summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatus Fabian <matfabia@cisco.com>2018-11-20 02:19:05 -0800
committerDamjan Marion <dmarion@me.com>2018-11-20 11:29:29 +0000
commit111add7e5d6581bb4eca05cc862a651ff6a09792 (patch)
treeceacf2bc84e338eb919b400101112512c7f730a7
parent9162c2d2e2450b7d497ff4be002cf619009f3f9e (diff)
NAT44: fix virtual fragmentation reassembly in forwarding mode (VPP-1501)
Change-Id: Id86d8aa8753b9b2ff4c709b11e3901ba8d552918 Signed-off-by: Matus Fabian <matfabia@cisco.com>
-rwxr-xr-xsrc/plugins/nat/out2in.c8
-rw-r--r--test/test_nat.py26
2 files changed, 34 insertions, 0 deletions
diff --git a/src/plugins/nat/out2in.c b/src/plugins/nat/out2in.c
index 9cace08c565..52f2023efe1 100755
--- a/src/plugins/nat/out2in.c
+++ b/src/plugins/nat/out2in.c
@@ -1443,6 +1443,12 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm,
node->errors[SNAT_OUT2IN_ERROR_NO_TRANSLATION];
next0 = SNAT_OUT2IN_NEXT_DROP;
}
+ else
+ {
+ reass0->flags |= NAT_REASS_FLAG_ED_DONT_TRANSLATE;
+ nat_ip4_reass_get_frags (reass0,
+ &fragments_to_loopback);
+ }
goto trace0;
}
@@ -1474,6 +1480,8 @@ nat44_out2in_reass_node_fn (vlib_main_t * vm,
}
else
{
+ if (reass0->flags & NAT_REASS_FLAG_ED_DONT_TRANSLATE)
+ goto trace0;
if (PREDICT_FALSE (reass0->sess_index == (u32) ~ 0))
{
if (nat_ip4_reass_add_fragment
diff --git a/test/test_nat.py b/test/test_nat.py
index 22e8903caf5..bc476239975 100644
--- a/test/test_nat.py
+++ b/test/test_nat.py
@@ -3339,6 +3339,32 @@ class TestNAT44(MethodHolder):
self.frag_in_order(proto=IP_PROTOS.udp)
self.frag_in_order(proto=IP_PROTOS.icmp)
+ def test_frag_forwarding(self):
+ """ NAT44 forwarding fragment test """
+ self.vapi.nat44_add_interface_addr(self.pg1.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+ self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+ is_inside=0)
+ self.vapi.nat44_forwarding_enable_disable(1)
+
+ data = "A" * 16 + "B" * 16 + "C" * 3
+ pkts = self.create_stream_frag(self.pg1,
+ self.pg0.remote_ip4,
+ 4789,
+ 4789,
+ data,
+ proto=IP_PROTOS.udp)
+ self.pg1.add_stream(pkts)
+ self.pg_enable_capture(self.pg_interfaces)
+ self.pg_start()
+ frags = self.pg0.get_capture(len(pkts))
+ p = self.reass_frags_and_verify(frags,
+ self.pg1.remote_ip4,
+ self.pg0.remote_ip4)
+ self.assertEqual(p[UDP].sport, 4789)
+ self.assertEqual(p[UDP].dport, 4789)
+ self.assertEqual(data, p[Raw].load)
+
def test_reass_hairpinning(self):
""" NAT44 fragments hairpinning """