summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2018-03-07 04:57:22 -0800
committerDamjan Marion <dmarion.lists@gmail.com>2018-03-14 18:45:50 +0000
commit341b469c4ded91870ae9cfe45ddd1affa227cf14 (patch)
tree419cdf7c83b98d3050ba0434faec968e970baf5e
parentdadcc849136b6a0bcd9eb8c100695aba139b2831 (diff)
NAT44: fix nat_not_translate_output_feature for ICMP (VPP-1191)
Change-Id: I1552e1418b704fdf1f1fa2c0174313b9b82a37a3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
-rwxr-xr-xsrc/plugins/nat/in2out.c15
-rw-r--r--test/test_nat.py30
2 files changed, 35 insertions, 10 deletions
diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c
index 0792ea02b05..fae930b607f 100755
--- a/src/plugins/nat/in2out.c
+++ b/src/plugins/nat/in2out.c
@@ -251,14 +251,13 @@ snat_not_translate (snat_main_t * sm, vlib_node_runtime_t *node,
static inline int
nat_not_translate_output_feature (snat_main_t * sm, ip4_header_t * ip0,
- u32 proto0, u32 thread_index)
+ u32 proto0, u16 src_port, u32 thread_index)
{
- udp_header_t * udp0 = ip4_next_header (ip0);
snat_session_key_t key0;
clib_bihash_kv_8_8_t kv0, value0;
key0.addr = ip0->src_address;
- key0.port = udp0->src_port;
+ key0.port = src_port;
key0.protocol = proto0;
key0.fib_index = sm->outside_fib_index;
kv0.key = key0.as_u64;
@@ -516,7 +515,7 @@ u32 icmp_match_in2out_slow(snat_main_t *sm, vlib_node_runtime_t *node,
if (vnet_buffer(b0)->sw_if_index[VLIB_TX] != ~0)
{
if (PREDICT_FALSE(nat_not_translate_output_feature(sm,
- ip0, IP_PROTOCOL_ICMP, thread_index)))
+ ip0, SNAT_PROTOCOL_ICMP, key0.port, thread_index)))
{
dont_translate = 1;
goto out;
@@ -525,7 +524,7 @@ u32 icmp_match_in2out_slow(snat_main_t *sm, vlib_node_runtime_t *node,
else
{
if (PREDICT_FALSE(snat_not_translate(sm, node, sw_if_index0,
- ip0, IP_PROTOCOL_ICMP, rx_fib_index0, thread_index)))
+ ip0, SNAT_PROTOCOL_ICMP, rx_fib_index0, thread_index)))
{
dont_translate = 1;
goto out;
@@ -1546,7 +1545,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
if (is_output_feature)
{
if (PREDICT_FALSE(nat_not_translate_output_feature(sm,
- ip0, proto0, thread_index)))
+ ip0, proto0, udp0->src_port, thread_index)))
goto trace00;
}
else
@@ -1734,7 +1733,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
if (is_output_feature)
{
if (PREDICT_FALSE(nat_not_translate_output_feature(sm,
- ip1, proto1, thread_index)))
+ ip1, proto1, udp1->src_port, thread_index)))
goto trace00;
}
else
@@ -1954,7 +1953,7 @@ snat_in2out_node_fn_inline (vlib_main_t * vm,
if (is_output_feature)
{
if (PREDICT_FALSE(nat_not_translate_output_feature(sm,
- ip0, proto0, thread_index)))
+ ip0, proto0, udp0->src_port, thread_index)))
goto trace0;
}
else
diff --git a/test/test_nat.py b/test/test_nat.py
index aeeb5aa2bd5..c89180609fe 100644
--- a/test/test_nat.py
+++ b/test/test_nat.py
@@ -1381,10 +1381,36 @@ class TestNAT44(MethodHolder):
self.logger.error(ppp("Unexpected or invalid packet:", p))
raise
- # multiple clients
+ @unittest.skipUnless(running_extended_tests(), "part of extended tests")
+ def test_static_lb_multi_clients(self):
+ """ NAT44 local service load balancing - multiple clients"""
+
+ external_addr_n = socket.inet_pton(socket.AF_INET, self.nat_addr)
+ external_port = 80
+ local_port = 8080
+ server1 = self.pg0.remote_hosts[0]
+ server2 = self.pg0.remote_hosts[1]
+
+ locals = [{'addr': server1.ip4n,
+ 'port': local_port,
+ 'probability': 90},
+ {'addr': server2.ip4n,
+ 'port': local_port,
+ 'probability': 10}]
+
+ self.nat44_add_address(self.nat_addr)
+ self.vapi.nat44_add_del_lb_static_mapping(external_addr_n,
+ external_port,
+ IP_PROTOS.tcp,
+ local_num=len(locals),
+ locals=locals)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
+
server1_n = 0
server2_n = 0
- clients = ip4_range(self.pg1.remote_ip4, 10, 20)
+ clients = ip4_range(self.pg1.remote_ip4, 10, 50)
pkts = []
for client in clients:
p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) /