRV6_POLICY_MAP_SIZE 16384 204 #define SRV6_SID_MAP_SIZE 16384 205 #define L2_RESPONSER_MAP4_SIZE 4096 206 #define POLICY_PROG_MAP_SIZE ENDPOINTS_MAP_SIZE 207 #define IPV4_FRAG_DATAGRAMS_MAP test_cilium_ipv4_frag_datagrams 208 #define CILIUM_IPV4_FRAG_MAP_MAX_ENTRIES 8192 209 #ifndef SKIP_DEBUG 210 #define LB_DEBUG 211 #endif 212 #ifndef MONITOR_AGGREGATION 213 #define MONITOR_AGGREGATION 5 214 #endif 215 #define MTU 1500 216 #define EPHEMERAL_MIN 32768 217 #if defined(ENABLE_NODEPORT) || defined(ENABLE_HOST_FIREWALL) || defined(ENABLE_NAT_46X64) 218 #define CT_MAP_TCP6 test_cilium_ct_tcp6_65535 219 #define CT_MAP_ANY6 test_cilium_ct_any6_65535 220 #define CT_MAP_TCP4 test_cilium_ct_tcp4_65535 221 #define CT_MAP_ANY4 test_cilium_ct_any4_65535 222 #define PER_CLUSTER_CT_TCP6 test_cilium_per_cluster_ct_tcp6 223 #define PER_CLUSTER_CT_ANY6 test_cilium_per_cluster_ct_any6 224 #define PER_CLUSTER_CT_TCP4 test_cilium_per_cluster_ct_tcp4 225 #define PER_CLUSTER_CT_ANY4 test_cilium_per_cluster_ct_any4 226 #define CT_MAP_SIZE_TCP 4096 227 #define CT_MAP_SIZE_ANY 4096 228 #define CONNTRACK_ACCOUNTING 229 #define POLICY_ACCOUNTING 230 #define LB4_HEALTH_MAP test_cilium_lb4_health 231 #define LB6_HEALTH_MAP test_cilium_lb6_health 232 #endif /* ENABLE_NODEPORT || ENABLE_HOST_FIREWALL */ 233 #ifdef ENABLE_HIGH_SCALE_IPCACHE 234 # define WORLD_CIDRS4_MAP test_cilium_world_cidrs4 235 # define WORLD_CIDRS4_MAP_SIZE 16384 236 #endif /* ENABLE_HIGH_SCALE_IPCACHE */ 237 238 #ifdef ENABLE_NODEPORT 239 #ifdef ENABLE_IPV4 240 #define NODEPORT_NEIGH4 test_cilium_neigh4 241 #endif 242 #ifdef ENABLE_IPV6 243 #define NODEPORT_NEIGH6 test_cilium_neigh6 244 #endif 245 #endif 246 247 #ifdef ENABLE_NODEPORT 248 # define DIRECT_ROUTING_DEV_IFINDEX 0 249 # ifdef ENABLE_IPV4 250 # ifndef IPV4_DIRECT_ROUTING 251 # define IPV4_DIRECT_ROUTING 0 252 # endif 253 # define IPV4_RSS_PREFIX IPV4_DIRECT_ROUTING 254 # define IPV4_RSS_PREFIX_BITS 32 255 # endif 256 # ifdef ENABLE_IPV6 257 # ifndef IPV6_DIRECT_ROUTING 258 # define IPV6_DIRECT_ROUTING { .addr = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } } 259 # endif 260 # define IPV6_RSS_PREFIX IPV6_DIRECT_ROUTING 261 # define IPV6_RSS_PREFIX_BITS 128 262 # endif 263 #endif 264 265 #ifndef IS_L3_DEV 266 # define IS_L3_DEV(ifindex) false 267 #endif 268 269 #ifdef ENABLE_SRC_RANGE_CHECK 270 # define LB4_SRC_RANGE_MAP test_cilium_lb4_source_range 271 # define LB4_SRC_RANGE_MAP_SIZE 1000 272 # define LB6_SRC_RANGE_MAP test_cilium_lb6_source_range 273 # define LB6_SRC_RANGE_MAP_SIZE 1000 274 #endif 275 276 #ifndef LB_SELECTION 277 # define LB_SELECTION_RANDOM 1 278 # define LB_SELECTION_MAGLEV 2 279 # define LB_SELECTION_FIRST 3 280 # define LB_SELECTION LB_SELECTION_RANDOM 281 #endif 282 283 #ifdef ENABLE_WIREGUARD 284 # define WG_IFINDEX 42 285 # ifdef ENCRYPTION_STRICT_MODE 286 # define STRICT_IPV4_NET 0 287 # define STRICT_IPV4_NET_SIZE 8 288 # endif 289 #endif 290 291 #ifdef ENABLE_VTEP 292 # define VTEP_MASK 0xffffff 293 #endif 294 295 #define VLAN_FILTER(ifindex, vlan_id) switch (ifindex) { \ 296 case 116: \ 297 switch (vlan_id) { \ 298 case 4000: \ 299 case 4001: \ 300 return true; \ 301 } \ 302 break; \ 303 case 117: \ 304 switch (vlan_id) { \ 305 case 4003: \ 306 case 4004: \ 307 case 4005: \ 308 return true; \ 309 } \ 310 break; \ 311 } \ 312 return false; 313 314 #define CIDR_IDENTITY_RANGE_START ((1 << 24) + 1) 315 #define CIDR_IDENTITY_RANGE_END ((1 << 24) + (1<<16) - 1) 316 317 #ifndef NAT_46X64_PREFIX_0 318 # define NAT_46X64_PREFIX_0 0 319 # define NAT_46X64_PREFIX_1 0 320 # define NAT_46X64_PREFIX_2 0 321 # define NAT_46X64_PREFIX_3 0 322 #endif 323 324 #ifndef __CLUSTERMESH_IDENTITY__ 325 #define __CLUSTERMESH_IDENTITY__ 326 #define CLUSTER_ID_MAX 255 327 #endif 328 329 #ifndef __CLUSTERMESH_HELPERS__ 330 #define __CLUSTERMESH_HELPERS__ 331 #define IDENTITY_LEN 16 332 #define IDENTITY_MAX 65535 333 #endif 334 335 #define CALLS_MAP test_cilium_calls_65535