Update hcsshim to v0.8.9

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

vendor/github.com/Microsoft/hcsshim/hcn/BUILD

@@ -11,6 +11,7 @@ go_library(
         "hcnnamespace.go",
         "hcnnetwork.go",
         "hcnpolicy.go",
+        "hcnroute.go",
         "hcnsupport.go",
         "zsyscall_windows.go",
     ],
@@ -18,8 +19,9 @@ go_library(
     importpath = "github.com/Microsoft/hcsshim/hcn",
     visibility = ["//visibility:public"],
     deps = [
+        "//vendor/github.com/Microsoft/go-winio/pkg/guid:go_default_library",
         "//vendor/github.com/Microsoft/hcsshim/internal/cni:go_default_library",
-        "//vendor/github.com/Microsoft/hcsshim/internal/guid:go_default_library",
+        "//vendor/github.com/Microsoft/hcsshim/internal/hcs:go_default_library",
         "//vendor/github.com/Microsoft/hcsshim/internal/hcserror:go_default_library",
         "//vendor/github.com/Microsoft/hcsshim/internal/interop:go_default_library",
         "//vendor/github.com/Microsoft/hcsshim/internal/regstate:go_default_library",

vendor/github.com/Microsoft/hcsshim/hcn/hcn.go

@@ -7,7 +7,7 @@ import (
 	"fmt"
 	"syscall"
 
-	"github.com/Microsoft/hcsshim/internal/guid"
+	"github.com/Microsoft/go-winio/pkg/guid"
 )
 
 //go:generate go run ../mksyscall_windows.go -output zsyscall_windows.go hcn.go
@@ -55,6 +55,15 @@ import (
 //sys hcnDeleteLoadBalancer(id *_guid, result **uint16) (hr error) = computenetwork.HcnDeleteLoadBalancer?
 //sys hcnCloseLoadBalancer(loadBalancer hcnLoadBalancer) (hr error) = computenetwork.HcnCloseLoadBalancer?
 
+// SDN Routes
+//sys hcnEnumerateRoutes(query string, routes **uint16, result **uint16) (hr error) = computenetwork.HcnEnumerateSdnRoutes?
+//sys hcnCreateRoute(id *_guid, settings string, route *hcnRoute, result **uint16) (hr error) = computenetwork.HcnCreateSdnRoute?
+//sys hcnOpenRoute(id *_guid, route *hcnRoute, result **uint16) (hr error) = computenetwork.HcnOpenSdnRoute?
+//sys hcnModifyRoute(route hcnRoute, settings string, result **uint16) (hr error) = computenetwork.HcnModifySdnRoute?
+//sys hcnQueryRouteProperties(route hcnRoute, query string, properties **uint16, result **uint16) (hr error) = computenetwork.HcnQuerySdnRouteProperties?
+//sys hcnDeleteRoute(id *_guid, result **uint16) (hr error) = computenetwork.HcnDeleteSdnRoute?
+//sys hcnCloseRoute(route hcnRoute) (hr error) = computenetwork.HcnCloseSdnRoute?
+
 // Service
 //sys hcnOpenService(service *hcnService, result **uint16) (hr error) = computenetwork.HcnOpenService?
 //sys hcnRegisterServiceCallback(service hcnService, callback int32, context int32, callbackHandle *hcnCallbackHandle) (hr error) = computenetwork.HcnRegisterServiceCallback?
@@ -67,6 +76,7 @@ type hcnNetwork syscall.Handle
 type hcnEndpoint syscall.Handle
 type hcnNamespace syscall.Handle
 type hcnLoadBalancer syscall.Handle
+type hcnRoute syscall.Handle
 type hcnService syscall.Handle
 type hcnCallbackHandle syscall.Handle
 
@@ -161,6 +171,42 @@ func DSRSupported() error {
 	return platformDoesNotSupportError("Direct Server Return (DSR)")
 }
 
+// Slash32EndpointPrefixesSupported returns an error if the HCN version does not support configuring endpoints with /32 prefixes.
+func Slash32EndpointPrefixesSupported() error {
+	supported := GetSupportedFeatures()
+	if supported.Slash32EndpointPrefixes {
+		return nil
+	}
+	return platformDoesNotSupportError("Slash 32 Endpoint prefixes")
+}
+
+// AclSupportForProtocol252Supported returns an error if the HCN version does not support HNS ACL Policies to support protocol 252 for VXLAN.
+func AclSupportForProtocol252Supported() error {
+	supported := GetSupportedFeatures()
+	if supported.AclSupportForProtocol252 {
+		return nil
+	}
+	return platformDoesNotSupportError("HNS ACL Policies to support protocol 252 for VXLAN")
+}
+
+// SessionAffinitySupported returns an error if the HCN version does not support Session Affinity.
+func SessionAffinitySupported() error {
+	supported := GetSupportedFeatures()
+	if supported.SessionAffinity {
+		return nil
+	}
+	return platformDoesNotSupportError("Session Affinity")
+}
+
+// IPv6DualStackSupported returns an error if the HCN version does not support IPv6DualStack.
+func IPv6DualStackSupported() error {
+	supported := GetSupportedFeatures()
+	if supported.IPv6DualStack {
+		return nil
+	}
+	return platformDoesNotSupportError("IPv6 DualStack")
+}
+
 // RequestType are the different operations performed to settings.
 // Used to update the settings of Endpoint/Namespace objects.
 type RequestType string

vendor/github.com/Microsoft/hcsshim/hcn/hcnendpoint.go

@@ -3,7 +3,8 @@ package hcn
 import (
 	"encoding/json"
 	"errors"
-	"github.com/Microsoft/hcsshim/internal/guid"
+
+	"github.com/Microsoft/go-winio/pkg/guid"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/sirupsen/logrus"
 )
@@ -121,7 +122,10 @@ func enumerateEndpoints(query string) ([]HostComputeEndpoint, error) {
 }
 
 func createEndpoint(networkId string, endpointSettings string) (*HostComputeEndpoint, error) {
-	networkGuid := guid.FromString(networkId)
+	networkGuid, err := guid.FromString(networkId)
+	if err != nil {
+		return nil, errInvalidNetworkID
+	}
 	// Open network.
 	var networkHandle hcnNetwork
 	var resultBuffer *uint16
@@ -167,7 +171,10 @@ func createEndpoint(networkId string, endpointSettings string) (*HostComputeEndp
 }
 
 func modifyEndpoint(endpointId string, settings string) (*HostComputeEndpoint, error) {
-	endpointGuid := guid.FromString(endpointId)
+	endpointGuid, err := guid.FromString(endpointId)
+	if err != nil {
+		return nil, errInvalidEndpointID
+	}
 	// Open endpoint
 	var (
 		endpointHandle   hcnEndpoint
@@ -208,7 +215,10 @@ func modifyEndpoint(endpointId string, settings string) (*HostComputeEndpoint, e
 }
 
 func deleteEndpoint(endpointId string) error {
-	endpointGuid := guid.FromString(endpointId)
+	endpointGuid, err := guid.FromString(endpointId)
+	if err != nil {
+		return errInvalidEndpointID
+	}
 	var resultBuffer *uint16
 	hr := hcnDeleteEndpoint(&endpointGuid, &resultBuffer)
 	if err := checkForErrors("hcnDeleteEndpoint", hr, resultBuffer); err != nil {
@@ -343,7 +353,7 @@ func ModifyEndpointSettings(endpointId string, request *ModifyEndpointSettingReq
 }
 
 // ApplyPolicy applies a Policy (ex: ACL) on the Endpoint.
-func (endpoint *HostComputeEndpoint) ApplyPolicy(endpointPolicy PolicyEndpointRequest) error {
+func (endpoint *HostComputeEndpoint) ApplyPolicy(requestType RequestType, endpointPolicy PolicyEndpointRequest) error {
 	logrus.Debugf("hcn::HostComputeEndpoint::ApplyPolicy id=%s", endpoint.Id)
 
 	settingsJson, err := json.Marshal(endpointPolicy)
@@ -352,7 +362,7 @@ func (endpoint *HostComputeEndpoint) ApplyPolicy(endpointPolicy PolicyEndpointRe
 	}
 	requestMessage := &ModifyEndpointSettingRequest{
 		ResourceType: EndpointResourceTypePolicy,
-		RequestType:  RequestTypeUpdate,
+		RequestType:  requestType,
 		Settings:     settingsJson,
 	}
 

vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go

@@ -3,13 +3,23 @@
 package hcn
 
 import (
+	"errors"
 	"fmt"
 
+	"github.com/Microsoft/hcsshim/internal/hcs"
 	"github.com/Microsoft/hcsshim/internal/hcserror"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/sirupsen/logrus"
 )
 
+var (
+	errInvalidNetworkID      = errors.New("invalid network ID")
+	errInvalidEndpointID     = errors.New("invalid endpoint ID")
+	errInvalidNamespaceID    = errors.New("invalid namespace ID")
+	errInvalidLoadBalancerID = errors.New("invalid load balancer ID")
+	errInvalidRouteID        = errors.New("invalid route ID")
+)
+
 func checkForErrors(methodName string, hr error, resultBuffer *uint16) error {
 	errorFound := false
 
@@ -26,7 +36,7 @@ func checkForErrors(methodName string, hr error, resultBuffer *uint16) error {
 	}
 
 	if errorFound {
-		returnError := hcserror.New(hr, methodName, result)
+		returnError := new(hr, methodName, result)
 		logrus.Debugf(returnError.Error()) // HCN errors logged for debugging.
 		return returnError
 	}
@@ -34,6 +44,52 @@ func checkForErrors(methodName string, hr error, resultBuffer *uint16) error {
 	return nil
 }
 
+type ErrorCode uint32
+
+// For common errors, define the error as it is in windows, so we can quickly determine it later
+const (
+	ERROR_NOT_FOUND                     = 0x490
+	HCN_E_PORT_ALREADY_EXISTS ErrorCode = 0x803b0013
+)
+
+type HcnError struct {
+	*hcserror.HcsError
+	code ErrorCode
+}
+
+func (e *HcnError) Error() string {
+	return e.HcsError.Error()
+}
+
+func CheckErrorWithCode(err error, code ErrorCode) bool {
+	hcnError, ok := err.(*HcnError)
+	if ok {
+		return hcnError.code == code
+	}
+	return false
+}
+
+func IsElementNotFoundError(err error) bool {
+	return CheckErrorWithCode(err, ERROR_NOT_FOUND)
+}
+
+func IsPortAlreadyExistsError(err error) bool {
+	return CheckErrorWithCode(err, HCN_E_PORT_ALREADY_EXISTS)
+}
+
+func new(hr error, title string, rest string) error {
+	err := &HcnError{}
+	hcsError := hcserror.New(hr, title, rest)
+	err.HcsError = hcsError.(*hcserror.HcsError)
+	err.code = ErrorCode(hcserror.Win32FromError(hr))
+	return err
+}
+
+//
+// Note that the below errors are not errors returned by hcn itself
+// we wish to seperate them as they are shim usage error
+//
+
 // NetworkNotFoundError results from a failed seach for a network by Id or Name
 type NetworkNotFoundError struct {
 	NetworkName string
@@ -41,10 +97,10 @@ type NetworkNotFoundError struct {
 }
 
 func (e NetworkNotFoundError) Error() string {
-	if e.NetworkName == "" {
-		return fmt.Sprintf("Network Name %s not found", e.NetworkName)
+	if e.NetworkName != "" {
+		return fmt.Sprintf("Network name %q not found", e.NetworkName)
 	}
-	return fmt.Sprintf("Network Id %s not found", e.NetworkID)
+	return fmt.Sprintf("Network ID %q not found", e.NetworkID)
 }
 
 // EndpointNotFoundError results from a failed seach for an endpoint by Id or Name
@@ -54,10 +110,10 @@ type EndpointNotFoundError struct {
 }
 
 func (e EndpointNotFoundError) Error() string {
-	if e.EndpointName == "" {
-		return fmt.Sprintf("Endpoint Name %s not found", e.EndpointName)
+	if e.EndpointName != "" {
+		return fmt.Sprintf("Endpoint name %q not found", e.EndpointName)
 	}
-	return fmt.Sprintf("Endpoint Id %s not found", e.EndpointID)
+	return fmt.Sprintf("Endpoint ID %q not found", e.EndpointID)
 }
 
 // NamespaceNotFoundError results from a failed seach for a namsepace by Id
@@ -66,7 +122,7 @@ type NamespaceNotFoundError struct {
 }
 
 func (e NamespaceNotFoundError) Error() string {
-	return fmt.Sprintf("Namespace %s not found", e.NamespaceID)
+	return fmt.Sprintf("Namespace ID %q not found", e.NamespaceID)
 }
 
 // LoadBalancerNotFoundError results from a failed seach for a loadbalancer by Id
@@ -75,13 +131,22 @@ type LoadBalancerNotFoundError struct {
 }
 
 func (e LoadBalancerNotFoundError) Error() string {
-	return fmt.Sprintf("LoadBalancer %s not found", e.LoadBalancerId)
+	return fmt.Sprintf("LoadBalancer %q not found", e.LoadBalancerId)
+}
+
+// RouteNotFoundError results from a failed seach for a route by Id
+type RouteNotFoundError struct {
+	RouteId string
+}
+
+func (e RouteNotFoundError) Error() string {
+	return fmt.Sprintf("SDN Route %q not found", e.RouteId)
 }
 
 // IsNotFoundError returns a boolean indicating whether the error was caused by
 // a resource not being found.
 func IsNotFoundError(err error) bool {
-	switch err.(type) {
+	switch pe := err.(type) {
 	case NetworkNotFoundError:
 		return true
 	case EndpointNotFoundError:
@@ -90,6 +155,10 @@ func IsNotFoundError(err error) bool {
 		return true
 	case LoadBalancerNotFoundError:
 		return true
+	case RouteNotFoundError:
+		return true
+	case *hcserror.HcsError:
+		return pe.Err == hcs.ErrElementNotFound
 	}
 	return false
 }

vendor/github.com/Microsoft/hcsshim/hcn/hcnglobals.go

@@ -3,6 +3,7 @@ package hcn
 import (
 	"encoding/json"
 	"fmt"
+	"math"
 
 	"github.com/Microsoft/hcsshim/internal/hcserror"
 	"github.com/Microsoft/hcsshim/internal/interop"
@@ -20,17 +21,41 @@ type Version struct {
 	Minor int `json:"Minor"`
 }
 
+type VersionRange struct {
+	MinVersion Version
+	MaxVersion Version
+}
+
+type VersionRanges []VersionRange
+
 var (
 	// HNSVersion1803 added ACL functionality.
-	HNSVersion1803 = Version{Major: 7, Minor: 2}
+	HNSVersion1803 = VersionRanges{VersionRange{MinVersion: Version{Major: 7, Minor: 2}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}}
 	// V2ApiSupport allows the use of V2 Api calls and V2 Schema.
-	V2ApiSupport = Version{Major: 9, Minor: 2}
+	V2ApiSupport = VersionRanges{VersionRange{MinVersion: Version{Major: 9, Minor: 2}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}}
 	// Remote Subnet allows for Remote Subnet policies on Overlay networks
-	RemoteSubnetVersion = Version{Major: 9, Minor: 2}
+	RemoteSubnetVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 9, Minor: 2}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}}
 	// A Host Route policy allows for local container to local host communication Overlay networks
-	HostRouteVersion = Version{Major: 9, Minor: 2}
+	HostRouteVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 9, Minor: 2}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}}
 	// HNS 10.2 allows for Direct Server Return for loadbalancing
-	DSRVersion = Version{Major: 10, Minor: 2}
+	DSRVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 10, Minor: 2}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}}
+	// HNS 9.3 through 10.0 (not included) and, 10.4+ provide support for configuring endpoints with /32 prefixes
+	Slash32EndpointPrefixesVersion = VersionRanges{
+		VersionRange{MinVersion: Version{Major: 9, Minor: 3}, MaxVersion: Version{Major: 9, Minor: math.MaxInt32}},
+		VersionRange{MinVersion: Version{Major: 10, Minor: 4}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}},
+	}
+	// HNS 9.3 through 10.0 (not included) and, 10.4+ allow for HNS ACL Policies to support protocol 252 for VXLAN
+	AclSupportForProtocol252Version = VersionRanges{
+		VersionRange{MinVersion: Version{Major: 9, Minor: 3}, MaxVersion: Version{Major: 9, Minor: math.MaxInt32}},
+		VersionRange{MinVersion: Version{Major: 10, Minor: 4}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}},
+	}
+	// HNS 12.0 allows for session affinity for loadbalancing
+	SessionAffinityVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 12, Minor: 0}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}}
+	// HNS 10.5 through 11 (not included) and 12.0+ supports Ipv6 dual stack.
+	IPv6DualStackVersion = VersionRanges{
+		VersionRange{MinVersion: Version{Major: 10, Minor: 5}, MaxVersion: Version{Major: 10, Minor: math.MaxInt32}},
+		VersionRange{MinVersion: Version{Major: 12, Minor: 0}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}},
+	}
 )
 
 // GetGlobals returns the global properties of the HCN Service.

vendor/github.com/Microsoft/hcsshim/hcn/hcnloadbalancer.go

@@ -3,17 +3,18 @@ package hcn
 import (
 	"encoding/json"
 
-	"github.com/Microsoft/hcsshim/internal/guid"
+	"github.com/Microsoft/go-winio/pkg/guid"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/sirupsen/logrus"
 )
 
 // LoadBalancerPortMapping is associated with HostComputeLoadBalancer
 type LoadBalancerPortMapping struct {
-	Protocol     uint32                       `json:",omitempty"` // EX: TCP = 6, UDP = 17
-	InternalPort uint16                       `json:",omitempty"`
-	ExternalPort uint16                       `json:",omitempty"`
-	Flags        LoadBalancerPortMappingFlags `json:",omitempty"`
+	Protocol         uint32                       `json:",omitempty"` // EX: TCP = 6, UDP = 17
+	InternalPort     uint16                       `json:",omitempty"`
+	ExternalPort     uint16                       `json:",omitempty"`
+	DistributionType LoadBalancerDistribution     `json:",omitempty"` // EX: Distribute per connection = 0, distribute traffic of the same protocol per client IP = 1, distribute per client IP = 2
+	Flags            LoadBalancerPortMappingFlags `json:",omitempty"`
 }
 
 // HostComputeLoadBalancer represents software load balancer.
@@ -53,6 +54,18 @@ var (
 	LoadBalancerPortMappingFlagsPreserveDIP LoadBalancerPortMappingFlags = 8
 )
 
+// LoadBalancerDistribution specifies how the loadbalancer distributes traffic.
+type LoadBalancerDistribution uint32
+
+var (
+	// LoadBalancerDistributionNone is the default and loadbalances each connection to the same pod.
+	LoadBalancerDistributionNone LoadBalancerDistribution
+	// LoadBalancerDistributionSourceIPProtocol loadbalances all traffic of the same protocol from a client IP to the same pod.
+	LoadBalancerDistributionSourceIPProtocol LoadBalancerDistribution = 1
+	// LoadBalancerDistributionSourceIP loadbalances all traffic from a client IP to the same pod.
+	LoadBalancerDistributionSourceIP LoadBalancerDistribution = 2
+)
+
 func getLoadBalancer(loadBalancerGuid guid.GUID, query string) (*HostComputeLoadBalancer, error) {
 	// Open loadBalancer.
 	var (
@@ -148,7 +161,10 @@ func createLoadBalancer(settings string) (*HostComputeLoadBalancer, error) {
 }
 
 func modifyLoadBalancer(loadBalancerId string, settings string) (*HostComputeLoadBalancer, error) {
-	loadBalancerGuid := guid.FromString(loadBalancerId)
+	loadBalancerGuid, err := guid.FromString(loadBalancerId)
+	if err != nil {
+		return nil, errInvalidLoadBalancerID
+	}
 	// Open loadBalancer.
 	var (
 		loadBalancerHandle hcnLoadBalancer
@@ -189,7 +205,10 @@ func modifyLoadBalancer(loadBalancerId string, settings string) (*HostComputeLoa
 }
 
 func deleteLoadBalancer(loadBalancerId string) error {
-	loadBalancerGuid := guid.FromString(loadBalancerId)
+	loadBalancerGuid, err := guid.FromString(loadBalancerId)
+	if err != nil {
+		return errInvalidLoadBalancerID
+	}
 	var resultBuffer *uint16
 	hr := hcnDeleteLoadBalancer(&loadBalancerGuid, &resultBuffer)
 	if err := checkForErrors("hcnDeleteLoadBalancer", hr, resultBuffer); err != nil {

vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go

@@ -5,8 +5,8 @@ import (
 	"os"
 	"syscall"
 
+	"github.com/Microsoft/go-winio/pkg/guid"
 	icni "github.com/Microsoft/hcsshim/internal/cni"
-	"github.com/Microsoft/hcsshim/internal/guid"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/Microsoft/hcsshim/internal/regstate"
 	"github.com/Microsoft/hcsshim/internal/runhcs"
@@ -165,7 +165,10 @@ func createNamespace(settings string) (*HostComputeNamespace, error) {
 }
 
 func modifyNamespace(namespaceId string, settings string) (*HostComputeNamespace, error) {
-	namespaceGuid := guid.FromString(namespaceId)
+	namespaceGuid, err := guid.FromString(namespaceId)
+	if err != nil {
+		return nil, errInvalidNamespaceID
+	}
 	// Open namespace.
 	var (
 		namespaceHandle  hcnNamespace
@@ -206,7 +209,10 @@ func modifyNamespace(namespaceId string, settings string) (*HostComputeNamespace
 }
 
 func deleteNamespace(namespaceId string) error {
-	namespaceGuid := guid.FromString(namespaceId)
+	namespaceGuid, err := guid.FromString(namespaceId)
+	if err != nil {
+		return errInvalidNamespaceID
+	}
 	var resultBuffer *uint16
 	hr := hcnDeleteNamespace(&namespaceGuid, &resultBuffer)
 	if err := checkForErrors("hcnDeleteNamespace", hr, resultBuffer); err != nil {
@@ -241,7 +247,23 @@ func ListNamespacesQuery(query HostComputeQuery) ([]HostComputeNamespace, error)
 
 // GetNamespaceByID returns the Namespace specified by Id.
 func GetNamespaceByID(namespaceId string) (*HostComputeNamespace, error) {
-	return getNamespace(guid.FromString(namespaceId), defaultQueryJson())
+	hcnQuery := defaultQuery()
+	mapA := map[string]string{"ID": namespaceId}
+	filter, err := json.Marshal(mapA)
+	if err != nil {
+		return nil, err
+	}
+	hcnQuery.Filter = string(filter)
+
+	namespaces, err := ListNamespacesQuery(hcnQuery)
+	if err != nil {
+		return nil, err
+	}
+	if len(namespaces) == 0 {
+		return nil, NamespaceNotFoundError{NamespaceID: namespaceId}
+	}
+
+	return &namespaces[0], err
 }
 
 // GetNamespaceEndpointIds returns the endpoints of the Namespace specified by Id.

vendor/github.com/Microsoft/hcsshim/hcn/hcnnetwork.go

@@ -3,7 +3,8 @@ package hcn
 import (
 	"encoding/json"
 	"errors"
-	"github.com/Microsoft/hcsshim/internal/guid"
+
+	"github.com/Microsoft/go-winio/pkg/guid"
 	"github.com/Microsoft/hcsshim/internal/interop"
 	"github.com/sirupsen/logrus"
 )
@@ -132,6 +133,12 @@ func getNetwork(networkGuid guid.GUID, query string) (*HostComputeNetwork, error
 	}
 	// Convert output to HostComputeNetwork
 	var outputNetwork HostComputeNetwork
+
+	// If HNS sets the network type to NAT (i.e. '0' in HNS.Schema.Network.NetworkMode),
+	// the value will be omitted from the JSON blob. We therefore need to initialize NAT here before
+	// unmarshaling the JSON blob.
+	outputNetwork.Type = NAT
+
 	if err := json.Unmarshal([]byte(properties), &outputNetwork); err != nil {
 		return nil, err
 	}
@@ -196,6 +203,12 @@ func createNetwork(settings string) (*HostComputeNetwork, error) {
 	}
 	// Convert output to HostComputeNetwork
 	var outputNetwork HostComputeNetwork
+
+	// If HNS sets the network type to NAT (i.e. '0' in HNS.Schema.Network.NetworkMode),
+	// the value will be omitted from the JSON blob. We therefore need to initialize NAT here before
+	// unmarshaling the JSON blob.
+	outputNetwork.Type = NAT
+
 	if err := json.Unmarshal([]byte(properties), &outputNetwork); err != nil {
 		return nil, err
 	}
@@ -203,7 +216,10 @@ func createNetwork(settings string) (*HostComputeNetwork, error) {
 }
 
 func modifyNetwork(networkId string, settings string) (*HostComputeNetwork, error) {
-	networkGuid := guid.FromString(networkId)
+	networkGuid, err := guid.FromString(networkId)
+	if err != nil {
+		return nil, errInvalidNetworkID
+	}
 	// Open Network
 	var (
 		networkHandle    hcnNetwork
@@ -237,6 +253,12 @@ func modifyNetwork(networkId string, settings string) (*HostComputeNetwork, erro
 	}
 	// Convert output to HostComputeNetwork
 	var outputNetwork HostComputeNetwork
+
+	// If HNS sets the network type to NAT (i.e. '0' in HNS.Schema.Network.NetworkMode),
+	// the value will be omitted from the JSON blob. We therefore need to initialize NAT here before
+	// unmarshaling the JSON blob.
+	outputNetwork.Type = NAT
+
 	if err := json.Unmarshal([]byte(properties), &outputNetwork); err != nil {
 		return nil, err
 	}
@@ -244,7 +266,10 @@ func modifyNetwork(networkId string, settings string) (*HostComputeNetwork, erro
 }
 
 func deleteNetwork(networkId string) error {
-	networkGuid := guid.FromString(networkId)
+	networkGuid, err := guid.FromString(networkId)
+	if err != nil {
+		return errInvalidNetworkID
+	}
 	var resultBuffer *uint16
 	hr := hcnDeleteNetwork(&networkGuid, &resultBuffer)
 	if err := checkForErrors("hcnDeleteNetwork", hr, resultBuffer); err != nil {

vendor/github.com/Microsoft/hcsshim/hcn/hcnpolicy.go

@@ -1,6 +1,8 @@
 package hcn
 
-import "encoding/json"
+import (
+	"encoding/json"
+)
 
 // EndpointPolicyType are the potential Policies that apply to Endpoints.
 type EndpointPolicyType string
@@ -14,6 +16,7 @@ const (
 	OutBoundNAT   EndpointPolicyType = "OutBoundNAT"
 	SDNRoute      EndpointPolicyType = "SDNRoute"
 	L4Proxy       EndpointPolicyType = "L4Proxy"
+	L4WFPPROXY    EndpointPolicyType = "L4WFPPROXY"
 	PortName      EndpointPolicyType = "PortName"
 	EncapOverhead EndpointPolicyType = "EncapOverhead"
 	// Endpoint and Network have InterfaceConstraint and ProviderAddress
@@ -64,14 +67,18 @@ type SubnetPolicy struct {
 	Settings json.RawMessage  `json:",omitempty"`
 }
 
+// NatFlags are flags for portmappings.
+type NatFlags uint32
+
 /// Endpoint Policy objects
 
 // PortMappingPolicySetting defines Port Mapping (NAT)
 type PortMappingPolicySetting struct {
-	Protocol     uint32 `json:",omitempty"` // EX: TCP = 6, UDP = 17
-	InternalPort uint16 `json:",omitempty"`
-	ExternalPort uint16 `json:",omitempty"`
-	VIP          string `json:",omitempty"`
+	Protocol     uint32   `json:",omitempty"` // EX: TCP = 6, UDP = 17
+	InternalPort uint16   `json:",omitempty"`
+	ExternalPort uint16   `json:",omitempty"`
+	VIP          string   `json:",omitempty"`
+	Flags        NatFlags `json:",omitempty"`
 }
 
 // ActionType associated with ACLs. Value is either Allow or Block.
@@ -120,8 +127,9 @@ type QosPolicySetting struct {
 
 // OutboundNatPolicySetting sets outbound Network Address Translation on an Endpoint.
 type OutboundNatPolicySetting struct {
-	VirtualIP  string   `json:",omitempty"`
-	Exceptions []string `json:",omitempty"`
+	VirtualIP    string   `json:",omitempty"`
+	Exceptions   []string `json:",omitempty"`
+	Destinations []string `json:",omitempty"`
 }
 
 // SDNRoutePolicySetting sets SDN Route on an Endpoint.
@@ -131,14 +139,21 @@ type SDNRoutePolicySetting struct {
 	NeedEncap         bool   `json:",omitempty"`
 }
 
-// L4ProxyPolicySetting sets Layer-4 Proxy on an endpoint.
-type L4ProxyPolicySetting struct {
-	IP            string   `json:",omitempty"`
-	Port          string   `json:",omitempty"`
-	Protocol      uint32   `json:",omitempty"` // EX: TCP = 6, UDP = 17
-	ExceptionList []string `json:",omitempty"`
-	Destination   string   `json:","`
-	OutboundNat   bool     `json:",omitempty"`
+// FiveTuple is nested in L4ProxyPolicySetting for WFP support.
+type FiveTuple struct {
+	Protocols       string `json:",omitempty"`
+	LocalAddresses  string `json:",omitempty"`
+	RemoteAddresses string `json:",omitempty"`
+	LocalPorts      string `json:",omitempty"`
+	RemotePorts     string `json:",omitempty"`
+	Priority        uint16 `json:",omitempty"`
+}
+
+// L4WfpProxyPolicySetting sets Layer-4 Proxy on an endpoint.
+type L4WfpProxyPolicySetting struct {
+	Port        string    `json:",omitempty"`
+	FilterTuple FiveTuple `json:",omitempty"`
+	UserSID     string    `json:",omitempty"`
 }
 
 // PortnameEndpointPolicySetting sets the port name for an endpoint.

vendor/github.com/Microsoft/hcsshim/hcn/hcnroute.go

@@ -0,0 +1,266 @@
+package hcn
+
+import (
+	"encoding/json"
+	"errors"
+
+	"github.com/Microsoft/go-winio/pkg/guid"
+	"github.com/Microsoft/hcsshim/internal/interop"
+	"github.com/sirupsen/logrus"
+)
+
+// HostComputeRoute represents SDN routes.
+type HostComputeRoute struct {
+	ID                   string                  `json:"ID,omitempty"`
+	HostComputeEndpoints []string                `json:",omitempty"`
+	Setting              []SDNRoutePolicySetting `json:",omitempty"`
+	SchemaVersion        SchemaVersion           `json:",omitempty"`
+}
+
+// ListRoutes makes a call to list all available routes.
+func ListRoutes() ([]HostComputeRoute, error) {
+	hcnQuery := defaultQuery()
+	routes, err := ListRoutesQuery(hcnQuery)
+	if err != nil {
+		return nil, err
+	}
+	return routes, nil
+}
+
+// ListRoutesQuery makes a call to query the list of available routes.
+func ListRoutesQuery(query HostComputeQuery) ([]HostComputeRoute, error) {
+	queryJSON, err := json.Marshal(query)
+	if err != nil {
+		return nil, err
+	}
+
+	routes, err := enumerateRoutes(string(queryJSON))
+	if err != nil {
+		return nil, err
+	}
+	return routes, nil
+}
+
+// GetRouteByID returns the route specified by Id.
+func GetRouteByID(routeID string) (*HostComputeRoute, error) {
+	hcnQuery := defaultQuery()
+	mapA := map[string]string{"ID": routeID}
+	filter, err := json.Marshal(mapA)
+	if err != nil {
+		return nil, err
+	}
+	hcnQuery.Filter = string(filter)
+
+	routes, err := ListRoutesQuery(hcnQuery)
+	if err != nil {
+		return nil, err
+	}
+	if len(routes) == 0 {
+		return nil, RouteNotFoundError{RouteId: routeID}
+	}
+	return &routes[0], err
+}
+
+// Create Route.
+func (route *HostComputeRoute) Create() (*HostComputeRoute, error) {
+	logrus.Debugf("hcn::HostComputeRoute::Create id=%s", route.ID)
+
+	jsonString, err := json.Marshal(route)
+	if err != nil {
+		return nil, err
+	}
+
+	logrus.Debugf("hcn::HostComputeRoute::Create JSON: %s", jsonString)
+	route, hcnErr := createRoute(string(jsonString))
+	if hcnErr != nil {
+		return nil, hcnErr
+	}
+	return route, nil
+}
+
+// Delete Route.
+func (route *HostComputeRoute) Delete() error {
+	logrus.Debugf("hcn::HostComputeRoute::Delete id=%s", route.ID)
+
+	existingRoute, _ := GetRouteByID(route.ID)
+
+	if existingRoute != nil {
+		if err := deleteRoute(route.ID); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// AddEndpoint add an endpoint to a route
+// Since HCNRoute doesn't implement modify functionality, add operation is essentially delete and add
+func (route *HostComputeRoute) AddEndpoint(endpoint *HostComputeEndpoint) (*HostComputeRoute, error) {
+	logrus.Debugf("hcn::HostComputeRoute::AddEndpoint route=%s endpoint=%s", route.ID, endpoint.Id)
+
+	err := route.Delete()
+	if err != nil {
+		return nil, err
+	}
+
+	// Add Endpoint to the Existing List
+	route.HostComputeEndpoints = append(route.HostComputeEndpoints, endpoint.Id)
+
+	return route.Create()
+}
+
+// RemoveEndpoint removes an endpoint from a route
+// Since HCNRoute doesn't implement modify functionality, remove operation is essentially delete and add
+func (route *HostComputeRoute) RemoveEndpoint(endpoint *HostComputeEndpoint) (*HostComputeRoute, error) {
+	logrus.Debugf("hcn::HostComputeRoute::RemoveEndpoint route=%s endpoint=%s", route.ID, endpoint.Id)
+
+	err := route.Delete()
+	if err != nil {
+		return nil, err
+	}
+
+	// Create a list of all the endpoints besides the one being removed
+	i := 0
+	for index, endpointReference := range route.HostComputeEndpoints {
+		if endpointReference == endpoint.Id {
+			i = index
+			break
+		}
+	}
+
+	route.HostComputeEndpoints = append(route.HostComputeEndpoints[0:i], route.HostComputeEndpoints[i+1:]...)
+	return route.Create()
+}
+
+// AddRoute for the specified endpoints and SDN Route setting
+func AddRoute(endpoints []HostComputeEndpoint, destinationPrefix string, nextHop string, needEncapsulation bool) (*HostComputeRoute, error) {
+	logrus.Debugf("hcn::HostComputeRoute::AddRoute endpointId=%v, destinationPrefix=%v, nextHop=%v, needEncapsulation=%v", endpoints, destinationPrefix, nextHop, needEncapsulation)
+
+	if len(endpoints) <= 0 {
+		return nil, errors.New("Missing endpoints")
+	}
+
+	route := &HostComputeRoute{
+		SchemaVersion: V2SchemaVersion(),
+		Setting: []SDNRoutePolicySetting{
+			{
+				DestinationPrefix: destinationPrefix,
+				NextHop:           nextHop,
+				NeedEncap:         needEncapsulation,
+			},
+		},
+	}
+
+	for _, endpoint := range endpoints {
+		route.HostComputeEndpoints = append(route.HostComputeEndpoints, endpoint.Id)
+	}
+
+	return route.Create()
+}
+
+func enumerateRoutes(query string) ([]HostComputeRoute, error) {
+	// Enumerate all routes Guids
+	var (
+		resultBuffer *uint16
+		routeBuffer  *uint16
+	)
+	hr := hcnEnumerateRoutes(query, &routeBuffer, &resultBuffer)
+	if err := checkForErrors("hcnEnumerateRoutes", hr, resultBuffer); err != nil {
+		return nil, err
+	}
+
+	routes := interop.ConvertAndFreeCoTaskMemString(routeBuffer)
+	var routeIds []guid.GUID
+	if err := json.Unmarshal([]byte(routes), &routeIds); err != nil {
+		return nil, err
+	}
+
+	var outputRoutes []HostComputeRoute
+	for _, routeGUID := range routeIds {
+		route, err := getRoute(routeGUID, query)
+		if err != nil {
+			return nil, err
+		}
+		outputRoutes = append(outputRoutes, *route)
+	}
+	return outputRoutes, nil
+}
+
+func getRoute(routeGUID guid.GUID, query string) (*HostComputeRoute, error) {
+	// Open routes.
+	var (
+		routeHandle      hcnRoute
+		resultBuffer     *uint16
+		propertiesBuffer *uint16
+	)
+	hr := hcnOpenRoute(&routeGUID, &routeHandle, &resultBuffer)
+	if err := checkForErrors("hcnOpenRoute", hr, resultBuffer); err != nil {
+		return nil, err
+	}
+	// Query routes.
+	hr = hcnQueryRouteProperties(routeHandle, query, &propertiesBuffer, &resultBuffer)
+	if err := checkForErrors("hcnQueryRouteProperties", hr, resultBuffer); err != nil {
+		return nil, err
+	}
+	properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer)
+	// Close routes.
+	hr = hcnCloseRoute(routeHandle)
+	if err := checkForErrors("hcnCloseRoute", hr, nil); err != nil {
+		return nil, err
+	}
+	// Convert output to HostComputeRoute
+	var outputRoute HostComputeRoute
+	if err := json.Unmarshal([]byte(properties), &outputRoute); err != nil {
+		return nil, err
+	}
+	return &outputRoute, nil
+}
+
+func createRoute(settings string) (*HostComputeRoute, error) {
+	// Create new route.
+	var (
+		routeHandle      hcnRoute
+		resultBuffer     *uint16
+		propertiesBuffer *uint16
+	)
+	routeGUID := guid.GUID{}
+	hr := hcnCreateRoute(&routeGUID, settings, &routeHandle, &resultBuffer)
+	if err := checkForErrors("hcnCreateRoute", hr, resultBuffer); err != nil {
+		return nil, err
+	}
+	// Query route.
+	hcnQuery := defaultQuery()
+	query, err := json.Marshal(hcnQuery)
+	if err != nil {
+		return nil, err
+	}
+	hr = hcnQueryRouteProperties(routeHandle, string(query), &propertiesBuffer, &resultBuffer)
+	if err := checkForErrors("hcnQueryRouteProperties", hr, resultBuffer); err != nil {
+		return nil, err
+	}
+	properties := interop.ConvertAndFreeCoTaskMemString(propertiesBuffer)
+	// Close Route.
+	hr = hcnCloseRoute(routeHandle)
+	if err := checkForErrors("hcnCloseRoute", hr, nil); err != nil {
+		return nil, err
+	}
+	// Convert output to HostComputeRoute
+	var outputRoute HostComputeRoute
+	if err := json.Unmarshal([]byte(properties), &outputRoute); err != nil {
+		return nil, err
+	}
+	return &outputRoute, nil
+}
+
+func deleteRoute(routeID string) error {
+	routeGUID, err := guid.FromString(routeID)
+	if err != nil {
+		return errInvalidRouteID
+	}
+	var resultBuffer *uint16
+	hr := hcnDeleteRoute(&routeGUID, &resultBuffer)
+	if err := checkForErrors("hcnDeleteRoute", hr, resultBuffer); err != nil {
+		return err
+	}
+	return nil
+}

vendor/github.com/Microsoft/hcsshim/hcn/hcnsupport.go

@@ -6,11 +6,15 @@ import (
 
 // SupportedFeatures are the features provided by the Service.
 type SupportedFeatures struct {
-	Acl          AclFeatures `json:"ACL"`
-	Api          ApiSupport  `json:"API"`
-	RemoteSubnet bool        `json:"RemoteSubnet"`
-	HostRoute    bool        `json:"HostRoute"`
-	DSR          bool        `json:"DSR"`
+	Acl                      AclFeatures `json:"ACL"`
+	Api                      ApiSupport  `json:"API"`
+	RemoteSubnet             bool        `json:"RemoteSubnet"`
+	HostRoute                bool        `json:"HostRoute"`
+	DSR                      bool        `json:"DSR"`
+	Slash32EndpointPrefixes  bool        `json:"Slash32EndpointPrefixes"`
+	AclSupportForProtocol252 bool        `json:"AclSupportForProtocol252"`
+	SessionAffinity          bool        `json:"SessionAffinity"`
+	IPv6DualStack            bool        `json:"IPv6DualStack"`
 }
 
 // AclFeatures are the supported ACL possibilities.
@@ -53,18 +57,39 @@ func GetSupportedFeatures() SupportedFeatures {
 	features.RemoteSubnet = isFeatureSupported(globals.Version, RemoteSubnetVersion)
 	features.HostRoute = isFeatureSupported(globals.Version, HostRouteVersion)
 	features.DSR = isFeatureSupported(globals.Version, DSRVersion)
+	features.Slash32EndpointPrefixes = isFeatureSupported(globals.Version, Slash32EndpointPrefixesVersion)
+	features.AclSupportForProtocol252 = isFeatureSupported(globals.Version, AclSupportForProtocol252Version)
+	features.SessionAffinity = isFeatureSupported(globals.Version, SessionAffinityVersion)
+	features.IPv6DualStack = isFeatureSupported(globals.Version, IPv6DualStackVersion)
 
 	return features
 }
 
-func isFeatureSupported(currentVersion Version, minVersionSupported Version) bool {
-	if currentVersion.Major < minVersionSupported.Major {
+func isFeatureSupported(currentVersion Version, versionsSupported VersionRanges) bool {
+	isFeatureSupported := false
+
+	for _, versionRange := range versionsSupported {
+		isFeatureSupported = isFeatureSupported || isFeatureInRange(currentVersion, versionRange)
+	}
+
+	return isFeatureSupported
+}
+
+func isFeatureInRange(currentVersion Version, versionRange VersionRange) bool {
+	if currentVersion.Major < versionRange.MinVersion.Major {
+		logrus.Infof("currentVersion.Major < versionRange.MinVersion.Major: %v, %v", currentVersion.Major, versionRange.MinVersion.Major)
 		return false
 	}
-	if currentVersion.Major > minVersionSupported.Major {
-		return true
+	if currentVersion.Major > versionRange.MaxVersion.Major {
+		logrus.Infof("currentVersion.Major > versionRange.MaxVersion.Major: %v, %v", currentVersion.Major, versionRange.MaxVersion.Major)
+		return false
 	}
-	if currentVersion.Minor < minVersionSupported.Minor {
+	if currentVersion.Major == versionRange.MinVersion.Major && currentVersion.Minor < versionRange.MinVersion.Minor {
+		logrus.Infof("currentVersion.Minor < versionRange.MinVersion.Major: %v, %v", currentVersion.Minor, versionRange.MinVersion.Minor)
+		return false
+	}
+	if currentVersion.Major == versionRange.MaxVersion.Major && currentVersion.Minor > versionRange.MaxVersion.Minor {
+		logrus.Infof("currentVersion.Minor > versionRange.MaxVersion.Major: %v, %v", currentVersion.Minor, versionRange.MaxVersion.Minor)
 		return false
 	}
 	return true

vendor/github.com/Microsoft/hcsshim/hcn/zsyscall_windows.go

@@ -71,6 +71,13 @@ var (
 	procHcnQueryLoadBalancerProperties = modcomputenetwork.NewProc("HcnQueryLoadBalancerProperties")
 	procHcnDeleteLoadBalancer          = modcomputenetwork.NewProc("HcnDeleteLoadBalancer")
 	procHcnCloseLoadBalancer           = modcomputenetwork.NewProc("HcnCloseLoadBalancer")
+	procHcnEnumerateSdnRoutes          = modcomputenetwork.NewProc("HcnEnumerateSdnRoutes")
+	procHcnCreateSdnRoute              = modcomputenetwork.NewProc("HcnCreateSdnRoute")
+	procHcnOpenSdnRoute                = modcomputenetwork.NewProc("HcnOpenSdnRoute")
+	procHcnModifySdnRoute              = modcomputenetwork.NewProc("HcnModifySdnRoute")
+	procHcnQuerySdnRouteProperties     = modcomputenetwork.NewProc("HcnQuerySdnRouteProperties")
+	procHcnDeleteSdnRoute              = modcomputenetwork.NewProc("HcnDeleteSdnRoute")
+	procHcnCloseSdnRoute               = modcomputenetwork.NewProc("HcnCloseSdnRoute")
 	procHcnOpenService                 = modcomputenetwork.NewProc("HcnOpenService")
 	procHcnRegisterServiceCallback     = modcomputenetwork.NewProc("HcnRegisterServiceCallback")
 	procHcnUnregisterServiceCallback   = modcomputenetwork.NewProc("HcnUnregisterServiceCallback")
@@ -657,6 +664,140 @@ func hcnCloseLoadBalancer(loadBalancer hcnLoadBalancer) (hr error) {
 	return
 }
 
+func hcnEnumerateRoutes(query string, routes **uint16, result **uint16) (hr error) {
+	var _p0 *uint16
+	_p0, hr = syscall.UTF16PtrFromString(query)
+	if hr != nil {
+		return
+	}
+	return _hcnEnumerateRoutes(_p0, routes, result)
+}
+
+func _hcnEnumerateRoutes(query *uint16, routes **uint16, result **uint16) (hr error) {
+	if hr = procHcnEnumerateSdnRoutes.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall(procHcnEnumerateSdnRoutes.Addr(), 3, uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(routes)), uintptr(unsafe.Pointer(result)))
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func hcnCreateRoute(id *_guid, settings string, route *hcnRoute, result **uint16) (hr error) {
+	var _p0 *uint16
+	_p0, hr = syscall.UTF16PtrFromString(settings)
+	if hr != nil {
+		return
+	}
+	return _hcnCreateRoute(id, _p0, route, result)
+}
+
+func _hcnCreateRoute(id *_guid, settings *uint16, route *hcnRoute, result **uint16) (hr error) {
+	if hr = procHcnCreateSdnRoute.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall6(procHcnCreateSdnRoute.Addr(), 4, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(route)), uintptr(unsafe.Pointer(result)), 0, 0)
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func hcnOpenRoute(id *_guid, route *hcnRoute, result **uint16) (hr error) {
+	if hr = procHcnOpenSdnRoute.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall(procHcnOpenSdnRoute.Addr(), 3, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(route)), uintptr(unsafe.Pointer(result)))
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func hcnModifyRoute(route hcnRoute, settings string, result **uint16) (hr error) {
+	var _p0 *uint16
+	_p0, hr = syscall.UTF16PtrFromString(settings)
+	if hr != nil {
+		return
+	}
+	return _hcnModifyRoute(route, _p0, result)
+}
+
+func _hcnModifyRoute(route hcnRoute, settings *uint16, result **uint16) (hr error) {
+	if hr = procHcnModifySdnRoute.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall(procHcnModifySdnRoute.Addr(), 3, uintptr(route), uintptr(unsafe.Pointer(settings)), uintptr(unsafe.Pointer(result)))
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func hcnQueryRouteProperties(route hcnRoute, query string, properties **uint16, result **uint16) (hr error) {
+	var _p0 *uint16
+	_p0, hr = syscall.UTF16PtrFromString(query)
+	if hr != nil {
+		return
+	}
+	return _hcnQueryRouteProperties(route, _p0, properties, result)
+}
+
+func _hcnQueryRouteProperties(route hcnRoute, query *uint16, properties **uint16, result **uint16) (hr error) {
+	if hr = procHcnQuerySdnRouteProperties.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall6(procHcnQuerySdnRouteProperties.Addr(), 4, uintptr(route), uintptr(unsafe.Pointer(query)), uintptr(unsafe.Pointer(properties)), uintptr(unsafe.Pointer(result)), 0, 0)
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func hcnDeleteRoute(id *_guid, result **uint16) (hr error) {
+	if hr = procHcnDeleteSdnRoute.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall(procHcnDeleteSdnRoute.Addr(), 2, uintptr(unsafe.Pointer(id)), uintptr(unsafe.Pointer(result)), 0)
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
+func hcnCloseRoute(route hcnRoute) (hr error) {
+	if hr = procHcnCloseSdnRoute.Find(); hr != nil {
+		return
+	}
+	r0, _, _ := syscall.Syscall(procHcnCloseSdnRoute.Addr(), 1, uintptr(route), 0, 0)
+	if int32(r0) < 0 {
+		if r0&0x1fff0000 == 0x00070000 {
+			r0 &= 0xffff
+		}
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
 func hcnOpenService(service *hcnService, result **uint16) (hr error) {
 	if hr = procHcnOpenService.Find(); hr != nil {
 		return