CGN: IPFIX logging

maximum entries per user exceeded event

Change-Id: Ie35d7f40f55001e2ef4a38f934f176594f25b189
Signed-off-by: Matus Fabian <matfabia@cisco.com>

src/plugins/snat/snat_det.h

@@ -24,6 +24,7 @@
 
 #include <vnet/ip/ip.h>
 #include <snat/snat.h>
+#include <snat/snat_ipfix_logging.h>
 
 
 #define SNAT_DET_SES_PER_USER 1000
@@ -170,6 +171,7 @@ snat_det_ses_create (snat_det_map_t * dm, ip4_address_t * in_addr,
 	}
     }
 
+  snat_ipfix_logging_max_entries_per_user (in_addr->as_u32);
   return 0;
 }
 

src/plugins/snat/snat_ipfix_logging.h

@@ -22,8 +22,13 @@ typedef enum {
   NAT44_SESSION_CREATE = 4,
   NAT44_SESSION_DELETE = 5,
   NAT_PORTS_EXHAUSTED = 12,
+  QUOTA_EXCEEDED = 13,
 } nat_event_t;
 
+typedef enum {
+  MAX_ENTRIES_PER_USER = 3,
+} quota_exceed_event_t;
+
 typedef struct {
   /** S-NAT IPFIX logging enabled */
   u8 enabled;
@@ -31,14 +36,17 @@ typedef struct {
   /** ipfix buffers under construction */
   vlib_buffer_t *nat44_session_buffer;
   vlib_buffer_t *addr_exhausted_buffer;
+  vlib_buffer_t *max_entries_per_user_buffer;
 
   /** frames containing ipfix buffers */
   vlib_frame_t *nat44_session_frame;
   vlib_frame_t *addr_exhausted_frame;
+  vlib_frame_t *max_entries_per_user_frame;
 
   /** next record offset */
   u32 nat44_session_next_record_offset;
   u32 addr_exhausted_next_record_offset;
+  u32 max_entries_per_user_next_record_offset;
 
   /** Time reference pair */
   u64 milisecond_time_0;
@@ -47,6 +55,7 @@ typedef struct {
   /** template IDs */
   u16 nat44_session_template_id;
   u16 addr_exhausted_template_id;
+  u16 max_entries_per_user_template_id;
 
   /** stream index */
   u32 stream_index;
@@ -65,4 +74,6 @@ void snat_ipfix_logging_nat44_ses_delete (u32 src_ip, u32 nat_src_ip,
                                           u16 src_port, u16 nat_src_port,
                                           u32 vrf_id);
 void snat_ipfix_logging_addresses_exhausted(u32 pool_id);
+void snat_ipfix_logging_max_entries_per_user(u32 src_ip);
+
 #endif /* __included_snat_ipfix_logging_h__ */

src/vnet/flow/ipfix_info_elements.h

@@ -418,7 +418,8 @@ _(layer2OctetTotalSumOfSquares, 429, u64)                               \
 _(layer2FrameDeltaCount, 430, u64)                                      \
 _(layer2FrameTotalCount, 431, u64)                                      \
 _(pseudoWireDestinationIPv4Address, 432, ip4_address_t)                 \
-_(ignoredLayer2FrameTotalCount, 433, u64)
+_(ignoredLayer2FrameTotalCount, 433, u64)                               \
+_(natQuotaExceededEvent, 466, u32)
 
 typedef enum {
 #define _(n,v,t) n = v,

test/test_snat.py

@@ -1338,7 +1338,7 @@ class TestDeterministicNAT(MethodHolder):
             cls.icmp_id_in = 6305
             cls.snat_addr = '10.0.0.3'
 
-            cls.create_pg_interfaces(range(2))
+            cls.create_pg_interfaces(range(3))
             cls.interfaces = list(cls.pg_interfaces)
 
             for i in cls.interfaces:
@@ -1483,6 +1483,21 @@ class TestDeterministicNAT(MethodHolder):
             self.logger.error("TCP 3 way handshake failed")
             raise
 
+    def verify_ipfix_max_entries_per_user(self, data):
+        """
+        Verify IPFIX maximum entries per user exceeded event
+
+        :param data: Decoded IPFIX data records
+        """
+        self.assertEqual(1, len(data))
+        record = data[0]
+        # natEvent
+        self.assertEqual(ord(record[230]), 13)
+        # natQuotaExceededEvent
+        self.assertEqual('\x03\x00\x00\x00', record[466])
+        # sourceIPv4Address
+        self.assertEqual(self.pg0.remote_ip4n, record[8])
+
     def test_deterministic_mode(self):
         """ S-NAT run deterministic mode """
         in_addr = '172.16.255.0'
@@ -1827,6 +1842,11 @@ class TestDeterministicNAT(MethodHolder):
         self.vapi.snat_interface_add_del_feature(self.pg0.sw_if_index)
         self.vapi.snat_interface_add_del_feature(self.pg1.sw_if_index,
                                                  is_inside=0)
+        self.vapi.set_ipfix_exporter(collector_address=self.pg2.remote_ip4n,
+                                     src_address=self.pg2.local_ip4n,
+                                     path_mtu=512,
+                                     template_interval=10)
+        self.vapi.snat_ipfix()
 
         pkts = []
         for port in range(1025, 2025):
@@ -1852,10 +1872,26 @@ class TestDeterministicNAT(MethodHolder):
 
         self.assertEqual(1000, dms[0].ses_num)
 
+        # verify IPFIX logging
+        self.vapi.cli("ipfix flush")  # FIXME this should be an API call
+        capture = self.pg2.get_capture(2)
+        ipfix = IPFIXDecoder()
+        # first load template
+        for p in capture:
+            self.assertTrue(p.haslayer(IPFIX))
+            if p.haslayer(Template):
+                ipfix.add_template(p.getlayer(Template))
+        # verify events in data set
+        for p in capture:
+            if p.haslayer(Data):
+                data = ipfix.decode_data_set(p.getlayer(Set))
+                self.verify_ipfix_max_entries_per_user(data)
+
     def clear_snat(self):
         """
         Clear SNAT configuration.
         """
+        self.vapi.snat_ipfix(enable=0)
         self.vapi.snat_det_set_timeouts()
         deterministic_mappings = self.vapi.snat_det_map_dump()
         for dsm in deterministic_mappings: