From 2ba92e32e0197f676dd905e5edcb4ff3e1bec241 Mon Sep 17 00:00:00 2001 From: Matus Fabian Date: Mon, 21 Aug 2017 07:05:03 -0700 Subject: NAT: Rename snat plugin to nat (VPP-955) Change-Id: I30a7e3da7a4efc6038a91e27b48045d4b07e2764 Signed-off-by: Matus Fabian --- src/plugins/nat/nat64_doc.md | 73 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 src/plugins/nat/nat64_doc.md (limited to 'src/plugins/nat/nat64_doc.md') diff --git a/src/plugins/nat/nat64_doc.md b/src/plugins/nat/nat64_doc.md new file mode 100644 index 00000000..f94467da --- /dev/null +++ b/src/plugins/nat/nat64_doc.md @@ -0,0 +1,73 @@ +# Stateful NAT64: Network Address and Protocol Translation from IPv6 Clients to IPv4 Servers {#nat64_doc} + +## Introduction + +Stateful NAT64 in VPP allows IPv6-only clients to contact IPv4 servers using unicast UDP, TCP, or ICMP based on RFC 6146. + +## Configuration + +### Enable/disable NAT64 feature on the interface + +> set interface nat64 in|out [del] + +in: inside/local/IPv6 network +out: outside/external/IPv4 network +intfc: interface name + +### Add/delete NAT64 pool address + +One or more public IPv4 addresses assigned to a NAT64 are shared among several IPv6-only clients. + +> nat64 add pool address [- ] [tenant-vrf ] [del] + +ip4-range-start: First IPv4 address of the range +ip4-range-end: Last IPv4 address of the range (optional, not used for single address) +tenant-vrf-id: VRF id of the tenant associated with the pool address (optional, if not set pool address is global) + +### Add/delete static BIB entry + +Stateful NAT64 also supports IPv4-initiated communications to a subset of the IPv6 hosts through staticaly configured bindings. + +> nat64 add static bib tcp|udp|icmp [vfr ] [del] + +ip6-addr: inside IPv6 address of the host +in-port: inside port or ICMPv6 identifier +ip4-addr: outside IPv4 address of the host +out-port: outside port or ICMPv4 identifier +table-id: VRF id of the tenant associated with the BIB entry (optional, default use global VRF) + +### Set NAT64 session timeouts + +Session is deleted when timer expires. If all sessions corresponding to a dynamically create BIB entry are deleted, then the BIB entry is also deleted. When packets are flowing sessiom timer is refreshed to keep the session alive. + +> set nat64 timeouts udp icmp tcp-trans tcp-est tcp-incoming-syn | reset + +udp: UDP session timeout value (default 300sec) +icmp: ICMP session timeout value (default 60sec) +tcp-trans: transitory TCP session timeout value (default 240sec) +tcp-est: established TCP session timeout value (default 7440sec) +tcp-incoming-syn: incoming SYN TCP session timeout value (default 6sec) +reset: reset timers to default values + +### Set NAT64 prefix + +Stateful NAT64 support the algorithm for generating IPv6 representations of IPv4 addresses defined in RFC 6052. If no prefix is configured, Well-Known Prefix (64:ff9b::/96) is used. + +> nat64 add prefix / [tenant-vrf ] [del] + +ip6-prefix: IPv6 prefix +plen: prefix length (valid values: 32, 40, 48, 56, 64, or 96) +tenant-vrf: VRF id of the tenant associated with the prefix + +### Show commands + +> show nat64 pool +> show nat64 interfaces +> show nat64 bib tcp|udp|icmp +> show nat64 session table tcp|udp|icmp +> show nat64 tiemouts +> show nat64 prefix + +## Notes + +Multi thread is not supported yet (CLI/API commands are disabled when VPP runs with multiple threads). -- cgit 1.2.3-korg From c6e8c5c6581b9b9b7a4f64fe1583d641affed173 Mon Sep 17 00:00:00 2001 From: Matus Fabian Date: Wed, 23 Aug 2017 22:08:22 -0700 Subject: NAT64: Fix CLI typo (VPP-961) Change-Id: I99e2766a118754387c9f238fc1b46057ee8a23e7 Signed-off-by: Matus Fabian --- src/plugins/nat/nat64_cli.c | 6 +++--- src/plugins/nat/nat64_doc.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'src/plugins/nat/nat64_doc.md') diff --git a/src/plugins/nat/nat64_cli.c b/src/plugins/nat/nat64_cli.c index bb62ecf2..e55c4d5a 100644 --- a/src/plugins/nat/nat64_cli.c +++ b/src/plugins/nat/nat64_cli.c @@ -895,7 +895,7 @@ VLIB_CLI_COMMAND (set_nat64_timeouts_command, static) = { * @cliexpar * @cliexstart{show nat64 tiemouts} * Show NAT64 session timeouts: - * vpp# show nat64 tiemouts + * vpp# show nat64 timeouts * NAT64 session timeouts: * UDP 300sec * ICMP 60sec @@ -905,8 +905,8 @@ VLIB_CLI_COMMAND (set_nat64_timeouts_command, static) = { * @cliexend ?*/ VLIB_CLI_COMMAND (show_nat64_timeouts_command, static) = { - .path = "show nat64 tiemouts", - .short_help = "show nat64 tiemouts", + .path = "show nat64 timeouts", + .short_help = "show nat64 temeouts", .function = nat64_show_timeouts_command_fn, }; diff --git a/src/plugins/nat/nat64_doc.md b/src/plugins/nat/nat64_doc.md index f94467da..f65b4633 100644 --- a/src/plugins/nat/nat64_doc.md +++ b/src/plugins/nat/nat64_doc.md @@ -65,7 +65,7 @@ tenant-vrf: VRF id of the tenant associated with the prefix > show nat64 interfaces > show nat64 bib tcp|udp|icmp > show nat64 session table tcp|udp|icmp -> show nat64 tiemouts +> show nat64 timeouts > show nat64 prefix ## Notes -- cgit 1.2.3-korg