diff options
author | Matus Fabian <matfabia@cisco.com> | 2018-04-26 02:12:20 -0700 |
---|---|---|
committer | Matus Fabian <matfabia@cisco.com> | 2018-04-26 02:13:58 -0700 |
commit | 35dfedc55fe40c781278ca04789b5ecc4c56e9c2 (patch) | |
tree | 4c0ed8fad18bdd5eb7f86e2f3632e4b745d86a7a | |
parent | 159fcf40740a6b698c98cbe00b7b8b3d4d50ad43 (diff) |
NAT44: disable nat44-hairpinning feature for in-out interface (VPP-1255)
Change-Id: Icd42abf4e35db550df496592cffce655f1987d68
Signed-off-by: Matus Fabian <matfabia@cisco.com>
-rwxr-xr-x | src/plugins/nat/nat.c | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/src/plugins/nat/nat.c b/src/plugins/nat/nat.c index ab951cf407c..8e4d9df929c 100755 --- a/src/plugins/nat/nat.c +++ b/src/plugins/nat/nat.c @@ -1629,12 +1629,18 @@ int snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del) sw_if_index, 0, 0, 0); vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index, 1, 0, 0); + if (!is_inside) + vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning", + sw_if_index, 1, 0, 0); } else { vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index, 0, 0, 0); pool_put (sm->interfaces, i); + if (is_inside) + vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning", + sw_if_index, 0, 0, 0); } } else @@ -1665,6 +1671,9 @@ int snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del) sw_if_index, 0, 0, 0); vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index, 1, 0, 0); + if (!is_inside) + vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning", + sw_if_index, 0, 0, 0); goto set_flags; } @@ -1680,21 +1689,21 @@ int snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del) i->flags = 0; vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index, 1, 0, 0); + if (is_inside && !sm->out2in_dpo) + vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning", + sw_if_index, 1, 0, 0); + set_flags: if (is_inside) - i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE; + { + i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE; + return 0; + } else i->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE; /* Add/delete external addresses to FIB */ fib: - if (is_inside && !sm->out2in_dpo) - { - vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning", - sw_if_index, !is_del, 0, 0); - return 0; - } - vec_foreach (ap, sm->addresses) snat_add_del_addr_to_fib(&ap->addr, 32, sw_if_index, !is_del); @@ -2751,12 +2760,13 @@ u8 * format_snat_static_mapping (u8 * s, va_list * args) nat44_lb_addr_port_t *local; if (m->addr_only) - s = format (s, "local %U external %U vrf %d %s", + s = format (s, "local %U external %U vrf %d %s %s", format_ip4_address, &m->local_addr, format_ip4_address, &m->external_addr, m->vrf_id, m->twice_nat == TWICE_NAT ? "twice-nat" : - m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : ""); + m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : "", + m->out2in_only ? "out2in-only" : ""); else { if (vec_len (m->locals)) |