FD.io VPP
v20.01-48-g3e0dafb74
Vector Packet Processing
|
Go to the source code of this file.
Data Structures | |
struct | nat_buffer_opaque_t |
struct | nat_pre_trace_t |
struct | snat_session_key_t |
struct | nat_ed_ses_key_t |
struct | snat_det_out_key_t |
struct | snat_user_key_t |
struct | nat44_reass_trace_t |
struct | snat_user_t |
struct | snat_address_t |
struct | nat_outside_fib_t |
struct | snat_det_session_t |
struct | snat_det_map_t |
struct | nat44_lb_addr_port_t |
struct | snat_static_mapping_t |
struct | snat_interface_t |
struct | snat_static_map_resolve_t |
struct | snat_main_per_thread_data_t |
struct | snat_main_s |
struct | nat44_is_idle_session_ctx_t |
struct | snat_runtime_t |
struct | icmp_echo_header_t |
struct | tcp_udp_header_t |
Macros | |
#define | SNAT_UDP_TIMEOUT 300 |
#define | SNAT_TCP_TRANSITORY_TIMEOUT 240 |
#define | SNAT_TCP_ESTABLISHED_TIMEOUT 7440 |
#define | SNAT_ICMP_TIMEOUT 60 |
#define | NAT_FQ_NELTS 64 |
#define | SNAT_FLAG_HAIRPINNING (1 << 0) |
#define | nat_buffer_opaque(b) ((nat_buffer_opaque_t *)((vnet_buffer_opaque2_t *)b->opaque2)->__unused2) |
#define | foreach_nat_config_flag |
#define | foreach_nat_addr_and_port_alloc_alg |
#define | foreach_snat_protocol |
#define | foreach_snat_session_state |
#define | foreach_nat_in2out_ed_error |
#define | foreach_nat_out2in_ed_error |
#define | NAT44_SES_I2O_FIN 1 |
#define | NAT44_SES_O2I_FIN 2 |
#define | NAT44_SES_I2O_FIN_ACK 4 |
#define | NAT44_SES_O2I_FIN_ACK 8 |
#define | NAT44_SES_I2O_SYN 16 |
#define | NAT44_SES_O2I_SYN 32 |
#define | NAT44_SES_RST 64 |
#define | SNAT_SESSION_FLAG_STATIC_MAPPING 1 |
#define | SNAT_SESSION_FLAG_UNKNOWN_PROTO 2 |
#define | SNAT_SESSION_FLAG_LOAD_BALANCING 4 |
#define | SNAT_SESSION_FLAG_TWICE_NAT 8 |
#define | SNAT_SESSION_FLAG_ENDPOINT_DEPENDENT 16 |
#define | SNAT_SESSION_FLAG_FWD_BYPASS 32 |
#define | SNAT_SESSION_FLAG_AFFINITY 64 |
#define | SNAT_SESSION_FLAG_OUTPUT_FEATURE 128 |
#define | NAT_INTERFACE_FLAG_IS_INSIDE 1 |
#define | NAT_INTERFACE_FLAG_IS_OUTSIDE 2 |
#define | NAT_STATIC_MAPPING_FLAG_ADDR_ONLY 1 |
#define | NAT_STATIC_MAPPING_FLAG_OUT2IN_ONLY 2 |
#define | NAT_STATIC_MAPPING_FLAG_IDENTITY_NAT 4 |
#define | NAT_STATIC_MAPPING_FLAG_LB 8 |
#define | snat_is_session_static(s) (s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING) |
Check if SNAT session is created from static mapping. More... | |
#define | snat_is_unk_proto_session(s) (s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO) |
Check if SNAT session for unknown protocol. More... | |
#define | is_twice_nat_session(s) (s->flags & SNAT_SESSION_FLAG_TWICE_NAT) |
Check if NAT session is twice NAT. More... | |
#define | is_lb_session(s) (s->flags & SNAT_SESSION_FLAG_LOAD_BALANCING) |
Check if NAT session is load-balancing. More... | |
#define | is_fwd_bypass_session(s) (s->flags & SNAT_SESSION_FLAG_FWD_BYPASS) |
Check if NAT session is forwarding bypass. More... | |
#define | is_ed_session(s) (s->flags & SNAT_SESSION_FLAG_ENDPOINT_DEPENDENT) |
Check if NAT session is endpoint dependent. More... | |
#define | is_affinity_sessions(s) (s->flags & SNAT_SESSION_FLAG_AFFINITY) |
Check if NAT session has affinity record. More... | |
#define | nat_interface_is_inside(i) i->flags & NAT_INTERFACE_FLAG_IS_INSIDE |
Check if NAT interface is inside. More... | |
#define | nat_interface_is_outside(i) i->flags & NAT_INTERFACE_FLAG_IS_OUTSIDE |
Check if NAT interface is outside. More... | |
#define | nat44_is_ses_closed(s) s->state == 0xf |
Check if NAT44 endpoint-dependent TCP session is closed. More... | |
#define | is_addr_only_static_mapping(sm) (sm->flags & NAT_STATIC_MAPPING_FLAG_ADDR_ONLY) |
Check if NAT static mapping is address only (1:1NAT). More... | |
#define | is_out2in_only_static_mapping(sm) (sm->flags & NAT_STATIC_MAPPING_FLAG_OUT2IN_ONLY) |
Check if NAT static mapping match only out2in direction. More... | |
#define | is_identity_static_mapping(sm) (sm->flags & NAT_STATIC_MAPPING_FLAG_IDENTITY_NAT) |
Check if NAT static mapping is identity NAT. More... | |
#define | is_lb_static_mapping(sm) (sm->flags & NAT_STATIC_MAPPING_FLAG_LB) |
Check if NAT static mapping is load-balancing. More... | |
#define | nat_log_err(...) vlib_log(VLIB_LOG_LEVEL_ERR, snat_main.log_class, __VA_ARGS__) |
#define | nat_log_warn(...) vlib_log(VLIB_LOG_LEVEL_WARNING, snat_main.log_class, __VA_ARGS__) |
#define | nat_log_notice(...) vlib_log(VLIB_LOG_LEVEL_NOTICE, snat_main.log_class, __VA_ARGS__) |
#define | nat_log_info(...) vlib_log(VLIB_LOG_LEVEL_INFO, snat_main.log_class, __VA_ARGS__) |
#define | nat_log_debug(...) vlib_log(VLIB_LOG_LEVEL_DEBUG, snat_main.log_class, __VA_ARGS__) |
#define | foreach_nat_log_level |
#define | nat_elog(_level, _str) |
#define | nat_elog_addr(_level, _str, _addr) |
#define | nat_elog_debug_handoff(_str, _tid, _fib, _src, _dst) |
#define | nat_elog_debug_handoff_v2(_str, _prt, _fib, _src, _dst) |
#define | nat_elog_X1(_level, _fmt, _arg, _val1) |
#define | nat_elog_notice(nat_elog_str) nat_elog(SNAT_LOG_INFO, "[notice] " nat_elog_str) |
#define | nat_elog_warn(nat_elog_str) nat_elog(SNAT_LOG_WARNING, "[warning] " nat_elog_str) |
#define | nat_elog_err(nat_elog_str) nat_elog(SNAT_LOG_ERROR, "[error] " nat_elog_str) |
#define | nat_elog_debug(nat_elog_str) nat_elog(SNAT_LOG_DEBUG, "[debug] " nat_elog_str) |
#define | nat_elog_info(nat_elog_str) nat_elog(SNAT_LOG_INFO, "[info] " nat_elog_str) |
#define | nat_elog_notice_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) nat_elog_X1(SNAT_LOG_NOTICE, "[notice] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define | nat_elog_warn_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) nat_elog_X1(SNAT_LOG_WARNING, "[warning] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define | nat_elog_err_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) nat_elog_X1(SNAT_LOG_ERROR, "[error] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define | nat_elog_debug_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) nat_elog_X1(SNAT_LOG_DEBUG, "[debug] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define | nat_elog_info_X1(nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) nat_elog_X1(SNAT_LOG_INFO, "[info] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
Typedefs | |
typedef enum nat_config_flags_t_ | nat_config_flags_t |
typedef u32() | snat_icmp_match_function_t(struct snat_main_s *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
typedef u32() | snat_get_worker_in2out_function_t(ip4_header_t *ip, u32 rx_fib_index, u8 is_output) |
typedef u32() | snat_get_worker_out2in_function_t(vlib_buffer_t *b, ip4_header_t *ip, u32 rx_fib_index, u8 is_output) |
typedef int() | nat_alloc_out_addr_and_port_function_t(snat_address_t *addresses, u32 fib_index, u32 thread_index, snat_session_key_t *k, u16 port_per_thread, u32 snat_thread_index) |
typedef struct snat_main_s | snat_main_t |
typedef enum nat_log_level_t_ | nat_log_level_t |
Functions | |
typedef | CLIB_PACKED (struct { snat_session_key_t out2in;snat_session_key_t in2out;u32 flags;u32 per_user_index;u32 per_user_list_head_index;f64 last_heard;f64 ha_last_refreshed;u64 total_bytes;u32 total_pkts;ip4_address_t ext_host_addr;u16 ext_host_port;ip4_address_t ext_host_nat_addr;u16 ext_host_nat_port;u8 state;u32 i2o_fin_seq;u32 o2i_fin_seq;u32 user_index;}) snat_session_t |
static bool | tcp_flags_is_init (u8 f) |
Check if client initiating TCP connection (received SYN from client) More... | |
u32 | icmp_match_in2out_fast (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
Get address and port values to be used for ICMP packet translation. More... | |
u32 | icmp_match_in2out_slow (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
Get address and port values to be used for ICMP packet translation and create session if needed. More... | |
u32 | icmp_match_out2in_fast (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
Get address and port values to be used for ICMP packet translation. More... | |
u32 | icmp_match_out2in_slow (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
Get address and port values to be used for ICMP packet translation and create session if needed. More... | |
u32 | icmp_match_out2in_det (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
Get address and port values to be used for ICMP packet translation and create session if needed. More... | |
u32 | icmp_match_in2out_det (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
Get address and port values to be used for ICMP packet translation and create session if needed. More... | |
u32 | icmp_match_out2in_ed (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
u32 | icmp_match_in2out_ed (snat_main_t *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
u32 | icmp_in2out (snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, icmp46_header_t *icmp0, u32 sw_if_index0, u32 rx_fib_index0, vlib_node_runtime_t *node, u32 next0, u32 thread_index, void *d, void *e) |
u32 | icmp_out2in (snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, icmp46_header_t *icmp0, u32 sw_if_index0, u32 rx_fib_index0, vlib_node_runtime_t *node, u32 next0, u32 thread_index, void *d, void *e) |
u32 | snat_icmp_hairpinning (snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, icmp46_header_t *icmp0, int is_ed) |
void | nat_hairpinning_sm_unknown_proto (snat_main_t *sm, vlib_buffer_t *b, ip4_header_t *ip) |
void | nat44_ed_hairpinning_unknown_proto (snat_main_t *sm, vlib_buffer_t *b, ip4_header_t *ip) |
int | snat_hairpinning (snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, udp_header_t *udp0, tcp_header_t *tcp0, u32 proto0, int is_ed) |
void | nat44_reass_hairpinning (snat_main_t *sm, vlib_buffer_t *b0, ip4_header_t *ip0, u16 sport, u16 dport, u32 proto0, int is_ed) |
int | nat44_i2o_ed_is_idle_session_cb (clib_bihash_kv_16_8_t *kv, void *arg) |
int | nat44_o2i_ed_is_idle_session_cb (clib_bihash_kv_16_8_t *kv, void *arg) |
int | nat44_i2o_is_idle_session_cb (clib_bihash_kv_8_8_t *kv, void *arg) |
int | nat44_o2i_is_idle_session_cb (clib_bihash_kv_8_8_t *kv, void *arg) |
void | increment_v4_address (ip4_address_t *a) |
Increment IPv4 address. More... | |
int | snat_add_address (snat_main_t *sm, ip4_address_t *addr, u32 vrf_id, u8 twice_nat) |
Add external address to NAT44 pool. More... | |
int | snat_del_address (snat_main_t *sm, ip4_address_t addr, u8 delete_sm, u8 twice_nat) |
Delete external address from NAT44 pool. More... | |
void | nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add) |
Add/delete external address to FIB DPO (out2in DPO mode) More... | |
int | snat_add_static_mapping (ip4_address_t l_addr, ip4_address_t e_addr, u16 l_port, u16 e_port, u32 vrf_id, int addr_only, u32 sw_if_index, snat_protocol_t proto, int is_add, twice_nat_type_t twice_nat, u8 out2in_only, u8 *tag, u8 identity_nat) |
Add/delete NAT44 static mapping. More... | |
int | nat44_add_del_lb_static_mapping (ip4_address_t e_addr, u16 e_port, snat_protocol_t proto, nat44_lb_addr_port_t *locals, u8 is_add, twice_nat_type_t twice_nat, u8 out2in_only, u8 *tag, u32 affinity) |
Add/delete static mapping with load-balancing (multiple backends) More... | |
int | nat44_lb_static_mapping_add_del_local (ip4_address_t e_addr, u16 e_port, ip4_address_t l_addr, u16 l_port, snat_protocol_t proto, u32 vrf_id, u8 probability, u8 is_add) |
clib_error_t * | snat_api_init (vlib_main_t *vm, snat_main_t *sm) |
int | snat_set_workers (uword *bitmap) |
Set NAT plugin workers. More... | |
int | snat_interface_add_del (u32 sw_if_index, u8 is_inside, int is_del) |
Enable/disable NAT44 feature on the interface. More... | |
int | snat_interface_add_del_output_feature (u32 sw_if_index, u8 is_inside, int is_del) |
Enable/disable NAT44 output feature on the interface (postrouting NAT) More... | |
int | snat_add_interface_address (snat_main_t *sm, u32 sw_if_index, int is_del, u8 twice_nat) |
Add/delete NAT44 pool address from specific interfce. More... | |
int | nat44_del_session (snat_main_t *sm, ip4_address_t *addr, u16 port, snat_protocol_t proto, u32 vrf_id, int is_in) |
Delete NAT44 session. More... | |
int | nat44_del_ed_session (snat_main_t *sm, ip4_address_t *addr, u16 port, ip4_address_t *eh_addr, u16 eh_port, u8 proto, u32 vrf_id, int is_in) |
Delete NAT44 endpoint-dependent session. More... | |
void | nat_free_session_data (snat_main_t *sm, snat_session_t *s, u32 thread_index, u8 is_ha) |
Free NAT44 session data (lookup keys, external addrres port) More... | |
snat_user_t * | nat_user_get_or_create (snat_main_t *sm, ip4_address_t *addr, u32 fib_index, u32 thread_index) |
Find or create NAT user. More... | |
snat_session_t * | nat_session_alloc_or_recycle (snat_main_t *sm, snat_user_t *u, u32 thread_index, f64 now) |
Allocate new NAT session or recycle last used. More... | |
snat_session_t * | nat_ed_session_alloc (snat_main_t *sm, snat_user_t *u, u32 thread_index, f64 now) |
Allocate NAT endpoint-dependent session. More... | |
void | nat_set_alloc_addr_and_port_mape (u16 psid, u16 psid_offset, u16 psid_length) |
Set address and port assignment algorithm for MAP-E CE. More... | |
void | nat_set_alloc_addr_and_port_range (u16 start_port, u16 end_port) |
Set address and port assignment algorithm for port range. More... | |
void | nat_set_alloc_addr_and_port_default (void) |
Set address and port assignment algorithm to default/standard. More... | |
void | snat_free_outside_address_and_port (snat_address_t *addresses, u32 thread_index, snat_session_key_t *k) |
Free outside address and port pair. More... | |
int | snat_alloc_outside_address_and_port (snat_address_t *addresses, u32 fib_index, u32 thread_index, snat_session_key_t *k, u16 port_per_thread, u32 snat_thread_index) |
Alloc outside address and port. More... | |
int | snat_static_mapping_match (snat_main_t *sm, snat_session_key_t match, snat_session_key_t *mapping, u8 by_external, u8 *is_addr_only, twice_nat_type_t *twice_nat, lb_nat_type_t *lb, ip4_address_t *ext_host_addr, u8 *is_identity_nat) |
Match NAT44 static mapping. More... | |
void | snat_add_del_addr_to_fib (ip4_address_t *addr, u8 p_len, u32 sw_if_index, int is_add) |
Add/del NAT address to FIB. More... | |
#define foreach_nat_addr_and_port_alloc_alg |
#define foreach_nat_config_flag |
#define foreach_nat_in2out_ed_error |
#define foreach_nat_log_level |
#define foreach_nat_out2in_ed_error |
#define foreach_snat_protocol |
#define foreach_snat_session_state |
#define is_addr_only_static_mapping | ( | sm | ) | (sm->flags & NAT_STATIC_MAPPING_FLAG_ADDR_ONLY) |
#define is_affinity_sessions | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_AFFINITY) |
#define is_ed_session | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_ENDPOINT_DEPENDENT) |
#define is_fwd_bypass_session | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_FWD_BYPASS) |
#define is_identity_static_mapping | ( | sm | ) | (sm->flags & NAT_STATIC_MAPPING_FLAG_IDENTITY_NAT) |
#define is_lb_session | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_LOAD_BALANCING) |
#define is_lb_static_mapping | ( | sm | ) | (sm->flags & NAT_STATIC_MAPPING_FLAG_LB) |
#define is_out2in_only_static_mapping | ( | sm | ) | (sm->flags & NAT_STATIC_MAPPING_FLAG_OUT2IN_ONLY) |
#define is_twice_nat_session | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_TWICE_NAT) |
#define nat44_is_ses_closed | ( | s | ) | s->state == 0xf |
#define nat_buffer_opaque | ( | b | ) | ((nat_buffer_opaque_t *)((vnet_buffer_opaque2_t *)b->opaque2)->__unused2) |
#define nat_elog | ( | _level, | |
_str | |||
) |
#define nat_elog_addr | ( | _level, | |
_str, | |||
_addr | |||
) |
#define nat_elog_debug | ( | nat_elog_str | ) | nat_elog(SNAT_LOG_DEBUG, "[debug] " nat_elog_str) |
#define nat_elog_debug_handoff | ( | _str, | |
_tid, | |||
_fib, | |||
_src, | |||
_dst | |||
) |
#define nat_elog_debug_handoff_v2 | ( | _str, | |
_prt, | |||
_fib, | |||
_src, | |||
_dst | |||
) |
#define nat_elog_debug_X1 | ( | nat_elog_fmt_str, | |
nat_elog_fmt_arg, | |||
nat_elog_val1 | |||
) | nat_elog_X1(SNAT_LOG_DEBUG, "[debug] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define nat_elog_err | ( | nat_elog_str | ) | nat_elog(SNAT_LOG_ERROR, "[error] " nat_elog_str) |
#define nat_elog_err_X1 | ( | nat_elog_fmt_str, | |
nat_elog_fmt_arg, | |||
nat_elog_val1 | |||
) | nat_elog_X1(SNAT_LOG_ERROR, "[error] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define nat_elog_info | ( | nat_elog_str | ) | nat_elog(SNAT_LOG_INFO, "[info] " nat_elog_str) |
#define nat_elog_info_X1 | ( | nat_elog_fmt_str, | |
nat_elog_fmt_arg, | |||
nat_elog_val1 | |||
) | nat_elog_X1(SNAT_LOG_INFO, "[info] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define nat_elog_notice | ( | nat_elog_str | ) | nat_elog(SNAT_LOG_INFO, "[notice] " nat_elog_str) |
#define nat_elog_notice_X1 | ( | nat_elog_fmt_str, | |
nat_elog_fmt_arg, | |||
nat_elog_val1 | |||
) | nat_elog_X1(SNAT_LOG_NOTICE, "[notice] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define nat_elog_warn | ( | nat_elog_str | ) | nat_elog(SNAT_LOG_WARNING, "[warning] " nat_elog_str) |
#define nat_elog_warn_X1 | ( | nat_elog_fmt_str, | |
nat_elog_fmt_arg, | |||
nat_elog_val1 | |||
) | nat_elog_X1(SNAT_LOG_WARNING, "[warning] " nat_elog_fmt_str, nat_elog_fmt_arg, nat_elog_val1) |
#define nat_elog_X1 | ( | _level, | |
_fmt, | |||
_arg, | |||
_val1 | |||
) |
#define nat_interface_is_inside | ( | i | ) | i->flags & NAT_INTERFACE_FLAG_IS_INSIDE |
#define nat_interface_is_outside | ( | i | ) | i->flags & NAT_INTERFACE_FLAG_IS_OUTSIDE |
#define nat_log_debug | ( | ... | ) | vlib_log(VLIB_LOG_LEVEL_DEBUG, snat_main.log_class, __VA_ARGS__) |
#define nat_log_err | ( | ... | ) | vlib_log(VLIB_LOG_LEVEL_ERR, snat_main.log_class, __VA_ARGS__) |
#define nat_log_info | ( | ... | ) | vlib_log(VLIB_LOG_LEVEL_INFO, snat_main.log_class, __VA_ARGS__) |
#define nat_log_notice | ( | ... | ) | vlib_log(VLIB_LOG_LEVEL_NOTICE, snat_main.log_class, __VA_ARGS__) |
#define nat_log_warn | ( | ... | ) | vlib_log(VLIB_LOG_LEVEL_WARNING, snat_main.log_class, __VA_ARGS__) |
#define snat_is_session_static | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_STATIC_MAPPING) |
#define snat_is_unk_proto_session | ( | s | ) | (s->flags & SNAT_SESSION_FLAG_UNKNOWN_PROTO) |
typedef int() nat_alloc_out_addr_and_port_function_t(snat_address_t *addresses, u32 fib_index, u32 thread_index, snat_session_key_t *k, u16 port_per_thread, u32 snat_thread_index) |
typedef enum nat_config_flags_t_ nat_config_flags_t |
typedef enum nat_log_level_t_ nat_log_level_t |
typedef u32() snat_get_worker_in2out_function_t(ip4_header_t *ip, u32 rx_fib_index, u8 is_output) |
typedef u32() snat_get_worker_out2in_function_t(vlib_buffer_t *b, ip4_header_t *ip, u32 rx_fib_index, u8 is_output) |
typedef u32() snat_icmp_match_function_t(struct snat_main_s *sm, vlib_node_runtime_t *node, u32 thread_index, vlib_buffer_t *b0, ip4_header_t *ip0, u8 *p_proto, snat_session_key_t *p_value, u8 *p_dont_translate, void *d, void *e) |
typedef struct snat_main_s snat_main_t |
enum lb_nat_type_t |
enum nat_config_flags_t_ |
enum nat_log_level_t_ |
enum nat_next_t |
enum snat_protocol_t |
enum snat_session_state_t |
enum twice_nat_type_t |
typedef CLIB_PACKED | ( | struct { snat_session_key_t out2in;snat_session_key_t in2out;u32 flags;u32 per_user_index;u32 per_user_list_head_index;f64 last_heard;f64 ha_last_refreshed;u64 total_bytes;u32 total_pkts;ip4_address_t ext_host_addr;u16 ext_host_port;ip4_address_t ext_host_nat_addr;u16 ext_host_nat_port;u8 state;u32 i2o_fin_seq;u32 o2i_fin_seq;u32 user_index;} | ) |
u32 icmp_in2out | ( | snat_main_t * | sm, |
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
icmp46_header_t * | icmp0, | ||
u32 | sw_if_index0, | ||
u32 | rx_fib_index0, | ||
vlib_node_runtime_t * | node, | ||
u32 | next0, | ||
u32 | thread_index, | ||
void * | d, | ||
void * | e | ||
) |
u32 icmp_match_in2out_det | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Get address and port values to be used for ICMP packet translation and create session if needed.
[in,out] | sm | NAT main |
[in,out] | node | NAT node runtime |
[in] | thread_index | thread index |
[in,out] | b0 | buffer containing packet to be translated |
[out] | p_proto | protocol used for matching |
[out] | p_value | address and port after NAT translation |
[out] | p_dont_translate | if packet should not be translated |
d | optional parameter | |
e | optional parameter |
Definition at line 95 of file nat_det_in2out.c.
u32 icmp_match_in2out_ed | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Definition at line 513 of file in2out_ed.c.
u32 icmp_match_in2out_fast | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Get address and port values to be used for ICMP packet translation.
[in] | sm | NAT main |
[in,out] | node | NAT node runtime |
[in] | thread_index | thread index |
[in,out] | b0 | buffer containing packet to be translated |
[out] | p_proto | protocol used for matching |
[out] | p_value | address and port after NAT translation |
[out] | p_dont_translate | if packet should not be translated |
d | optional parameter | |
e | optional parameter |
Definition at line 582 of file in2out.c.
u32 icmp_match_in2out_slow | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Get address and port values to be used for ICMP packet translation and create session if needed.
[in,out] | sm | NAT main |
[in,out] | node | NAT node runtime |
[in] | thread_index | thread index |
[in,out] | b0 | buffer containing packet to be translated |
[out] | p_proto | protocol used for matching |
[out] | p_value | address and port after NAT translation |
[out] | p_dont_translate | if packet should not be translated |
d | optional parameter | |
e | optional parameter |
Definition at line 459 of file in2out.c.
u32 icmp_match_out2in_det | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Get address and port values to be used for ICMP packet translation and create session if needed.
[in,out] | sm | NAT main |
[in,out] | node | NAT node runtime |
[in] | thread_index | thread index |
[in,out] | b0 | buffer containing packet to be translated |
[out] | p_proto | protocol used for matching |
[out] | p_value | address and port after NAT translation |
[out] | p_dont_translate | if packet should not be translated |
d | optional parameter | |
e | optional parameter |
Definition at line 95 of file nat_det_out2in.c.
u32 icmp_match_out2in_ed | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Definition at line 441 of file out2in_ed.c.
u32 icmp_match_out2in_fast | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Get address and port values to be used for ICMP packet translation.
[in] | sm | NAT main |
[in,out] | node | NAT node runtime |
[in] | thread_index | thread index |
[in,out] | b0 | buffer containing packet to be translated |
[out] | p_proto | protocol used for matching |
[out] | p_value | address and port after NAT translation |
[out] | p_dont_translate | if packet should not be translated |
d | optional parameter | |
e | optional parameter |
Definition at line 462 of file out2in.c.
u32 icmp_match_out2in_slow | ( | snat_main_t * | sm, |
vlib_node_runtime_t * | node, | ||
u32 | thread_index, | ||
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u8 * | p_proto, | ||
snat_session_key_t * | p_value, | ||
u8 * | p_dont_translate, | ||
void * | d, | ||
void * | e | ||
) |
Get address and port values to be used for ICMP packet translation and create session if needed.
[in,out] | sm | NAT main |
[in,out] | node | NAT node runtime |
[in] | thread_index | thread index |
[in,out] | b0 | buffer containing packet to be translated |
[out] | p_proto | protocol used for matching |
[out] | p_value | address and port after NAT translation |
[out] | p_dont_translate | if packet should not be translated |
d | optional parameter | |
e | optional parameter |
Definition at line 328 of file out2in.c.
u32 icmp_out2in | ( | snat_main_t * | sm, |
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
icmp46_header_t * | icmp0, | ||
u32 | sw_if_index0, | ||
u32 | rx_fib_index0, | ||
vlib_node_runtime_t * | node, | ||
u32 | next0, | ||
u32 | thread_index, | ||
void * | d, | ||
void * | e | ||
) |
void increment_v4_address | ( | ip4_address_t * | a | ) |
void nat44_add_del_address_dpo | ( | ip4_address_t | addr, |
u8 | is_add | ||
) |
int nat44_add_del_lb_static_mapping | ( | ip4_address_t | e_addr, |
u16 | e_port, | ||
snat_protocol_t | proto, | ||
nat44_lb_addr_port_t * | locals, | ||
u8 | is_add, | ||
twice_nat_type_t | twice_nat, | ||
u8 | out2in_only, | ||
u8 * | tag, | ||
u32 | affinity | ||
) |
Add/delete static mapping with load-balancing (multiple backends)
e_addr | external IPv4 address |
e_port | external port number |
proto | L4 protocol |
locals | list of local backends |
is_add | 1 = add, 0 = delete |
twice_nat | twice-nat mode |
out2in_only | if 1 rule match only out2in direction |
tag | opaque string tag |
affinity | 0 = disabled, otherwise client IP affinity sticky time |
Definition at line 1185 of file nat.c.
int nat44_del_ed_session | ( | snat_main_t * | sm, |
ip4_address_t * | addr, | ||
u16 | port, | ||
ip4_address_t * | eh_addr, | ||
u16 | eh_port, | ||
u8 | proto, | ||
u32 | vrf_id, | ||
int | is_in | ||
) |
Delete NAT44 endpoint-dependent session.
addr | IPv4 address |
port | L4 port number |
proto | L4 protocol |
vrf_id | VRF ID |
is_in | 1 = inside network address and port pair, 0 = outside |
Definition at line 4271 of file nat.c.
int nat44_del_session | ( | snat_main_t * | sm, |
ip4_address_t * | addr, | ||
u16 | port, | ||
snat_protocol_t | proto, | ||
u32 | vrf_id, | ||
int | is_in | ||
) |
Delete NAT44 session.
addr | IPv4 address |
port | L4 port number |
proto | L4 protocol |
vrf_id | VRF ID |
is_in | 1 = inside network address and port pair, 0 = outside |
Definition at line 4228 of file nat.c.
void nat44_ed_hairpinning_unknown_proto | ( | snat_main_t * | sm, |
vlib_buffer_t * | b, | ||
ip4_header_t * | ip | ||
) |
Definition at line 382 of file nat44_hairpinning.c.
int nat44_i2o_ed_is_idle_session_cb | ( | clib_bihash_kv_16_8_t * | kv, |
void * | arg | ||
) |
Definition at line 69 of file in2out_ed.c.
int nat44_i2o_is_idle_session_cb | ( | clib_bihash_kv_8_8_t * | kv, |
void * | arg | ||
) |
int nat44_lb_static_mapping_add_del_local | ( | ip4_address_t | e_addr, |
u16 | e_port, | ||
ip4_address_t | l_addr, | ||
u16 | l_port, | ||
snat_protocol_t | proto, | ||
u32 | vrf_id, | ||
u8 | probability, | ||
u8 | is_add | ||
) |
int nat44_o2i_ed_is_idle_session_cb | ( | clib_bihash_kv_16_8_t * | kv, |
void * | arg | ||
) |
Definition at line 91 of file out2in_ed.c.
int nat44_o2i_is_idle_session_cb | ( | clib_bihash_kv_8_8_t * | kv, |
void * | arg | ||
) |
void nat44_reass_hairpinning | ( | snat_main_t * | sm, |
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
u16 | sport, | ||
u16 | dport, | ||
u32 | proto0, | ||
int | is_ed | ||
) |
snat_session_t* nat_ed_session_alloc | ( | snat_main_t * | sm, |
snat_user_t * | u, | ||
u32 | thread_index, | ||
f64 | now | ||
) |
void nat_free_session_data | ( | snat_main_t * | sm, |
snat_session_t * | s, | ||
u32 | thread_index, | ||
u8 | is_ha | ||
) |
void nat_hairpinning_sm_unknown_proto | ( | snat_main_t * | sm, |
vlib_buffer_t * | b, | ||
ip4_header_t * | ip | ||
) |
Definition at line 355 of file nat44_hairpinning.c.
snat_session_t* nat_session_alloc_or_recycle | ( | snat_main_t * | sm, |
snat_user_t * | u, | ||
u32 | thread_index, | ||
f64 | now | ||
) |
void nat_set_alloc_addr_and_port_default | ( | void | ) |
snat_user_t* nat_user_get_or_create | ( | snat_main_t * | sm, |
ip4_address_t * | addr, | ||
u32 | fib_index, | ||
u32 | thread_index | ||
) |
int snat_add_address | ( | snat_main_t * | sm, |
ip4_address_t * | addr, | ||
u32 | vrf_id, | ||
u8 | twice_nat | ||
) |
Add external address to NAT44 pool.
addr | IPv4 address |
vrf_id | VRF id of tenant, ~0 means independent of VRF |
twice_nat | 1 if twice NAT address |
Definition at line 558 of file nat.c.
void snat_add_del_addr_to_fib | ( | ip4_address_t * | addr, |
u8 | p_len, | ||
u32 | sw_if_index, | ||
int | is_add | ||
) |
Add/del NAT address to FIB.
Add the external NAT address to the FIB as receive entries. This ensures that VPP will reply to ARP for this address and we don't need to enable proxy ARP on the outside interface.
addr | IPv4 address |
plen | address prefix length |
sw_if_index | software index of the outside interface |
is_add | 0 = delete, 1 = add. |
Definition at line 530 of file nat.c.
int snat_add_interface_address | ( | snat_main_t * | sm, |
u32 | sw_if_index, | ||
int | is_del, | ||
u8 | twice_nat | ||
) |
Add/delete NAT44 pool address from specific interfce.
sw_if_index | software index of the interface |
is_del | 1 = delete, 0 = add |
twice_nat | 1 = twice NAT address for extenal hosts |
Definition at line 4160 of file nat.c.
int snat_add_static_mapping | ( | ip4_address_t | l_addr, |
ip4_address_t | e_addr, | ||
u16 | l_port, | ||
u16 | e_port, | ||
u32 | vrf_id, | ||
int | addr_only, | ||
u32 | sw_if_index, | ||
snat_protocol_t | proto, | ||
int | is_add, | ||
twice_nat_type_t | twice_nat, | ||
u8 | out2in_only, | ||
u8 * | tag, | ||
u8 | identity_nat | ||
) |
Add/delete NAT44 static mapping.
l_addr | local IPv4 address |
e_addr | external IPv4 address |
l_port | local port number |
e_port | external port number |
vrf_id | local VRF ID |
addr_only | 1 = 1:1NAT, 0 = 1:1NAPT |
sw_if_index | use interface address as external IPv4 address |
proto | L4 protocol |
is_add | 1 = add, 0 = delete |
twice_nat | twice-nat mode |
out2in_only | if 1 rule match only out2in direction |
tag | opaque string tag |
identity_nat | identity NAT |
Definition at line 694 of file nat.c.
int snat_alloc_outside_address_and_port | ( | snat_address_t * | addresses, |
u32 | fib_index, | ||
u32 | thread_index, | ||
snat_session_key_t * | k, | ||
u16 | port_per_thread, | ||
u32 | snat_thread_index | ||
) |
Alloc outside address and port.
addresses | vector of outside addresses |
fib_index | FIB table index |
thread_index | thread index |
k | allocated address and port pair |
port_per_thread | number of ports per threead |
snat_thread_index | NAT thread index |
Definition at line 2763 of file nat.c.
clib_error_t* snat_api_init | ( | vlib_main_t * | vm, |
snat_main_t * | sm | ||
) |
int snat_del_address | ( | snat_main_t * | sm, |
ip4_address_t | addr, | ||
u8 | delete_sm, | ||
u8 | twice_nat | ||
) |
Delete external address from NAT44 pool.
addr | IPv4 address |
delete_sm | 1 if delete static mapping using address |
twice_nat | 1 if twice NAT address |
Definition at line 1646 of file nat.c.
void snat_free_outside_address_and_port | ( | snat_address_t * | addresses, |
u32 | thread_index, | ||
snat_session_key_t * | k | ||
) |
int snat_hairpinning | ( | snat_main_t * | sm, |
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
udp_header_t * | udp0, | ||
tcp_header_t * | tcp0, | ||
u32 | proto0, | ||
int | is_ed | ||
) |
Definition at line 89 of file nat44_hairpinning.c.
u32 snat_icmp_hairpinning | ( | snat_main_t * | sm, |
vlib_buffer_t * | b0, | ||
ip4_header_t * | ip0, | ||
icmp46_header_t * | icmp0, | ||
int | is_ed | ||
) |
Definition at line 198 of file nat44_hairpinning.c.
Enable/disable NAT44 feature on the interface.
sw_if_index | software index of the interface |
is_inside | 1 = inside, 0 = outside |
is_del | 1 = delete, 0 = add |
Definition at line 1760 of file nat.c.
Enable/disable NAT44 output feature on the interface (postrouting NAT)
sw_if_index | software index of the interface |
is_inside | 1 = inside, 0 = outside |
is_del | 1 = delete, 0 = add |
Definition at line 2025 of file nat.c.
int snat_set_workers | ( | uword * | bitmap | ) |
int snat_static_mapping_match | ( | snat_main_t * | sm, |
snat_session_key_t | match, | ||
snat_session_key_t * | mapping, | ||
u8 | by_external, | ||
u8 * | is_addr_only, | ||
twice_nat_type_t * | twice_nat, | ||
lb_nat_type_t * | lb, | ||
ip4_address_t * | ext_host_addr, | ||
u8 * | is_identity_nat | ||
) |
Match NAT44 static mapping.
match | address and port to match |
mapping | external/local address and port of the matched mapping |
by_external | if 0 match by local address otherwise match by external address |
is_addr_only | 1 if matched mapping is address only |
twice_nat | matched mapping is twice NAT type |
lb | 1 if matched mapping is load-balanced |
ext_host_addr | external host address |
Definition at line 2604 of file nat.c.
format_function_t format_det_map_ses |
format_function_t format_nat_addr_and_port_alloc_alg |
format_function_t format_snat_key |
format_function_t format_snat_protocol |
format_function_t format_snat_session |
format_function_t format_snat_static_map_to_resolve |
format_function_t format_snat_static_mapping |
format_function_t format_snat_user |
format_function_t format_static_mapping_key |
vlib_node_registration_t nat44_ed_hairpin_dst_node |
(constructor) VLIB_REGISTER_NODE (nat44_ed_hairpin_dst_node)
Definition at line 774 of file nat44_hairpinning.c.
vlib_node_registration_t nat44_ed_hairpin_src_node |
(constructor) VLIB_REGISTER_NODE (nat44_ed_hairpin_src_node)
Definition at line 898 of file nat44_hairpinning.c.
vlib_node_registration_t nat44_ed_in2out_node |
(constructor) VLIB_REGISTER_NODE (nat44_ed_in2out_node)
Definition at line 1727 of file in2out_ed.c.
vlib_node_registration_t nat44_ed_in2out_output_node |
(constructor) VLIB_REGISTER_NODE (nat44_ed_in2out_output_node)
Definition at line 1747 of file in2out_ed.c.
vlib_node_registration_t nat44_ed_in2out_output_worker_handoff_node |
vlib_node_registration_t nat44_ed_in2out_worker_handoff_node |
vlib_node_registration_t nat44_ed_out2in_node |
(constructor) VLIB_REGISTER_NODE (nat44_ed_out2in_node)
Definition at line 1644 of file out2in_ed.c.
vlib_node_registration_t nat44_ed_out2in_worker_handoff_node |
vlib_node_registration_t nat_default_node |
fib_source_t nat_fib_src_hi |
fib_source_t nat_fib_src_low |
vlib_node_registration_t nat_pre_in2out_node |
(constructor) VLIB_REGISTER_NODE (nat_pre_in2out_node)
Definition at line 1817 of file in2out_ed.c.
vlib_node_registration_t nat_pre_out2in_node |
(constructor) VLIB_REGISTER_NODE (nat_pre_out2in_node)
Definition at line 1694 of file out2in_ed.c.
vlib_node_registration_t snat_det_in2out_node |
(constructor) VLIB_REGISTER_NODE (snat_det_in2out_node)
Definition at line 890 of file nat_det_in2out.c.
vlib_node_registration_t snat_det_out2in_node |
(constructor) VLIB_REGISTER_NODE (snat_det_out2in_node)
Definition at line 700 of file nat_det_out2in.c.
vlib_node_registration_t snat_hairpin_dst_node |
(constructor) VLIB_REGISTER_NODE (snat_hairpin_dst_node)
Definition at line 752 of file nat44_hairpinning.c.
vlib_node_registration_t snat_hairpin_src_node |
(constructor) VLIB_REGISTER_NODE (snat_hairpin_src_node)
Definition at line 874 of file nat44_hairpinning.c.
vlib_node_registration_t snat_in2out_fast_node |
vlib_node_registration_t snat_in2out_node |
vlib_node_registration_t snat_in2out_output_node |
vlib_node_registration_t snat_in2out_output_worker_handoff_node |
(constructor) VLIB_REGISTER_NODE (snat_in2out_output_worker_handoff_node)
Definition at line 295 of file nat44_handoff.c.
vlib_node_registration_t snat_in2out_worker_handoff_node |
(constructor) VLIB_REGISTER_NODE (snat_in2out_worker_handoff_node)
Definition at line 275 of file nat44_handoff.c.
snat_main_t snat_main |
vlib_node_registration_t snat_out2in_fast_node |
vlib_node_registration_t snat_out2in_node |
vlib_node_registration_t snat_out2in_worker_handoff_node |
(constructor) VLIB_REGISTER_NODE (snat_out2in_worker_handoff_node)
Definition at line 314 of file nat44_handoff.c.
unformat_function_t unformat_snat_protocol |