diff options
author | Matus Fabian <matfabia@cisco.com> | 2018-11-20 02:19:05 -0800 |
---|---|---|
committer | Matus Fabian <matfabia@cisco.com> | 2018-11-20 12:43:03 +0000 |
commit | 45ed202905131c0563fcf16aaf9538d9efcd372d (patch) | |
tree | 097ead61483a11ebad72563a4050416730672ea5 | |
parent | 6ff8790c92e36120d08f7be2052075f25506e16a (diff) |
NAT44: fix virtual fragmentation reassembly in forwarding mode (VPP-1501)
Change-Id: Id86d8aa8753b9b2ff4c709b11e3901ba8d552918
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit 111add7e5d6581bb4eca05cc862a651ff6a09792)
-rwxr-xr-x | src/plugins/nat/out2in.c | 8 | ||||
-rw-r--r-- | test/test_nat.py | 26 |
2 files changed, 34 insertions, 0 deletions
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c index c4d1fbf6900..8c013d9b074 100755 --- a/src/plugins/nat/out2in.c +++ b/src/plugins/nat/out2in.c @@ -1443,6 +1443,12 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm, node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION]; next0 = SNAT_OUT2IN_NEXT_DROP; } + else + { + reass0->flags |= NAT_REASS_FLAG_ED_DONT_TRANSLATE; + nat_ip4_reass_get_frags (reass0, + &fragments_to_loopback); + } goto trace0; } @@ -1474,6 +1480,8 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm, } else { + if (reass0->flags & NAT_REASS_FLAG_ED_DONT_TRANSLATE) + goto trace0; if (PREDICT_FALSE (reass0->sess_index == (u32) ~ 0)) { if (nat_ip4_reass_add_fragment diff --git a/test/test_nat.py b/test/test_nat.py index 22e8903caf5..bc476239975 100644 --- a/test/test_nat.py +++ b/test/test_nat.py @@ -3339,6 +3339,32 @@ class TestNAT44(MethodHolder): self.frag_in_order(proto=IP_PROTOS.udp) self.frag_in_order(proto=IP_PROTOS.icmp) + def test_frag_forwarding(self): + """ NAT44 forwarding fragment test """ + self.vapi.nat44_add_interface_addr(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) + self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index, + is_inside=0) + self.vapi.nat44_forwarding_enable_disable(1) + + data = "A" * 16 + "B" * 16 + "C" * 3 + pkts = self.create_stream_frag(self.pg1, + self.pg0.remote_ip4, + 4789, + 4789, + data, + proto=IP_PROTOS.udp) + self.pg1.add_stream(pkts) + self.pg_enable_capture(self.pg_interfaces) + self.pg_start() + frags = self.pg0.get_capture(len(pkts)) + p = self.reass_frags_and_verify(frags, + self.pg1.remote_ip4, + self.pg0.remote_ip4) + self.assertEqual(p[UDP].sport, 4789) + self.assertEqual(p[UDP].dport, 4789) + self.assertEqual(data, p[Raw].load) + def test_reass_hairpinning(self): """ NAT44 fragments hairpinning """ |