Age | Commit message (Collapse) | Author | Files | Lines |
|
session synchronization so that we can build a plain active-passive HA NAT pair
Change-Id: I21db200491081ca46b7af3e82afc677c1985abf4
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
use address_t and mac_address_t for IPv6 and ARP entries
and all other API calls in ip.api aprat from the route ones,
that will follow in a separate commit
Change-Id: I67161737c2184d3f8fc1e79ebd2b55121c5b0191
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I4e93073ceb7b75476e847ae8d56301770c8b264f
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Change-Id: I25c86aea23dff19656449b23133db27b1f062ac0
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I41a82e21571d5c64d01af72cd88c3983afac26ed
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
The runnning environment is static as of module load time,
so only evalute the conditions once at module load time.
Track-by: VPP-1518
Change-Id: I73b0d17ae1ff90789e70307f168d43921829aec8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Change-Id: I5419e06592b0402e911e132796368800321f355a
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change the definition of vl_api_mac_address_t to an aliased type.
Change-Id: I1434f316d0fad6a099592f39bceeb8faeaf1d134
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I5d1852a09712adfe7547c200d161539736aca6f5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Add 2/3 support to binarytomac and mactobinary and move to vpp_mac.py
Change-Id: I3dc7e4a24486aee22140c781aae7e44e58935877
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
self.assertTrue(packet.haslayer(msg_type))
File "/usr/lib/python2.7/unittest/case.py", line 422, in assertTrue
raise self.failureException(msg)
AssertionError: 0 is not true
* Scapy packet.haslayer() returns 1 or 0.
Replace with assertEqual(packet.haslayer(), 1) to fix tracebacks.
* Scapy has multiple layers called TCP/UDP
Specify the module name to prevent namespace collisions.
* Remove duplicate import.
Change-Id: I600f9f330075cd40e1da50f8b2ceb24f645f2c20
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Change-Id: I6e0b7cf37c1a9ac66f8ac011db29504e57844ee9
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Use assert(Not)Equal()
Use assert{Greater,Less}[Equal]
Change-Id: I7c14570b8dce463ee13a67e9c1f10beb1a0308a8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Change-Id: Iab506f127136c94a641df31ded108016de26260b
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Ic751fecc4a060eedcdb9eaf5d02e1416c838fd63
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
RFC7857 section 2.2.
Change-Id: I031af5fe379b72262e83fd8565c34fa1b772f2c8
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Id86d8aa8753b9b2ff4c709b11e3901ba8d552918
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: If8c883d6b1ee58de9a03012d3567ec82211a0225
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I8006bca02948d9121f474a3d14f0576747bb3c51
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Ic4affc54d15d08b9b730f6ec6146ee053b28b4b6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I39a3146a4e4ba8eadf50af7113b9ae6b1c1d688f
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I630f3da1ea4e6e50a50f1352c097becef1efe3c0
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I36ece2ef2eaef9fa559d69ec7f7f07e7c16a7a9d
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
NAT plugin changes the MSS value in TCP SYN packets to avoid fragmentation.
If the negotiated MSS value is greater than the configured value it is changed
to the configured value. If the negotiated MSS value is smaller than the
configured value it remains unchanged.
Change-Id: Ic3c4f94a2f1b76e2bf79f50f3ad36a4097f3f188
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
All fragments should be dropped when max_frag is 1 and 2 non-initial fragments are received before first fragment.
Change-Id: Id0c968f45629698e347e8226c5926f27b48b82d6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
"assertEqual(len(capture), <expected packet count>)" no more needed since it is done by get_capture
Change-Id: I1cbe223cf55198cec946b8ea0883f2a4fa632005
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I6882b6daa05db866fe6e78a62b380ec331507f74
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Enable client-IP based session affinity per LB NAT rule with specific timeout.
Change-Id: I9aade152e330218d21dfda99cc5e984d769ab806
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
NAT44 (vanilla/simple and endpoint-dependent mode) now lazily delete expired
sessions. When inserting to session lookup hash and bucket is full, expired
session is overwritten.
Change-Id: Ib1b34959f60f0ca4f5b13525b1d41dd2f992288d
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I85383e428cb54c4c09ab387811dd6390f7c61d97
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Use rx_fib_index instead of sm->inside_fib_index for session lookup key.
Change-Id: I2d6cce5b9376fa8ac4d75a9bbfa8498be0fd1493
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Add missing call of nat64_tcp_session_set_state to set TCP session state.
Change-Id: Ifd297ea3ffe20870e1e34a95449b5c9404ec13eb
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I756e3ad3de9ffe1494221ef95c1943c8591f8f50
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Add support for local backends in multiple VRFs for load-balancing NAT rules.
Change-Id: I64e6818bd67a7e69985003498cf1f16f7200c334
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I5009fcfde5c627d59dea3edda15486b9392134a2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I56eb15f8fd2d3049845287dc3df7870582764f8b
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Ieb8020f57ed5ad20daf552cd62ae3fdd8c573926
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: Iddb0b848c53da03116524e203c7112c82b401ac5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
To enable NAT plugin endpoint dependent mode add following to statrup config:
nat { endpoint-dependent }
Enable endpoint dependent filtering and mapping for all sessions.
Move some existing functionality such as service load balancing, twice nat,
out2in-only static mappings and unknown protocol dynamic translations, which
use endpoint dependent lookup hash tables before. Basically split to vanilla
NAT44 and extra features NAT44.
Change-Id: I3925eb5ddcc8f1ec4cf6af4e2a618a7ec7aa9735
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I088163f10ae5515d7a9115781cc13ef563fafed5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I484d79000c1bbd87ff83847cf567bf3414a719d3
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: If9cc7c5e32ebecff398fd38b39e8f485754a4ad4
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Id25b447bddccb7b321123e4abc4134e7261a0807
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I6306b81e0e1c3e1c591f929a76bb265c1c1d0859
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Iba1cc1179ee80478e29888790a6476571d1904dc
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I228728bacfca6056dc409a96de1bffb9cadcd3e6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
When enabled then Twice-NAT is applied only when
source IP equals destination IP after DNAT
Change-Id: I58a9d1d222b2a10c83eafffb2107f32c1b4aa3a8
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: Id5a2a90d81cc9cb87cb6fb89ac2f4ca3cbcb51e2
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Static mapping is not deleted from resolution vector after address is set on
interface.
Change-Id: Ib7c45ca2e307123d101248c5a1b17d130ac32cd0
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Do not translate packet which go out via nat44-in2out-output and was tranlated
in nat44-out2in before. On way back forward packet to nat44-in2out node.
Change-Id: I934d69856f0178c86ff879bc691c9e074b8485c8
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|