Interaction Among the Modules

This topic summarizes how the various modules interact with each other, and gives the code entry points for each interaction.

Interactions at Startup

Module Action
Code Location

jnx-gateway-mgmt Initializes, reads, and updates the configuration database
  • File: jnx-gateway-mgmt_config.c
  • Initialize: jnx_gw_mgmt_config_init()
  • Read: jnx_gw_mgmt_config_read()
  • Update:
    • jnx_gw_mgmt_add_user()
    • jnx_gw_mgmt_add_ctrl()
    • jnx_gw_mgmt_add_data()

jnx-gateway-mgmt Opens listen sockets for receiving register messages from the data and control modules running on PICs.

  • File: jnx-gateway-mgmt_conn.c
  • Function: jnx_gw_mgmt_conn_init()

jnx-gateway-mgmt Registers with KCOM module for receiving ifd/ifl state change events
  • File: jnx-gateway-mgmt_KCOM.c
  • Function: jnx_gw_mgmt_KCOM_init()

jnx-gateway-mgmt Receives the register message from the jnx-gateway-ctrl module.

  • File: jnx-gateway-mgmt_conn.c
  • Function: jnx_gw_mgmt_init_ctrl_conn()

jnx-gateway-mgmt Receives the register message from the jnx-gateway-data module, passes this information to the jnx-gateway-ctrl module.

  • File: jnx-gateway-mgmt_conn.c
  • Function: jnx_gw_mgmt_init_data_conn()

jnx-gateway-ctrl Establishes a connection with the jnx-gateway-data module for GRE session management, on receiving a data agent-add notification from the jnx-gateway-mgmt module.

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_add_data_pic()

jnx-gateway-mgmt On an ifl up event (ms-1/1/0.0 and ms-1/2/0.0), sends this information to the jnx-gateway-ctrl module.
  • File: jnx-gateway-mgmt_conn.c
  • Function: jnx_gw_mgmt_send_ctrl_intf_config()

jnx-gateway-ctrl Opens a signaling socket on the VRF.1 attached to ms-1/1/0.0.

  • File: jnx-gateway-ctrl_mgmt.c
  • Function: jnx_gw_ctrl_config_vrf()
    In response to the JNX_GW_CONFIG_ADD notification

jnx-gateway-ctrl Assigns a floating IP address for the data PIC ifl (ms-1/2/0.0), by referring the control policy for routing-instance VRF.1; does the same for VRF.2 attached data and control PIC ifl events.

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_add_intf_to_ctrl()

jnx-gateway-ctrl Adds the data PIC ifl after assignment of the floating IP address.

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_add_intf()

jnx-gateway-ctrl Sets up a service next hop for the data PIC ifl (jnx_gw_ctrl_add_intf()).
  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_add_nexthop()

jnx-gateway-ctrl Sets up a service route for the data-pic ifl, on receipt of SSD_NH_ADD_REPLY success from ssd (jnx_gw_ctrl_ssd_msg_handler()).

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_add_route()

Interactions for Client Verification and GRE Tunnel Setup

Preliminaries

The gateway traffic tool sends a Service Request (<Proto, PortNo> ==> <Service.x>) to the GRE gateway at 1.1.1.100. The gateway forwards the request to the jnx-gateway-ctrl module at 5.5.5.1.

Interactions

Module Action
Code Location

jnx-gateway-ctrl Authenticates the client and service request against user profile policies.

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_match_user()
  • Note: Calls jnx_gw_ctrl_get_next_user() to walk a patricia tree and retrieve each policy.

jnx-gateway-ctrl On successful authentication, generates a GRE key for the service
  • File: jnx-gateway-ctrl_gre.c
  • Function: jnx_gw_ctrl_sig_gre_session_add()

jnx-gateway-ctrl Sends a GRE_SESSION_ADD message with a GRE key to the jnx-gateway-data module.
  • File: jnx-gateway-ctrl_gre.c
  • Function: jnx_gw_ctrl_sig_gre_session_add()

jnx-gateway-ctrl Receives the response from the jnx-gateway-data module about the GRE sessoin, and prepares the response to the GRE gateway.
  • File: jnx-gateway-ctrl_data.c
  • Function: jnx_gw_ctrl_data_handle_gre_msg()

jnx-gateway-ctrl If there is no egress tunnel information, installs a route for the client.
  • File: jnx-gateway-ctrl_gre.c
  • Function: jnx_gw_ctrl_add_gre_session()

jnx-gateway-ctrl Selects a data PIC for a validated user session, based on the ingress and egress VRF information.

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_select_data_pic()

jnx-gateway-ctrl If there is no egress tunnel information, installs a route for the client.

  • File: jnx-gateway-ctrl_ctrl.c
  • Function: jnx_gw_ctrl_add_gre_session()

jnx-gateway-data On receipt of the Add GRE Tunnel request from jnx-gateway-ctrl, installs a GRE tunnel entry for the service and sends the information to the client.
  • File: jnx-gateway-data_control.c
  • Function: jnx_gw_data_add_gre_session()

jnx-gateway-ctrl Sends a response to the GRE gateway as an Add GRE Tunnel entry.
  • File: jnx-gateway-ctrl_gre.c
  • Function: jnx_gw_ctrl_send_gw_gre_msgs()

Interactions for Traffic Through the Router

The client (or, in a testing environment, the traffic-generating tool) can now start sending packets through the router toward the server.

The GRE gateway encapsulates the packets using the GRE key, setting the end point to the IP address of the jnx-gateway-data module. The traffic reaches ingress port fe-1/2/3 on the router. The Packet Forwarding Engine performs a lookup for the destination IP address on its VRF (VRF.1), and forwards the traffic to jnx-gateway-data.

Module Action
Code Location

jnx-gateway-data Detunnels the packets.
  • File: jnx-gateway-data_packet.c
  • Function: jnx_gw_data_process_packet()
  • Note:This function determines if it has a GRE packet or an IP-IP packet, and calls either jnx_gw_data_process_gre_packet() or jnx_gw_data_process_ipip_packet().

jnx-gateway-data Based on the GRE key and VRF, performs a lookup for the egress tunnel, removes the GRE and outer IP header, prepends the new outer IP header to the packet, and sends the packet out of the router over the IP-in-IP tunnel on VRF-2 and interface fe-1/2/2.
  • File: jnx-gateway-data_packet.c
  • Function>: jnx_gw_data_process_gre_packet()

Upon receiving the packets, the IP-in-IP gateway detunnels them and forwards them to the server.

Interactions for Reverse-Bound Traffic

On reverse bound traffic to the client from the server, the IP-in-IP gateway sends packets with control messages (no data) into the IP-in-IP tunnel. On ingress port, fe-1/2/2, VRF-2, the IP-in-IP tunnel forwards the messages to jnx-gateway-data.

Module Action
Code Location

jnx-gateway-data Detunnels the packet, looks up the corresponding GRE key, and adds the GRE key and new outer IP header.
  • File: jnx-gateway-data_packet.c
  • Function: jnx_gw_data_process_ipip_packet()

Finally, the GRE tunnel sends the GRE encapsulated packet to the GRE gateway. The GRE gateway detunnels it and forwards it to the client.

Intermodule Communications


2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:26:47 2010 for Juniper Networks Partner Solution Development Platform JUNOS SDK 10.2R1 by Doxygen 1.4.5