fcnet_types/
lib.rs

1#![cfg_attr(docsrs, feature(doc_cfg))]
2
3#[cfg(all(not(feature = "simple"), not(feature = "namespaced")))]
4compile_error!("Either \"simple\" or \"namespaced\" networking feature flags must be enabled");
5
6use std::net::IpAddr;
7
8use cidr::IpInet;
9
10/// A configuration for a Firecracker microVM network.
11#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
12#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
13pub struct FirecrackerNetwork {
14    /// The optional explicit path to "nft" to use when invoking it.
15    #[cfg_attr(feature = "serde", serde(default))]
16    pub nft_path: Option<String>,
17    /// The IP stack to use.
18    #[cfg_attr(feature = "serde", serde(default))]
19    pub ip_stack: FirecrackerIpStack,
20    /// The name of the host network interface that handles real connectivity (i.e. via Ethernet or Wi-Fi).
21    pub iface_name: String,
22    /// The name of the tap device to direct Firecracker to use.
23    pub tap_name: String,
24    /// The IP of the tap device to direct Firecracker to use.
25    pub tap_ip: IpInet,
26    /// The IP of the guest.
27    pub guest_ip: IpInet,
28    /// The type of network to create, the available options depend on the feature flags enabled.
29    pub network_type: FirecrackerNetworkType,
30}
31
32/// The IP stack to use for networking.
33#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]
34#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
35pub enum FirecrackerIpStack {
36    /// IPv4, translated to "ip" chains in nftables.
37    #[default]
38    V4,
39    /// IPv6, translated to "ip6" chains in nftables.
40    V6,
41    /// Both IPv4 and IPv6, translated to "inet" chains in nftables.
42    Dual,
43}
44
45/// The type of Firecracker network to work with.
46#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
47#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
48#[cfg_attr(feature = "serde", serde(tag = "type"))]
49pub enum FirecrackerNetworkType {
50    /// A "simple" network configuration, with a tap device bound to the host interface via 1 set of forwarding rules.
51    /// The most optimal and performant choice for the majority of use-cases.
52    #[cfg(feature = "simple")]
53    #[cfg_attr(docsrs, doc(cfg(feature = "simple")))]
54    Simple,
55    /// A namespaced network configuration, with the tap device residing in a separate network namespace and being
56    /// bound to the host interface via 2 sets of forwarding rules.
57    /// The better choice exclusively for multiple running microVM sharing the same snapshot data (i.e. so-called "clones").
58    #[cfg(feature = "namespaced")]
59    #[cfg_attr(docsrs, doc(cfg(feature = "namespaced")))]
60    Namespaced {
61        netns_name: String,
62        veth1_name: String,
63        veth2_name: String,
64        veth1_ip: IpInet,
65        veth2_ip: IpInet,
66        #[cfg_attr(feature = "serde", serde(default))]
67        forwarded_guest_ip: Option<IpAddr>,
68    },
69}
70
71impl FirecrackerNetwork {
72    /// Format a kernel boot argument that can be added so that all routing setup in the guest is performed
73    /// by the kernel automatically with iproute2 not needed in the guest.
74    pub fn guest_ip_boot_arg(&self, guest_iface_name: impl AsRef<str>) -> String {
75        format!(
76            "ip={}::{}:{}::{}:off",
77            self.guest_ip.address().to_string(),
78            self.tap_ip.address().to_string(),
79            self.guest_ip.mask().to_string(),
80            guest_iface_name.as_ref()
81        )
82    }
83}
84
85/// An operation that can be made with a FirecrackerNetwork.
86#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)]
87#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
88pub enum FirecrackerNetworkOperation {
89    /// Add this network to the host.
90    Add,
91    /// Check that this network already exists on the host.
92    Check,
93    /// Delete this network from the host.
94    Delete,
95}