summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
AgeCommit message (Collapse)AuthorFilesLines
2018-01-24NAT44: asymmetrical static mapping and one-armed NAT (VPP-1138)Matus Fabian1-1/+10
One-armed NAT should work for asymmetrical static mappings without adding external address to the NAT44 pool. Change-Id: Ie886b75b55c3b552d1029a50bd967625fde80f09 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-23VPPAPIGEN: vppapigen replacement in Python PLY.Ole Troan1-1/+1
This is a version of the VPP API generator in Python PLY. It supports the existing language, and has a plugin architecture for generators. Currently C and JSON are supported. Changes: - vl_api_version to option version = "major.minor.patch" - enum support - Added error checking and reporting - import support (removed the C pre-processor) - services (tying request/reply together) Version: option version = "1.0.0"; Enum: enum colours { RED, BLUE = 50, }; define foo { vl_api_colours_t colours; }; Services: service { rpc foo returns foo_reply; rpc foo_dump returns stream foo_details; rpc want_stats returns want_stats_reply events ip4_counters, ip6_counters; }; Future planned features: - unions - bool, text - array support (including length) - proto3 output plugin - Refactor C/C++ generator as a plugin - Refactor Java generator as a plugin Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf Signed-off-by: Ole Troan <ot@cisco.com>
2018-01-23NAT44: Fix interface feature removal.Milan Lenco1-3/+14
Change-Id: Ie7cd809f30decc36cb8e1f4d8acc4b41f17cd390 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2018-01-22NAT44: asymmetrical static mapping rule (VPP-1135)Matus Fabian4-24/+40
add option to NAT44 static mapping API/CLI to make rule asymmetrical (rule match only out2in direction) Change-Id: If262a3ff375a24d3059f0de1f1ac387a4fe09475 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-11api: remove transport specific code from handlersFlorin Coras1-117/+126
This does not update api client code. In other words, if the client assumes the transport is shmem based, this patch does not change that. Furthermore, code that checks queue size, for tail dropping, is not updated. Done for the following apis: Plugins - acl - gtpu - memif - nat - pppoe VNET - bfd - bier - tapv2 - vhost user - dhcp - flow - geneve - ip - punt - ipsec/ipsec-gre - l2 - l2tp - lisp-cp/one-cp - lisp-gpe - map - mpls - policer - session - span - udp - tap - vxlan/vxlan-gpe - interface VPP - api/api.c OAM - oam_api.c Stats - stats.c Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-11NAT44: asymmetrical load balancing static mapping rule (VPP-1132)Matus Fabian5-22/+38
Add option to NAT44 load balancing static mapping API/CLI to make rule asymmetrical (rule match only in out2in direction). Change-Id: I325ecef5591e4bf44ce4469a24d44fe56c3bb2e9 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-11Add basic support for DS-Lite CE (VPP-1059)Juraj Sloboda10-12/+680
Change-Id: Ifcca60da3f77c0a4959f98b3365c846badbdc2d0 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-09api: refactor vlibmemoryFlorin Coras1-46/+35
- separate client/server code for both memory and socket apis - separate memory api code from generic vlib api code - move unix_shared_memory_fifo to svm and rename to svm_fifo_t - overall declutter Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-08NAT64: IPFix (VPP-1106)Matus Fabian7-23/+1337
Change-Id: Ib90dc5613c9fdac0344b3bd7f163e2f7163c64d8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-08NAT: fixed get_worker_out2in bug (VPP-1116)Matus Fabian2-4/+12
Change-Id: I5e080d69f28661cc0b1846885d5001526b54fbd9 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-05Add support for 464XLAT NAT44 mode (VPP-1045)Juraj Sloboda6-7/+165
Change-Id: I24e7a26972bbbfcea100292b212b29ae7a349335 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-03NAT64: free port when dynamic BIB deleted (VPP-1107)v18.04-rc0Matus Fabian6-39/+46
Change-Id: Id897ed61a26a4069678ed4ddac1ba28bf32809c3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-21VPP-1109 Fix loop for some CLI (code review)Swarup Nayak1-0/+1
Change-Id: I518387ab479bee4778d45a33c95f7b0f72aa1b72 Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
2017-12-20Translate matching packets using NAT (VPP-1069)Juraj Sloboda6-48/+238
Add API function which enables forwarding of packets not matching existing translation or static mapping instead of dropping them. When forwarding is enabled matching packets will be translated while non-matching packets will be forwarded without translation. Change-Id: Ic13040cbad16d3a1ecdc3e02a497171bef6aa413 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-12-19NAT: Twice NAT44 (VPP-969)Matus Fabian6-783/+821
Translation of both source and destination addresses and ports for 1:1 NAT session initiated from outside network (ExternalIP K8 use case). Change-Id: Ic0000497cf71619aac996d6d580844f0ea0edc14 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-18NAT: Add performance testing TRex scripts and config (VPP-832)Matus Fabian13-0/+426
Change-Id: I149a20f183b836db4c32fb4e4a8438b3a14c1c26 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-18Fix nat44 identity mappingDave Barach1-0/+5
Set l_addr to the interface address if the interface address is known when the identity mapping is created. Change-Id: I61af0f5248c9d86d23a24457b342b2e1fb4ac726 Signed-off-by: Dave Barach <dave@barachs.net>
2017-12-14NAT64: fix coverity (VPP-1032)Matus Fabian2-0/+4
CIDs 180713 and 180714 Change-Id: Ia4856d1a62f176e99983f8c82eaa09d5df9d4ca5 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-13NAT64: multi-thread support (VPP-891)Matus Fabian15-505/+1263
Change-Id: Iebf859b6d86482e4465423bad598eecf87e53ec4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-13NAT: DS-Lite AFTR tunnel endpoint address respond to ICMPv6 echo request ↵Matus Fabian1-3/+8
(VPP-1090) Change-Id: I361c043979274eac1aefcd95abdf1624a3ef2756 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-12-11call unformat_free in some flow, remove unnecessary callsSwarup Nayak1-8/+0
Change-Id: I565277eafbce3d4f59a7f0d497fca1c4fed3cfc8 Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
2017-11-30NAT44: identity NAT (VPP-1073)Matus Fabian3-7/+301
Identity mapping translate an IP address to itself. Change-Id: Icc0ca5102d32547a4b0c75720b5f5bf41ed69c71 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-30Fix variable mismatchJuraj Sloboda1-1/+1
Change-Id: Iae2f9f9652cecdf7e754700b2fe107ad61ff8ff9 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-11-29NAT: Remove old SNAT API (VPP-1070)Matus Fabian3-2114/+221
Change-Id: I3d936d456ee27b2e0857843295efb60a9f2d0be7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-13NAT: Buufer overflow for memcpy()Ole Troan1-3/+2
Change-Id: I11d1f9507d429ad8b25e9873272ede231623e622 Signed-off-by: Ole Troan <ot@cisco.com>
2017-11-09Port restricted NAT44 (VPP-1048)Matus Fabian2-8/+149
For the MAP-E CE limit port choice based on PSID CLI: nat44 addr-port-assignment-alg map-e psid <n> psid-offset <n> psid-len <n> Change-Id: Iecceee61fca372cb5790c16993a82fbdc9930f0f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-08NAT64 to use IPv4 address from interface (VPP-1051)Matus Fabian5-0/+217
Change-Id: I326429c31dea6958a342ee152ef86cb975f4b12c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-07SNAT: IP fragmentation (VPP-890)Matus Fabian12-33/+2998
Translation of fragmented packets. Change-Id: I9b1f2e9433ce273638080f32c2d3bff39c49899d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-07NAT: DS-Lite (VPP-1040)Matus Fabian12-23/+1630
Dual-Stack Lite enables a broadband service provider to share IPv4 addresses among customers by combining two well-known technologies: IPv4-in-IPv6 and NAT. Change-Id: I039740f8548c623cd1ac89b8ecda1a6cc4aafb9c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-03NAT64: Input feature arc on virtual interface via interface RX DPO.Ole Troan1-2/+44
Change-Id: If2048c7d72048679bc5d0412f3fae109926f759e Signed-off-by: Ole Troan <ot@cisco.com>
2017-11-01nat plugin - fix test logicGabriel Ganne1-1/+1
warning found by clang: warning: logical not is only applied to the left hand side of this bitwise operator [-Wlogical-not-parentheses] Change-Id: I964651a4444b11da145edc329da83675cd830f78 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-26NAT: delete session API/CLI (VPP-1041)Matus Fabian4-0/+172
Administratively delete NAT44 session for specific inside/outside addresses and port pair. Change-Id: If5ab500ac3592c7153d6d8f2cc0297df7309fbc3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-25One armed NAT (VPP-1035)Matus Fabian8-33/+289
Use a single physical interface in order to accomplish NAT44/NAT64. Change-Id: I0c8138953a7a4075df306172e125abad771315e4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-14NAT: fix delete of sessions for 1:1 NAT if 1 worker (VPP-1023)Matus Fabian1-1/+1
Change-Id: I2446c646de7f227f9438dd7ef93a455ba5af0102 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-09vppapigen: support per-file (major,minor,patch) version stampsDave Barach1-0/+3
Add one of these statements to foo.api: vl_api_version 1.2.3 to generate a version tuple stanza in foo.api.h: /****** Version tuple *****/ vl_api_version_tuple(foo, 1, 2, 3) Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Ole Troan <ot@cisco.com>
2017-10-09NAT: hairpinning rework (VPP-1003)Matus Fabian2-14/+114
Change-Id: I7c6911cd6ac366fe62675fd0ff8b0246a25ea1db Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-09NAT: fixed ICMP broken translation for GRE tunnel interface (VPP-1008)Matus Fabian3-31/+27
Change-Id: Ie3245b96c511cc30915e70e8c881f445291a38c2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-03Repair vlib API socket serverDave Barach2-2/+2
- Teach vpp_api_test to send/receive API messages over sockets - Add memfd-based shared memory - Add api messages to create memfd-based shared memory segments - vpp_api_test supports both socket and shared memory segment connections - vpp_api_test pivot from socket to shared memory API messaging - add socket client support to libvlibclient.so - dead client reaper sends ping messages, container-friendly - dead client reaper falls back to kill (<pid>, 0) live checking if e.g. a python app goes silent for tens of seconds - handle ping messages in python client support code - teach show api ring about pairwise shared-memory segments - fix ip probing of already resolved destinations (VPP-998) We'll need this work to implement proper host-stack client isolation Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-26NAT: remove worker_by_in lookup hash table (VPP-992)Matus Fabian4-97/+30
Change-Id: I3873d3e411bf93cac82e73a0b8e3b22563aaf217 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-26Memory overwritten when using unformat %u (VPP-987)Aequitas3-19/+19
Change-Id: I7d8f807fb502d61688aa1dee25fa4edcbeb32f41 Signed-off-by: Aequitas <wang.junqi@zte.com.cn>
2017-09-25NAT: session number limitation to avoid running out of memory crash (VPP-984)Matus Fabian4-38/+120
Change-Id: I7f18f8c4ba609d96950dc1f833feb967d4a099b7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-21NAT: remove worker_by_out lookup hash table (VPP-989)Matus Fabian3-133/+120
Change-Id: Ibcd2cf22348ae5a72770a8f8ad25cbe8df7fd390 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: don't call ipfix rpc when disabled (VPP-988)Matus Fabian1-168/+181
Change-Id: Id98b523f7b20f82291a34e73762978fa65e24140 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: move session and user lookup tables to per thread data (VPP-986)Matus Fabian5-110/+151
Change-Id: I41a51bb36e31e05c76fef0b34fe006afbee27729 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-15Modify return value of snat_out2in_lb(VPP-985)dongjuan2-10/+12
in order to trace session_index Change-Id: I4433155fbe21635f8a997523e2c7900c6a7569af Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-09-13NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian1-1/+1
generated random ports overlap between threads Change-Id: I7a13785e3f98b87e475426b0bd7f6bf2d9c1336c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-13nat lb: del lb static mapping existed vec mem leak(VPP-983)flyingeagle231-0/+1
Change-Id: Id7306b432a33bb0fa594b6949e65ca528d8c0916 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian3-9/+29
Change-Id: I6c5eccd4193c44604da3fd27c108defe71b38a4b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-12Fix issue in nat Bisearch algorithm (VPP-980)flyingeagle231-1/+1
Change-Id: I39b1d1ec6fb9a10e2a0e67d36b01c0bf2522d07f Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12nat lb mapping command existed array out of bounds(VPP-979)flyingeagle231-1/+2
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>