From 5d28c7afbc0abd172d0053768b2ebe37b7a6c348 Mon Sep 17 00:00:00 2001
From: Matus Fabian <matfabia@cisco.com>
Date: Tue, 4 Sep 2018 03:55:45 -0700
Subject: NAT: add support for configurable port range (VPP-1346)

Change-Id: I6882b6daa05db866fe6e78a62b380ec331507f74
Signed-off-by: Matus Fabian <matfabia@cisco.com>
---
 test/test_nat.py          | 35 ++++++++++++++++++++++++++++++++---
 test/vpp_papi_provider.py | 30 ++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+), 3 deletions(-)

(limited to 'test')

diff --git a/test/test_nat.py b/test/test_nat.py
index 73e414ad1ae..6152a7eadf4 100644
--- a/test/test_nat.py
+++ b/test/test_nat.py
@@ -138,6 +138,7 @@ class MethodHolder(VppTestCase):
         self.vapi.nat_set_reass(is_ip6=1)
         self.verify_no_nat44_user()
         self.vapi.nat_set_timeouts()
+        self.vapi.nat_set_addr_and_port_alloc_alg()
 
     def nat44_add_static_mapping(self, local_ip, external_ip='0.0.0.0',
                                  local_port=0, external_port=0, vrf_id=0,
@@ -3098,8 +3099,10 @@ class TestNAT44(MethodHolder):
         self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
         self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
                                                   is_inside=0)
-        self.vapi.cli("nat addr-port-assignment-alg map-e psid 10 "
-                      "psid-offset 6 psid-len 6")
+        self.vapi.nat_set_addr_and_port_alloc_alg(alg=1,
+                                                  psid_offset=6,
+                                                  psid_length=6,
+                                                  psid=10)
 
         p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
              IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /
@@ -3122,6 +3125,31 @@ class TestNAT44(MethodHolder):
             self.logger.error(ppp("Unexpected or invalid packet:", p))
             raise
 
+    def test_port_range(self):
+        """ External address port range """
+        self.nat44_add_address(self.nat_addr)
+        self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
+        self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index,
+                                                  is_inside=0)
+        self.vapi.nat_set_addr_and_port_alloc_alg(alg=2,
+                                                  start_port=1025,
+                                                  end_port=1027)
+
+        pkts = []
+        for port in range(0, 5):
+            p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) /
+                 IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /
+                 TCP(sport=1125 + port))
+            pkts.append(p)
+        self.pg0.add_stream(pkts)
+        self.pg_enable_capture(self.pg_interfaces)
+        self.pg_start()
+        capture = self.pg1.get_capture(3)
+        for p in capture:
+            tcp = p[TCP]
+            self.assertGreaterEqual(tcp.sport, 1025)
+            self.assertLessEqual(tcp.sport, 1027)
+
     def test_ipfix_max_frags(self):
         """ IPFIX logging maximum fragments pending reassembly exceeded """
         self.nat44_add_address(self.nat_addr)
@@ -3290,7 +3318,8 @@ class TestNAT44(MethodHolder):
             self.logger.info(self.vapi.cli("show nat virtual-reassembly"))
             self.logger.info(self.vapi.cli("show nat44 hash tables detail"))
             self.logger.info(self.vapi.cli("show nat timeouts"))
-            self.vapi.cli("nat addr-port-assignment-alg default")
+            self.logger.info(
+                self.vapi.cli("show nat addr-port-assignment-alg"))
             self.clear_nat44()
             self.vapi.cli("clear logging")
 
diff --git a/test/vpp_papi_provider.py b/test/vpp_papi_provider.py
index e0d55c16cee..9a3a9741ed9 100644
--- a/test/vpp_papi_provider.py
+++ b/test/vpp_papi_provider.py
@@ -1797,6 +1797,36 @@ class VppPapiProvider(object):
         """
         return self.api(self.papi.nat_get_timeouts, {})
 
+    def nat_set_addr_and_port_alloc_alg(
+            self,
+            alg=0,
+            psid_offset=0,
+            psid_length=0,
+            psid=0,
+            start_port=0,
+            end_port=0):
+        """Set address and port assignment algorithm
+
+        :param alg: algorithm: 0 - default, 1 - MAP-E, 2 - port range
+        :param psid_offset: number of offset bits (valid only for MAP-E alg)
+        :param psid_length: length of PSID (valid only for MAP-E alg)
+        :param psid: Port Set Identifier value (valid only for MAP-E alg)
+        :param start_port: beginning of the port range
+        :param end_port: end of the port range
+        """
+        return self.api(
+            self.papi.nat_set_addr_and_port_alloc_alg,
+            {'alg': alg,
+             'psid_offset': psid_offset,
+             'psid_length': psid_length,
+             'psid': psid,
+             'start_port': start_port,
+             'end_port': end_port})
+
+    def nat_get_addr_and_port_alloc_alg(self):
+        """Get address and port assignment algorithm"""
+        return self.api(self.papi.nat_get_addr_and_port_alloc_alg, {})
+
     def nat_det_close_session_out(
             self,
             out_addr,
-- 
cgit 1.2.3-korg