FD.io VPP  v18.04-17-g3a0d853
Vector Packet Processing
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Modules Pages
nat.h File Reference
+ Include dependency graph for nat.h:
+ This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  snat_session_key_t
struct  nat_ed_ses_key_t
struct  snat_det_out_key_t
struct  snat_user_key_t
struct  snat_user_t
struct  snat_address_t
struct  snat_det_session_t
struct  snat_det_map_t
struct  nat44_lb_addr_port_t
struct  snat_static_mapping_t
struct  snat_interface_t
struct  snat_static_map_resolve_t
struct  snat_main_per_thread_data_t
struct  snat_main_s
struct  snat_runtime_t
struct  icmp_echo_header_t
struct  tcp_udp_header_t


#define SNAT_UDP_TIMEOUT   300
#define SNAT_UDP_TIMEOUT_MIN   120
#define SNAT_ICMP_TIMEOUT   60
#define SNAT_FLAG_HAIRPINNING   (1 << 0)
#define foreach_snat_protocol
#define foreach_snat_session_state
#define snat_is_session_static(s)   (s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING)
 Check if SNAT session is created from static mapping. More...
#define snat_is_unk_proto_session(s)   (s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO)
 Check if SNAT session for unknown protocol. More...
#define is_twice_nat_session(s)   (s->flags & SNAT_SESSION_FLAG_TWICE_NAT)
 Check if NAT session is twice NAT. More...
#define is_lb_session(s)   (s->flags & SNAT_SESSION_FLAG_LOAD_BALANCING)
 Check if NAT session is load-balancing. More...
#define is_ed_session(s)   (snat_is_unk_proto_session (s) || is_twice_nat_session (s) || is_lb_session (s))
 Check if NAT session is endpoint dependent. More...
#define nat_interface_is_inside(i)   i->flags & NAT_INTERFACE_FLAG_IS_INSIDE
#define nat_interface_is_outside(i)   i->flags & NAT_INTERFACE_FLAG_IS_OUTSIDE


typedef u32 snat_icmp_match_function_t(struct snat_main_s *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
typedef u32snat_get_worker_function_t) (ip4_header_t *ip, u32 rx_fib_index)
typedef int nat_alloc_out_addr_and_port_function_t(snat_address_t *addresses, u32 fib_index, u32 thread_index, snat_session_key_t *k, u32 *address_indexp, u16 port_per_thread, u32 snat_thread_index)
typedef struct snat_main_s snat_main_t


enum  snat_protocol_t { foreach_snat_protocol }
enum  snat_session_state_t { foreach_snat_session_state }


typedef CLIB_PACKED (struct{snat_session_key_t out2in;snat_session_key_t in2out;u32 flags;u32 per_user_index;u32 per_user_list_head_index;f64 last_heard;u64 total_bytes;u32 total_pkts;u32 outside_address_index;ip4_address_t ext_host_addr;u16 ext_host_port;ip4_address_t ext_host_nat_addr;u16 ext_host_nat_port;}) snat_session_t
void snat_free_outside_address_and_port (snat_address_t *addresses, u32 thread_index, snat_session_key_t *k, u32 address_index)
int snat_alloc_outside_address_and_port (snat_address_t *addresses, u32 fib_index, u32 thread_index, snat_session_key_t *k, u32 *address_indexp, u16 port_per_thread, u32 snat_thread_index)
int snat_static_mapping_match (snat_main_t *sm, snat_session_key_t match, snat_session_key_t *mapping, u8 by_external, u8 *is_addr_only, u8 *twice_nat)
 Match NAT44 static mapping. More...
void snat_add_del_addr_to_fib (ip4_address_t *addr, u8 p_len, u32 sw_if_index, int is_add)
 Add/del NAT address to FIB. More...
static u32 ip_proto_to_snat_proto (u8 ip_proto)
static u8 snat_proto_to_ip_proto (snat_protocol_t snat_proto)
u32 icmp_match_in2out_fast (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
 Get address and port values to be used for ICMP packet translation. More...
u32 icmp_match_in2out_slow (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
 Get address and port values to be used for ICMP packet translation and create session if needed. More...
u32 icmp_match_in2out_det (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
 Get address and port values to be used for ICMP packet translation and create session if needed. More...
u32 icmp_match_out2in_fast (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
 Get address and port values to be used for ICMP packet translation. More...
u32 icmp_match_out2in_slow (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
 Get address and port values to be used for ICMP packet translation and create session if needed. More...
u32 icmp_match_out2in_det (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)
 Get address and port values to be used for ICMP packet translation and create session if needed. More...
void increment_v4_address (ip4_address_t *a)
void snat_add_address (snat_main_t *sm, ip4_address_t *addr, u32 vrf_id, u8 twice_nat)
int snat_del_address (snat_main_t *sm, ip4_address_t addr, u8 delete_sm, u8 twice_nat)
void nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add)
int snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, u16 l_port, u16 e_port, u32 vrf_id, int addr_only, u32 sw_if_index, snat_protocol_t proto, int is_add, u8 twice_nat, u8 out2in_only, u8 *tag)
 Add static mapping. More...
clib_error_tsnat_api_init (vlib_main_t *vm, snat_main_t *sm)
int snat_set_workers (uword *bitmap)
int snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del)
int snat_interface_add_del_output_feature (u32 sw_if_index, u8 is_inside, int is_del)
int snat_add_interface_address (snat_main_t *sm, u32 sw_if_index, int is_del, u8 twice_nat)
uword unformat_snat_protocol (unformat_input_t *input, va_list *args)
u8format_snat_protocol (u8 *s, va_list *args)
int nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, snat_protocol_t proto, u32 vrf_id, nat44_lb_addr_port_t *locals, u8 is_add, u8 twice_nat, u8 out2in_only, u8 *tag)
int nat44_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port, snat_protocol_t proto, u32 vrf_id, int is_in)
void nat_free_session_data (snat_main_t *sm, snat_session_t *s, u32 thread_index)
snat_user_tnat_user_get_or_create (snat_main_t *sm, ip4_address_t *addr, u32 fib_index, u32 thread_index)
snat_session_t * nat_session_alloc_or_recycle (snat_main_t *sm, snat_user_t *u, u32 thread_index)
void nat_set_alloc_addr_and_port_mape (u16 psid, u16 psid_offset, u16 psid_length)
void nat_set_alloc_addr_and_port_default (void)
static_always_inline u8 icmp_is_error_message (icmp46_header_t *icmp)
static_always_inline u8 is_interface_addr (snat_main_t *sm, vlib_node_runtime_t *node, u32 sw_if_index0, u32 ip4_addr)
static u8 maximum_sessions_exceeded (snat_main_t *sm, u32 thread_index)
static_always_inline void nat_send_all_to_node (vlib_main_t *vm, u32 *bi_vector, vlib_node_runtime_t *node, vlib_error_t *error, u32 next)
static void user_session_increment (snat_main_t *sm, snat_user_t *u, u8 is_static)


snat_main_t snat_main
vlib_node_registration_t snat_in2out_node
 (constructor) VLIB_REGISTER_NODE (snat_in2out_node) More...
vlib_node_registration_t snat_in2out_output_node
 (constructor) VLIB_REGISTER_NODE (snat_in2out_output_node) More...
vlib_node_registration_t snat_out2in_node
 (constructor) VLIB_REGISTER_NODE (snat_out2in_node) More...
vlib_node_registration_t snat_in2out_fast_node
 (constructor) VLIB_REGISTER_NODE (snat_in2out_fast_node) More...
vlib_node_registration_t snat_out2in_fast_node
 (constructor) VLIB_REGISTER_NODE (snat_out2in_fast_node) More...
vlib_node_registration_t snat_in2out_worker_handoff_node
 (constructor) VLIB_REGISTER_NODE (snat_in2out_worker_handoff_node) More...
vlib_node_registration_t snat_in2out_output_worker_handoff_node
 (constructor) VLIB_REGISTER_NODE (snat_in2out_output_worker_handoff_node) More...
vlib_node_registration_t snat_out2in_worker_handoff_node
 (constructor) VLIB_REGISTER_NODE (snat_out2in_worker_handoff_node) More...
vlib_node_registration_t snat_det_in2out_node
 (constructor) VLIB_REGISTER_NODE (snat_det_in2out_node) More...
vlib_node_registration_t snat_det_out2in_node
 (constructor) VLIB_REGISTER_NODE (snat_det_out2in_node) More...
vlib_node_registration_t snat_hairpin_dst_node
 (constructor) VLIB_REGISTER_NODE (snat_hairpin_dst_node) More...
vlib_node_registration_t snat_hairpin_src_node
 (constructor) VLIB_REGISTER_NODE (snat_hairpin_src_node) More...
format_function_t format_snat_user
format_function_t format_snat_static_mapping
format_function_t format_snat_static_map_to_resolve
format_function_t format_det_map_ses

Macro Definition Documentation

#define foreach_snat_protocol
_(UDP, 0, udp, "udp") \
_(TCP, 1, tcp, "tcp") \
_(ICMP, 2, icmp, "icmp")

Definition at line 99 of file nat.h.

#define foreach_snat_session_state
_(0, UNKNOWN, "unknown") \
_(1, UDP_ACTIVE, "udp-active") \
_(2, TCP_SYN_SENT, "tcp-syn-sent") \
_(3, TCP_ESTABLISHED, "tcp-established") \
_(4, TCP_FIN_WAIT, "tcp-fin-wait") \
_(5, TCP_CLOSE_WAIT, "tcp-close-wait") \
_(6, TCP_LAST_ACK, "tcp-last-ack") \
_(7, ICMP_ACTIVE, "icmp-active")

Definition at line 111 of file nat.h.

#define is_ed_session (   s)    (snat_is_unk_proto_session (s) || is_twice_nat_session (s) || is_lb_session (s))

Check if NAT session is endpoint dependent.

sNAT session
1 if NAT session is endpoint dependent

Definition at line 469 of file nat.h.

#define is_lb_session (   s)    (s->flags & SNAT_SESSION_FLAG_LOAD_BALANCING)

Check if NAT session is load-balancing.

sNAT session
1 if NAT session is load-balancing

Definition at line 463 of file nat.h.

#define is_twice_nat_session (   s)    (s->flags & SNAT_SESSION_FLAG_TWICE_NAT)

Check if NAT session is twice NAT.

sNAT session
1 if NAT session is twice NAT

Definition at line 457 of file nat.h.


Definition at line 133 of file nat.h.


Definition at line 134 of file nat.h.

#define nat_interface_is_inside (   i)    i->flags & NAT_INTERFACE_FLAG_IS_INSIDE

Definition at line 471 of file nat.h.

#define nat_interface_is_outside (   i)    i->flags & NAT_INTERFACE_FLAG_IS_OUTSIDE

Definition at line 472 of file nat.h.

#define SNAT_FLAG_HAIRPINNING   (1 << 0)

Definition at line 40 of file nat.h.

#define SNAT_ICMP_TIMEOUT   60

Definition at line 38 of file nat.h.

#define snat_is_session_static (   s)    (s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING)

Check if SNAT session is created from static mapping.

sSNAT session
1 if SNAT session is created from static mapping otherwise 0

Definition at line 445 of file nat.h.

#define snat_is_unk_proto_session (   s)    (s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO)

Check if SNAT session for unknown protocol.

sSNAT session
1 if SNAT session for unknown protocol otherwise 0

Definition at line 451 of file nat.h.


Definition at line 130 of file nat.h.


Definition at line 128 of file nat.h.


Definition at line 131 of file nat.h.


Definition at line 129 of file nat.h.


Definition at line 36 of file nat.h.


Definition at line 37 of file nat.h.


Definition at line 35 of file nat.h.

#define SNAT_UDP_TIMEOUT   300

Definition at line 33 of file nat.h.

#define SNAT_UDP_TIMEOUT_MIN   120

Definition at line 34 of file nat.h.

Typedef Documentation

typedef int nat_alloc_out_addr_and_port_function_t(snat_address_t *addresses, u32 fib_index, u32 thread_index, snat_session_key_t *k, u32 *address_indexp, u16 port_per_thread, u32 snat_thread_index)

Definition at line 282 of file nat.h.

typedef u32( snat_get_worker_function_t) (ip4_header_t *ip, u32 rx_fib_index)

Definition at line 280 of file nat.h.

typedef u32 snat_icmp_match_function_t(struct snat_main_s *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e)

Definition at line 269 of file nat.h.

typedef struct snat_main_s snat_main_t

Enumeration Type Documentation


Definition at line 104 of file nat.h.


Definition at line 121 of file nat.h.

Function Documentation

typedef CLIB_PACKED ( struct{snat_session_key_t out2in;snat_session_key_t in2out;u32 flags;u32 per_user_index;u32 per_user_list_head_index;f64 last_heard;u64 total_bytes;u32 total_pkts;u32 outside_address_index;ip4_address_t ext_host_addr;u16 ext_host_port;ip4_address_t ext_host_nat_addr;u16 ext_host_nat_port;}  )
u8* format_snat_protocol ( u8 s,
va_list *  args 

Definition at line 2255 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static_always_inline u8 icmp_is_error_message ( icmp46_header_t *  icmp)

Definition at line 580 of file nat.h.

+ Here is the caller graph for this function:

u32 icmp_match_in2out_det ( snat_main_t sm,
vlib_node_runtime_t node,
u32  thread_index,
vlib_buffer_t b0,
ip4_header_t ip0,
u8 p_proto,
snat_session_key_t p_value,
u8 p_dont_translate,
void *  d,
void *  e 

Get address and port values to be used for ICMP packet translation and create session if needed.

[in,out]smNAT main
[in,out]nodeNAT node runtime
[in]thread_indexthread index
[in,out]b0buffer containing packet to be translated
[out]p_protoprotocol used for matching
[out]p_valueaddress and port after NAT translation
[out]p_dont_translateif packet should not be translated
doptional parameter
eoptional parameter

Definition at line 3372 of file in2out.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

u32 icmp_match_in2out_fast ( snat_main_t sm,
vlib_node_runtime_t node,
u32  thread_index,
vlib_buffer_t b0,
ip4_header_t ip0,
u8 p_proto,
snat_session_key_t p_value,
u8 p_dont_translate,
void *  d,
void *  e 

Get address and port values to be used for ICMP packet translation.

[in]smNAT main
[in,out]nodeNAT node runtime
[in]thread_indexthread index
[in,out]b0buffer containing packet to be translated
[out]p_protoprotocol used for matching
[out]p_valueaddress and port after NAT translation
[out]p_dont_translateif packet should not be translated
doptional parameter
eoptional parameter

Definition at line 677 of file in2out.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

u32 icmp_match_in2out_slow ( snat_main_t sm,
vlib_node_runtime_t node,
u32  thread_index,
vlib_buffer_t b0,
ip4_header_t ip0,
u8 p_proto,
snat_session_key_t p_value,
u8 p_dont_translate,
void *  d,
void *  e 

Get address and port values to be used for ICMP packet translation and create session if needed.

[in,out]smNAT main
[in,out]nodeNAT node runtime
[in]thread_indexthread index
[in,out]b0buffer containing packet to be translated
[out]p_protoprotocol used for matching
[out]p_valueaddress and port after NAT translation
[out]p_dont_translateif packet should not be translated
doptional parameter
eoptional parameter

Definition at line 547 of file in2out.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

u32 icmp_match_out2in_det ( snat_main_t sm,
vlib_node_runtime_t node,
u32  thread_index,
vlib_buffer_t b0,
ip4_header_t ip0,
u8 p_proto,
snat_session_key_t p_value,
u8 p_dont_translate,
void *  d,
void *  e 

Get address and port values to be used for ICMP packet translation and create session if needed.

[in,out]smNAT main
[in,out]nodeNAT node runtime
[in]thread_indexthread index
[in,out]b0buffer containing packet to be translated
[out]p_protoprotocol used for matching
[out]p_valueaddress and port after NAT translation
[out]p_dont_translateif packet should not be translated
doptional parameter
eoptional parameter

Definition at line 2514 of file out2in.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

u32 icmp_match_out2in_fast ( snat_main_t sm,
vlib_node_runtime_t node,
u32  thread_index,
vlib_buffer_t b0,
ip4_header_t ip0,
u8 p_proto,
snat_session_key_t p_value,
u8 p_dont_translate,
void *  d,
void *  e 

Get address and port values to be used for ICMP packet translation.

[in]smNAT main
[in,out]nodeNAT node runtime
[in]thread_indexthread index
[in,out]b0buffer containing packet to be translated
[out]p_protoprotocol used for matching
[out]p_valueaddress and port after NAT translation
[out]p_dont_translateif packet should not be translated
doptional parameter
eoptional parameter

Definition at line 536 of file out2in.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

u32 icmp_match_out2in_slow ( snat_main_t sm,
vlib_node_runtime_t node,
u32  thread_index,
vlib_buffer_t b0,
ip4_header_t ip0,
u8 p_proto,
snat_session_key_t p_value,
u8 p_dont_translate,
void *  d,
void *  e 

Get address and port values to be used for ICMP packet translation and create session if needed.

[in,out]smNAT main
[in,out]nodeNAT node runtime
[in]thread_indexthread index
[in,out]b0buffer containing packet to be translated
[out]p_protoprotocol used for matching
[out]p_valueaddress and port after NAT translation
[out]p_dont_translateif packet should not be translated
doptional parameter
eoptional parameter

Definition at line 386 of file out2in.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void increment_v4_address ( ip4_address_t a)

Definition at line 610 of file nat.c.

+ Here is the caller graph for this function:

static u32 ip_proto_to_snat_proto ( u8  ip_proto)

Definition at line 486 of file nat.h.

+ Here is the caller graph for this function:

static_always_inline u8 is_interface_addr ( snat_main_t sm,
vlib_node_runtime_t node,
u32  sw_if_index0,
u32  ip4_addr 

Definition at line 596 of file nat.h.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static u8 maximum_sessions_exceeded ( snat_main_t sm,
u32  thread_index 

Definition at line 621 of file nat.h.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void nat44_add_del_address_dpo ( ip4_address_t  addr,
u8  is_add 

Definition at line 2218 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int nat44_add_del_lb_static_mapping ( ip4_address_t  e_addr,
u16  e_port,
snat_protocol_t  proto,
u32  vrf_id,
nat44_lb_addr_port_t locals,
u8  is_add,
u8  twice_nat,
u8  out2in_only,
u8 tag 

Definition at line 1141 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int nat44_del_session ( snat_main_t sm,
ip4_address_t addr,
u16  port,
snat_protocol_t  proto,
u32  vrf_id,
int  is_in 

Definition at line 3014 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void nat_free_session_data ( snat_main_t sm,
snat_session_t *  s,
u32  thread_index 

Definition at line 144 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static_always_inline void nat_send_all_to_node ( vlib_main_t vm,
u32 bi_vector,
vlib_node_runtime_t node,
vlib_error_t error,
u32  next 

Definition at line 630 of file nat.h.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

snat_session_t* nat_session_alloc_or_recycle ( snat_main_t sm,
snat_user_t u,
u32  thread_index 

Definition at line 285 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void nat_set_alloc_addr_and_port_default ( void  )

Definition at line 3076 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void nat_set_alloc_addr_and_port_mape ( u16  psid,
u16  psid_offset,
u16  psid_length 

Definition at line 3065 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

snat_user_t* nat_user_get_or_create ( snat_main_t sm,
ip4_address_t addr,
u32  fib_index,
u32  thread_index 

Definition at line 241 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void snat_add_address ( snat_main_t sm,
ip4_address_t addr,
u32  vrf_id,
u8  twice_nat 

Definition at line 542 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void snat_add_del_addr_to_fib ( ip4_address_t addr,
u8  p_len,
u32  sw_if_index,
int  is_add 

Add/del NAT address to FIB.

Add the external NAT address to the FIB as receive entries. This ensures that VPP will reply to ARP for this address and we don't need to enable proxy ARP on the outside interface.

addrIPv4 address.
plenaddress prefix length
is_addIf 0 delete, otherwise add.

Definition at line 510 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int snat_add_interface_address ( snat_main_t sm,
u32  sw_if_index,
int  is_del,
u8  twice_nat 

Definition at line 2947 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int snat_add_static_mapping ( ip4_address_t  l_addr,
ip4_address_t  e_addr,
u16  l_port,
u16  e_port,
u32  vrf_id,
int  addr_only,
u32  sw_if_index,
snat_protocol_t  proto,
int  is_add,
u8  twice_nat,
u8  out2in_only,
u8 tag 

Add static mapping.

Create static mapping between local addr+port and external addr+port.

l_addrLocal IPv4 address.
e_addrExternal IPv4 address.
l_portLocal port number.
e_portExternal port number.
vrf_idVRF ID.
addr_onlyIf 0 address port and pair mapping, otherwise address only.
sw_if_indexExternal port instead of specific IP address.
is_addIf 0 delete static mapping, otherwise add.
twice_natIf 1 translate external host address and port.
out2in_onlyIf 1 rule match only out2in direction
tag- opaque string tag

Definition at line 663 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int snat_alloc_outside_address_and_port ( snat_address_t addresses,
u32  fib_index,
u32  thread_index,
snat_session_key_t k,
u32 address_indexp,
u16  port_per_thread,
u32  snat_thread_index 

Definition at line 2057 of file nat.c.

+ Here is the caller graph for this function:

clib_error_t* snat_api_init ( vlib_main_t vm,
snat_main_t sm 

Definition at line 2889 of file nat_api.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int snat_del_address ( snat_main_t sm,
ip4_address_t  addr,
u8  delete_sm,
u8  twice_nat 

Definition at line 1414 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void snat_free_outside_address_and_port ( snat_address_t addresses,
u32  thread_index,
snat_session_key_t k,
u32  address_index 

Definition at line 1925 of file nat.c.

+ Here is the caller graph for this function:

int snat_interface_add_del ( u32  sw_if_index,
u8  is_inside,
int  is_del 

Definition at line 1527 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int snat_interface_add_del_output_feature ( u32  sw_if_index,
u8  is_inside,
int  is_del 

Definition at line 1683 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static u8 snat_proto_to_ip_proto ( snat_protocol_t  snat_proto)

Definition at line 499 of file nat.h.

+ Here is the caller graph for this function:

int snat_set_workers ( uword bitmap)

Definition at line 1778 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

int snat_static_mapping_match ( snat_main_t sm,
snat_session_key_t  match,
snat_session_key_t mapping,
u8  by_external,
u8 is_addr_only,
u8 twice_nat 

Match NAT44 static mapping.

smNAT main.
matchAddress and port to match.
mappingExternal or local address and port of the matched mapping.
by_externalIf 0 match by local address otherwise match by external address.
is_addr_onlyIf matched mapping is address only
twice_natIf matched mapping is twice NAT.
0 if match found otherwise 1.

Definition at line 1969 of file nat.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

uword unformat_snat_protocol ( unformat_input_t input,
va_list *  args 

Definition at line 2241 of file nat.c.

+ Here is the caller graph for this function:

static void user_session_increment ( snat_main_t sm,
snat_user_t u,
u8  is_static 

Definition at line 656 of file nat.h.

+ Here is the caller graph for this function:

Variable Documentation

format_function_t format_det_map_ses

Definition at line 434 of file nat.h.

format_function_t format_snat_static_map_to_resolve

Definition at line 433 of file nat.h.

format_function_t format_snat_static_mapping

Definition at line 432 of file nat.h.

format_function_t format_snat_user

Definition at line 431 of file nat.h.

vlib_node_registration_t snat_det_in2out_node

(constructor) VLIB_REGISTER_NODE (snat_det_in2out_node)

Definition at line 110 of file in2out.c.

vlib_node_registration_t snat_det_out2in_node
Initial value:
= {
.name = "nat44-det-out2in",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_trace,
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
.next_nodes = {
[SNAT_OUT2IN_NEXT_DROP] = "error-drop",
[SNAT_OUT2IN_NEXT_LOOKUP] = "ip4-lookup",
[SNAT_OUT2IN_NEXT_ICMP_ERROR] = "ip4-icmp-error",
[SNAT_OUT2IN_NEXT_REASS] = "nat44-out2in-reass",
[SNAT_OUT2IN_NEXT_IN2OUT] = "nat44-in2out",
#define ARRAY_LEN(x)
Definition: clib.h:59
unsigned int u32
Definition: types.h:88
static uword snat_det_out2in_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: out2in.c:2015
static char * snat_out2in_error_strings[]
Definition: out2in.c:125
static u8 * format_snat_out2in_trace(u8 *s, va_list *args)
Definition: out2in.c:46

(constructor) VLIB_REGISTER_NODE (snat_det_out2in_node)

Definition at line 2475 of file out2in.c.

vlib_node_registration_t snat_hairpin_dst_node

(constructor) VLIB_REGISTER_NODE (snat_hairpin_dst_node)

Definition at line 114 of file in2out.c.

vlib_node_registration_t snat_hairpin_src_node

(constructor) VLIB_REGISTER_NODE (snat_hairpin_src_node)

Definition at line 115 of file in2out.c.

vlib_node_registration_t snat_in2out_fast_node

(constructor) VLIB_REGISTER_NODE (snat_in2out_fast_node)

Definition at line 108 of file in2out.c.

vlib_node_registration_t snat_in2out_node

(constructor) VLIB_REGISTER_NODE (snat_in2out_node)

Definition at line 106 of file in2out.c.

vlib_node_registration_t snat_in2out_output_node

(constructor) VLIB_REGISTER_NODE (snat_in2out_output_node)

Definition at line 111 of file in2out.c.

vlib_node_registration_t snat_in2out_output_worker_handoff_node

(constructor) VLIB_REGISTER_NODE (snat_in2out_output_worker_handoff_node)

Definition at line 113 of file in2out.c.

vlib_node_registration_t snat_in2out_worker_handoff_node

(constructor) VLIB_REGISTER_NODE (snat_in2out_worker_handoff_node)

Definition at line 109 of file in2out.c.

snat_main_t snat_main

Definition at line 35 of file nat.c.

vlib_node_registration_t snat_out2in_fast_node
Initial value:
= {
.name = "nat44-out2in-fast",
.vector_size = sizeof (u32),
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
.next_nodes = {
[SNAT_OUT2IN_NEXT_LOOKUP] = "ip4-lookup",
[SNAT_OUT2IN_NEXT_DROP] = "error-drop",
[SNAT_OUT2IN_NEXT_ICMP_ERROR] = "ip4-icmp-error",
[SNAT_OUT2IN_NEXT_REASS] = "nat44-out2in-reass",
[SNAT_OUT2IN_NEXT_IN2OUT] = "nat44-in2out",
static u8 * format_snat_out2in_fast_trace(u8 *s, va_list *args)
Definition: out2in.c:57
#define ARRAY_LEN(x)
Definition: clib.h:59
unsigned int u32
Definition: types.h:88
static char * snat_out2in_error_strings[]
Definition: out2in.c:125
static uword snat_out2in_fast_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: out2in.c:2803

(constructor) VLIB_REGISTER_NODE (snat_out2in_fast_node)

Definition at line 2969 of file out2in.c.

vlib_node_registration_t snat_out2in_node
Initial value:
= {
.function = snat_out2in_node_fn,
.name = "nat44-out2in",
.vector_size = sizeof (u32),
.format_trace = format_snat_out2in_trace,
.error_strings = snat_out2in_error_strings,
.runtime_data_bytes = sizeof (snat_runtime_t),
.n_next_nodes = SNAT_OUT2IN_N_NEXT,
.next_nodes = {
[SNAT_OUT2IN_NEXT_DROP] = "error-drop",
[SNAT_OUT2IN_NEXT_LOOKUP] = "ip4-lookup",
[SNAT_OUT2IN_NEXT_ICMP_ERROR] = "ip4-icmp-error",
[SNAT_OUT2IN_NEXT_REASS] = "nat44-out2in-reass",
[SNAT_OUT2IN_NEXT_IN2OUT] = "nat44-in2out",
#define ARRAY_LEN(x)
Definition: clib.h:59
unsigned int u32
Definition: types.h:88
static char * snat_out2in_error_strings[]
Definition: out2in.c:125
static u8 * format_snat_out2in_trace(u8 *s, va_list *args)
Definition: out2in.c:46
static uword snat_out2in_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: out2in.c:1038

(constructor) VLIB_REGISTER_NODE (snat_out2in_node)

Definition at line 1688 of file out2in.c.

vlib_node_registration_t snat_out2in_worker_handoff_node
Initial value:
= {
.name = "nat44-out2in-worker-handoff",
.vector_size = sizeof (u32),
.n_next_nodes = 1,
.next_nodes = {
[0] = "error-drop",
static uword snat_out2in_worker_handoff_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: out2in.c:2643
unsigned int u32
Definition: types.h:88
static u8 * format_snat_out2in_worker_handoff_trace(u8 *s, va_list *args)
Definition: out2in.c:68

(constructor) VLIB_REGISTER_NODE (snat_out2in_worker_handoff_node)

Definition at line 2786 of file out2in.c.