summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat.c
AgeCommit message (Collapse)AuthorFilesLines
2018-04-09NAT44: don't add static mapping to resolution vector if failed (VPP-1225)Matus Fabian1-3/+27
Change-Id: I71660eb327124179ff200763c4743cc81dc6e1c6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-04NAT added FIB entries have a preference lower than API/CLINeale Ranns1-6/+6
Change-Id: Ia99490180683e8649784f7d9d18c509c3ca78438 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-04NAT44: prohibit multiple static mappings for a single local address (VPP-1224)Matus Fabian1-0/+11
Change-Id: I32b30210c2f1aec10a1b614d04f427662326a3d2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-04NAT44: fix static mapping for DHCP addressed interface deleting (VPP-1223)Matus Fabian1-4/+92
Change-Id: Ifb4d23059b7989c32a52eaf0c25c275b35e83010 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-28NAT44: make 1:1NAT for DHCP addressed interface persistentMatus Fabian1-22/+53
Static mapping is not deleted from resolution vector after address is set on interface. Change-Id: Ib7c45ca2e307123d101248c5a1b17d130ac32cd0 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-28NAT44: fix nat44_user_session_dump and nat44_del_session crash with one ↵Matus Fabian1-1/+1
worker (VPP-1213) Change-Id: I8e0c7ed2ff462b9ab59c233f56be262ec03c29ff Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-21NAT44: fix removal of LB static mappings with same local address and port ↵Matus Fabian1-5/+35
pair (VPP-1199) Change-Id: Iad8c626e83bbc58d5c85b6736f5a3dd5bc9ceafb Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-07NAT44: allow to configure one interface only as output or input feature ↵Matus Fabian1-0/+12
(VPP-1192) following is not possible: set interface nat44 out GigabitEthernet0/3/0 output-feature set interface nat44 out GigabitEthernet0/3/0 Change-Id: I1592cc18390881fda66f98316700886b8f5295f0 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-02-14NAT44: run NAT nodes after ACL (VPP-1160)Matus Fabian1-15/+15
NAT input features run after acl-plugin-in-ip4-fa NAT output features run after acl-plugin-out-ip4-fa Change-Id: I1e4487a0d6fdb99a90b8db640d9ad0e0eb7347a5 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-31NAT66 1:1 mapping (VPP-1108)Matus Fabian1-0/+3
Support the 1:1 translation of source address for IPv6 Change-Id: I934d18e5ec508bf7422d796ee5f172b79c048011 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-31NAT44: in2out output feature skip translation for already translated packets ↵Matus Fabian1-1/+1
(VPP-1156) Change-Id: I5395245c9e49f741a949ada1f725c34f9379c249 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-31NAT44: Delete dynamic sessions matching new 1:1NAT (VPP-1158)Matus Fabian1-8/+52
Change-Id: Ib99b597502b8335e57ecfa122b12e2e5aa45ee1a Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-30NAT: replace format_vnet_sw_interface_name with format_vnet_sw_if_index_name ↵Matus Fabian1-5/+3
(VPP-1149) Avoid crash when interface was deleted. Change-Id: I2ac3031c13ca5ad3360495e1c4cb90b0002be5ff Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-25NAT44: add opaque string tag to static mapping APIs (VPP-1147)Matus Fabian1-6/+14
Change-Id: I620e2081285ca8ac5c2da8efc12fe6f540ea4fd1 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-25NAT: nat.c refactor (split out CLI) (VPP-1140)Matus Fabian1-1546/+9
Moved CLI from nat.c to nat44_cli.c Split "show nat44" to: show nat44 addresses show nat44 interfaces show nat44 static mappings show nat44 interface address show nat44 sessions detail show nat44 deterministic mappings show nat44 deterministic timeouts show nat44 deterministic sessions show nat workers Change-Id: I2d1be8941dd0e4a9e037f4a4d2cd192389beb8ed Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-24NAT44: asymmetrical static mapping and one-armed NAT (VPP-1138)Matus Fabian1-1/+10
One-armed NAT should work for asymmetrical static mappings without adding external address to the NAT44 pool. Change-Id: Ie886b75b55c3b552d1029a50bd967625fde80f09 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-23NAT44: Fix interface feature removal.Milan Lenco1-3/+14
Change-Id: Ie7cd809f30decc36cb8e1f4d8acc4b41f17cd390 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2018-01-22NAT44: asymmetrical static mapping rule (VPP-1135)Matus Fabian1-18/+28
add option to NAT44 static mapping API/CLI to make rule asymmetrical (rule match only out2in direction) Change-Id: If262a3ff375a24d3059f0de1f1ac387a4fe09475 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-11NAT44: asymmetrical load balancing static mapping rule (VPP-1132)Matus Fabian1-15/+25
Add option to NAT44 load balancing static mapping API/CLI to make rule asymmetrical (rule match only in out2in direction). Change-Id: I325ecef5591e4bf44ce4469a24d44fe56c3bb2e9 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-11Add basic support for DS-Lite CE (VPP-1059)Juraj Sloboda1-0/+3
Change-Id: Ifcca60da3f77c0a4959f98b3365c846badbdc2d0 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-08NAT: fixed get_worker_out2in bug (VPP-1116)Matus Fabian1-2/+6
Change-Id: I5e080d69f28661cc0b1846885d5001526b54fbd9 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-05Add support for 464XLAT NAT44 mode (VPP-1045)Juraj Sloboda1-7/+42
Change-Id: I24e7a26972bbbfcea100292b212b29ae7a349335 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-12-21VPP-1109 Fix loop for some CLI (code review)Swarup Nayak1-0/+1
Change-Id: I518387ab479bee4778d45a33c95f7b0f72aa1b72 Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
2017-12-20Translate matching packets using NAT (VPP-1069)Juraj Sloboda1-0/+68
Add API function which enables forwarding of packets not matching existing translation or static mapping instead of dropping them. When forwarding is enabled matching packets will be translated while non-matching packets will be forwarded without translation. Change-Id: Ic13040cbad16d3a1ecdc3e02a497171bef6aa413 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-12-19NAT: Twice NAT44 (VPP-969)Matus Fabian1-192/+508
Translation of both source and destination addresses and ports for 1:1 NAT session initiated from outside network (ExternalIP K8 use case). Change-Id: Ic0000497cf71619aac996d6d580844f0ea0edc14 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-18Fix nat44 identity mappingDave Barach1-0/+5
Set l_addr to the interface address if the interface address is known when the identity mapping is created. Change-Id: I61af0f5248c9d86d23a24457b342b2e1fb4ac726 Signed-off-by: Dave Barach <dave@barachs.net>
2017-12-13NAT64: multi-thread support (VPP-891)Matus Fabian1-27/+95
Change-Id: Iebf859b6d86482e4465423bad598eecf87e53ec4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-11call unformat_free in some flow, remove unnecessary callsSwarup Nayak1-8/+0
Change-Id: I565277eafbce3d4f59a7f0d497fca1c4fed3cfc8 Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
2017-11-30NAT44: identity NAT (VPP-1073)Matus Fabian1-5/+105
Identity mapping translate an IP address to itself. Change-Id: Icc0ca5102d32547a4b0c75720b5f5bf41ed69c71 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-09Port restricted NAT44 (VPP-1048)Matus Fabian1-8/+136
For the MAP-E CE limit port choice based on PSID CLI: nat44 addr-port-assignment-alg map-e psid <n> psid-offset <n> psid-len <n> Change-Id: Iecceee61fca372cb5790c16993a82fbdc9930f0f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-07SNAT: IP fragmentation (VPP-890)Matus Fabian1-1/+7
Translation of fragmented packets. Change-Id: I9b1f2e9433ce273638080f32c2d3bff39c49899d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-07NAT: DS-Lite (VPP-1040)Matus Fabian1-13/+20
Dual-Stack Lite enables a broadband service provider to share IPv4 addresses among customers by combining two well-known technologies: IPv4-in-IPv6 and NAT. Change-Id: I039740f8548c623cd1ac89b8ecda1a6cc4aafb9c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-26NAT: delete session API/CLI (VPP-1041)Matus Fabian1-0/+113
Administratively delete NAT44 session for specific inside/outside addresses and port pair. Change-Id: If5ab500ac3592c7153d6d8f2cc0297df7309fbc3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-25One armed NAT (VPP-1035)Matus Fabian1-16/+250
Use a single physical interface in order to accomplish NAT44/NAT64. Change-Id: I0c8138953a7a4075df306172e125abad771315e4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-14NAT: fix delete of sessions for 1:1 NAT if 1 worker (VPP-1023)Matus Fabian1-1/+1
Change-Id: I2446c646de7f227f9438dd7ef93a455ba5af0102 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-09NAT: hairpinning rework (VPP-1003)Matus Fabian1-1/+13
Change-Id: I7c6911cd6ac366fe62675fd0ff8b0246a25ea1db Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-26NAT: remove worker_by_in lookup hash table (VPP-992)Matus Fabian1-73/+18
Change-Id: I3873d3e411bf93cac82e73a0b8e3b22563aaf217 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-26Memory overwritten when using unformat %u (VPP-987)Aequitas1-7/+7
Change-Id: I7d8f807fb502d61688aa1dee25fa4edcbeb32f41 Signed-off-by: Aequitas <wang.junqi@zte.com.cn>
2017-09-25NAT: session number limitation to avoid running out of memory crash (VPP-984)Matus Fabian1-0/+2
Change-Id: I7f18f8c4ba609d96950dc1f833feb967d4a099b7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-21NAT: remove worker_by_out lookup hash table (VPP-989)Matus Fabian1-71/+99
Change-Id: Ibcd2cf22348ae5a72770a8f8ad25cbe8df7fd390 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: move session and user lookup tables to per thread data (VPP-986)Matus Fabian1-38/+55
Change-Id: I41a51bb36e31e05c76fef0b34fe006afbee27729 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-13NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian1-1/+1
generated random ports overlap between threads Change-Id: I7a13785e3f98b87e475426b0bd7f6bf2d9c1336c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-13nat lb: del lb static mapping existed vec mem leak(VPP-983)flyingeagle231-0/+1
Change-Id: Id7306b432a33bb0fa594b6949e65ca528d8c0916 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian1-6/+24
Change-Id: I6c5eccd4193c44604da3fd27c108defe71b38a4b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-12Fix issue in nat Bisearch algorithm (VPP-980)flyingeagle231-1/+1
Change-Id: I39b1d1ec6fb9a10e2a0e67d36b01c0bf2522d07f Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12nat lb mapping command existed array out of bounds(VPP-979)flyingeagle231-1/+2
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-11FIB table add/delete APINeale Ranns1-6/+11
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-07NAT: fixed bug in snat_get_worker_out2in_cb (VPP-832)Matus Fabian1-0/+2
Change-Id: Id9c977634a1259865e3403ba0d90aecaca85207d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-06NAT: Destination NAT44 with load-balancing (VPP-954)Matus Fabian1-31/+399
added load-balancing static mappings with unequal load support Change-Id: Ie505e41f24d46f812b94dd28bdafe3dc170a6060 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-08-29Fix some issue of comment and help for nat featureHongjun Ni1-3/+3
Change-Id: I9233e427b5f8874492fefb2bfe7c1ab329e366b2 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>