ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nat: nat44-ei configuration improvements

Browse Source 
nat44-ed core configuration improvements & fixes [0-5] adjusted
for nat44-ei plugin.

Improvements:
 * repeating code converted to functions
 * simplified functions used for pool address, static mapping
and interface configuration.

Clean up:
 * remove obsolete code and logic persisted after plugin
separation from old SNAT plugin.

Fixes:
 * [0] return correct API behavior changed in [5]

Type: improvement

[0] https://gerrit.fd.io/r/c/vpp/+/33622
[1] https://gerrit.fd.io/r/c/vpp/+/33431
[2] https://gerrit.fd.io/r/c/vpp/+/33337
[3] https://gerrit.fd.io/r/c/vpp/+/33249
[4] https://gerrit.fd.io/r/c/vpp/+/32796
[5] https://gerrit.fd.io/r/c/vpp/+/32951

Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ie197faa576cb49acb3d218f14e00cb7d13ad9342
This commit is contained in:
Filip Varga
2021-09-30 13:35:59 +02:00
committed by Ole Tr�an
parent 27775f0b90
commit 1953da6610
7 changed files with 1636 additions and 1104 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/plugins/nat/nat44-ei/nat44_ei.api
+39
View File
@@ -550,6 +550,45 @@ define nat44_ei_interface_output_feature_details {
vl_api_interface_index_t sw_if_index;
};
/** \brief add/del NAT output interface (postrouting
in2out translation)
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@param is_add - true if add, false if delete
@param sw_if_index - software index of the interface
*/
autoendian autoreply define nat44_ei_add_del_output_interface {
u32 client_index;
u32 context;
bool is_add;
vl_api_interface_index_t sw_if_index;
};
service {
rpc nat44_ei_output_interface_get returns nat44_ei_output_interface_get_reply
stream nat44_ei_output_interface_details;
};
define nat44_ei_output_interface_get
{
u32 client_index;
u32 context;
u32 cursor;
};
define nat44_ei_output_interface_get_reply
{
u32 context;
i32 retval;
u32 cursor;
};
define nat44_ei_output_interface_details
{
u32 context;
vl_api_interface_index_t sw_if_index;
};
/** \brief Add/delete NAT44 static mapping
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
src/plugins/nat/nat44-ei/nat44_ei.c
+1220 -904
View File
File diff suppressed because it is too large Load Diff
src/plugins/nat/nat44-ei/nat44_ei.h
+52 -55
View File
@@ -63,8 +63,8 @@ typedef enum
#define NAT44_EI_SESSION_FLAG_UNKNOWN_PROTO (1 << 1)
/* Static mapping flags */
#define NAT44_EI_STATIC_MAPPING_FLAG_ADDR_ONLY (1 << 0)
#define NAT44_EI_STATIC_MAPPING_FLAG_IDENTITY_NAT (1 << 1)
#define NAT44_EI_SM_FLAG_ADDR_ONLY (1 << 0)
#define NAT44_EI_SM_FLAG_IDENTITY_NAT (1 << 1)
typedef struct
{
@@ -139,13 +139,9 @@ typedef struct
u32 vrf_id;
u32 flags;
nat_protocol_t proto;
u8 addr_only;
u8 identity_nat;
u8 exact;
u8 *tag;
} nat44_ei_static_map_resolve_t;
// TODO: cleanup/redo (there is no lb in EI nat)
typedef struct
{
/* backend IP address */
@@ -340,6 +336,8 @@ typedef struct nat44_ei_main_s
/* Interface pool */
nat44_ei_interface_t *interfaces;
nat44_ei_interface_t *output_feature_interfaces;
// broken api backward compatibility
nat44_ei_interface_t *output_feature_dummy_interfaces;
/* Is translation memory size calculated or user defined */
u8 translation_memory_size_set;
@@ -484,9 +482,16 @@ typedef struct nat44_ei_main_s
extern nat44_ei_main_t nat44_ei_main;
int nat44_ei_plugin_enable (nat44_ei_config_t c);
int nat44_ei_plugin_disable ();
int nat44_ei_add_del_interface (u32 sw_if_index, u8 is_inside, int is_del);
int nat44_ei_add_del_output_interface (u32 sw_if_index, int is_del);
int nat44_ei_add_address (ip4_address_t *addr, u32 vrf_id);
int nat44_ei_del_address (ip4_address_t addr, u8 delete_sm);
int nat44_ei_add_interface_address (u32 sw_if_index);
int nat44_ei_del_interface_address (u32 sw_if_index);
/**
* @brief Delete specific NAT44 EI user and his sessions
*
@@ -533,29 +538,14 @@ void nat44_ei_set_alloc_mape (u16 psid, u16 psid_offset, u16 psid_length);
*/
void nat44_ei_set_alloc_range (u16 start_port, u16 end_port);
/**
* @brief Add/delete NAT44-EI static mapping
*
* @param l_addr local IPv4 address
* @param e_addr external IPv4 address
* @param l_port local port number
* @param e_port external port number
* @param proto L4 protocol
* @param sw_if_index use interface address as external IPv4 address
* @param vrf_id local VRF ID
* @param addr_only 1 = 1:1NAT, 0 = 1:1NAPT
* @param identity_nat identity NAT
* @param tag opaque string tag
* @param is_add 1 = add, 0 = delete
*
* @return 0 on success, non-zero value otherwise
int nat44_ei_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr,
u16 l_port, u16 e_port, nat_protocol_t proto,
u32 vrf_id, u32 sw_if_index, u32 flags,
ip4_address_t pool_addr, u8 *tag);
*/
int nat44_ei_add_del_static_mapping (ip4_address_t l_addr,
ip4_address_t e_addr, u16 l_port,
u16 e_port, nat_protocol_t proto,
u32 sw_if_index, u32 vrf_id, u8 addr_only,
u8 identity_nat, u8 *tag, u8 is_add);
int nat44_ei_del_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr,
u16 l_port, u16 e_port, nat_protocol_t proto,
u32 vrf_id, u32 sw_if_index, u32 flags);
/**
* @brief Delete NAT44-EI session
@@ -620,9 +610,6 @@ int nat44_ei_set_outside_address_and_port (nat44_ei_address_t *addresses,
ip4_address_t addr, u16 port,
nat_protocol_t protocol);
int nat44_ei_del_address (nat44_ei_main_t *nm, ip4_address_t addr,
u8 delete_sm);
void nat44_ei_free_session_data (nat44_ei_main_t *nm, nat44_ei_session_t *s,
u32 thread_index, u8 is_ha);
@@ -630,20 +617,9 @@ int nat44_ei_set_workers (uword *bitmap);
void nat44_ei_add_del_address_dpo (ip4_address_t addr, u8 is_add);
int nat44_ei_add_address (nat44_ei_main_t *nm, ip4_address_t *addr,
u32 vrf_id);
void nat44_ei_delete_session (nat44_ei_main_t *nm, nat44_ei_session_t *ses,
u32 thread_index);
int nat44_ei_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del);
int nat44_ei_interface_add_del_output_feature (u32 sw_if_index, u8 is_inside,
int is_del);
int nat44_ei_add_interface_address (nat44_ei_main_t *nm, u32 sw_if_index,
int is_del);
/* Call back functions for clib_bihash_add_or_overwrite_stale */
int nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t *kv, void *arg);
int nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t *kv, void *arg);
@@ -665,20 +641,41 @@ u32 nat44_ei_icmp_hairpinning (nat44_ei_main_t *nm, vlib_buffer_t *b0,
int nat44_ei_set_frame_queue_nelts (u32 frame_queue_nelts);
#define nat44_ei_is_session_static(sp) \
(sp->flags & NAT44_EI_SESSION_FLAG_STATIC_MAPPING)
#define nat44_ei_is_unk_proto_session(sp) \
(sp->flags & NAT44_EI_SESSION_FLAG_UNKNOWN_PROTO)
always_inline bool
nat44_ei_is_session_static (nat44_ei_session_t *s)
{
return (s->flags & NAT44_EI_SESSION_FLAG_STATIC_MAPPING);
}
#define nat44_ei_interface_is_inside(ip) \
(ip->flags & NAT44_EI_INTERFACE_FLAG_IS_INSIDE)
#define nat44_ei_interface_is_outside(ip) \
(ip->flags & NAT44_EI_INTERFACE_FLAG_IS_OUTSIDE)
always_inline bool
nat44_ei_is_unk_proto_session (nat44_ei_session_t *s)
{
return (s->flags & NAT44_EI_SESSION_FLAG_UNKNOWN_PROTO);
}
#define nat44_ei_is_addr_only_static_mapping(mp) \
(mp->flags & NAT44_EI_STATIC_MAPPING_FLAG_ADDR_ONLY)
#define nat44_ei_is_identity_static_mapping(mp) \
(mp->flags & NAT44_EI_STATIC_MAPPING_FLAG_IDENTITY_NAT)
always_inline bool
nat44_ei_interface_is_inside (nat44_ei_interface_t *i)
{
return (i->flags & NAT44_EI_INTERFACE_FLAG_IS_INSIDE);
}
always_inline bool
nat44_ei_interface_is_outside (nat44_ei_interface_t *i)
{
return (i->flags & NAT44_EI_INTERFACE_FLAG_IS_OUTSIDE);
}
always_inline bool
is_sm_addr_only (u32 f)
{
return (f & NAT44_EI_SM_FLAG_ADDR_ONLY);
}
always_inline bool
is_sm_identity_nat (u32 f)
{
return (f & NAT44_EI_SM_FLAG_IDENTITY_NAT);
}
/* logging */
#define nat44_ei_log_err(...) \
src/plugins/nat/nat44-ei/nat44_ei_api.c
+217 -59
View File
File diff suppressed because it is too large Load Diff
src/plugins/nat/nat44-ei/nat44_ei_cli.c
+107 -68
View File
File diff suppressed because it is too large Load Diff
src/plugins/nat/nat44-ei/nat44_ei_handoff.c
-2
View File
@@ -83,8 +83,6 @@ nat44_ei_worker_handoff_fn_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
vlib_get_buffers (vm, from, b, n_left_from);
// TODO: move to nm
// TODO: remove callbacks and use inlines that should be moved here
if (is_in2out)
{
fq_index = is_output ? nm->fq_in2out_output_index : nm->fq_in2out_index;
test/test_nat44_ei.py
+1 -16
View File
@@ -2831,13 +2831,6 @@ class TestNAT44EI(MethodHolder):
def test_output_feature(self):
""" NAT44EI output feature (in2out postrouting) """
self.nat44_add_address(self.nat_addr)
flags = self.config_flags.NAT44_EI_IF_INSIDE
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1, flags=flags,
sw_if_index=self.pg0.sw_if_index)
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1, flags=flags,
sw_if_index=self.pg1.sw_if_index)
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1,
sw_if_index=self.pg3.sw_if_index)
@@ -2884,13 +2877,6 @@ class TestNAT44EI(MethodHolder):
self.nat44_add_address(nat_ip_vrf10, vrf_id=10)
self.nat44_add_address(nat_ip_vrf20, vrf_id=20)
flags = self.config_flags.NAT44_EI_IF_INSIDE
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1, flags=flags,
sw_if_index=self.pg4.sw_if_index)
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1, flags=flags,
sw_if_index=self.pg6.sw_if_index)
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1,
sw_if_index=self.pg3.sw_if_index)
@@ -2937,9 +2923,8 @@ class TestNAT44EI(MethodHolder):
server_out_port = 8765
self.nat44_add_address(self.nat_addr)
flags = self.config_flags.NAT44_EI_IF_INSIDE
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1, flags=flags,
is_add=1,
sw_if_index=self.pg0.sw_if_index)
self.vapi.nat44_ei_interface_add_del_output_feature(
is_add=1,