From a769a747eabda2b45ec183e3e88d926606693f59 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Tue, 17 Dec 2019 23:52:14 +0100 Subject: [PATCH 1/9] NAT Interface and AddressPool API changes Signed-off-by: Rastislav Szabo --- plugins/configurator/dump.go | 42 ++- plugins/restapi/handlers.go | 16 +- plugins/restapi/resturl/urls.go | 4 + .../descriptor/adapter/nat44addresspool.go | 233 ++++++++++++++++ ...{nat44address.go => nat44globaladdress.go} | 72 ++--- .../adapter/nat44globalinterface.go | 233 ++++++++++++++++ .../descriptor/adapter/nat44interface.go | 22 +- .../vpp/natplugin/descriptor/nat44_global.go | 29 +- ...t44_address.go => nat44_global_address.go} | 42 +-- .../descriptor/nat44_global_interface.go | 101 +++++++ .../natplugin/descriptor/nat44_interface.go | 110 +++++--- plugins/vpp/natplugin/natplugin.go | 18 +- .../vpp/natplugin/vppcalls/nat_vppcalls.go | 7 +- .../vppcalls/vpp1904/dump_nat_vppcalls.go | 96 +++++-- .../vpp1904/dump_nat_vppcalls_test.go | 30 +- .../vppcalls/vpp1908/dump_nat_vppcalls.go | 98 +++++-- .../vpp1908/dump_nat_vppcalls_test.go | 30 +- .../vppcalls/vpp2001/dump_nat_vppcalls.go | 98 +++++-- .../vpp2001/dump_nat_vppcalls_test.go | 30 +- .../vppcalls/vpp2001_324/dump_nat_vppcalls.go | 98 +++++-- .../vpp2001_324/dump_nat_vppcalls_test.go | 30 +- proto/ligato/vpp/nat/models.go | 44 ++- proto/ligato/vpp/nat/models_test.go | 8 +- proto/ligato/vpp/nat/nat.pb.go | 257 ++++++++++++++---- proto/ligato/vpp/nat/nat.proto | 27 +- proto/ligato/vpp/vpp.pb.go | 127 +++++---- proto/ligato/vpp/vpp.proto | 2 + 27 files changed, 1530 insertions(+), 374 deletions(-) create mode 100644 plugins/vpp/natplugin/descriptor/adapter/nat44addresspool.go rename plugins/vpp/natplugin/descriptor/adapter/{nat44address.go => nat44globaladdress.go} (63%) create mode 100644 plugins/vpp/natplugin/descriptor/adapter/nat44globalinterface.go rename plugins/vpp/natplugin/descriptor/{nat44_address.go => nat44_global_address.go} (59%) create mode 100644 plugins/vpp/natplugin/descriptor/nat44_global_interface.go diff --git a/plugins/configurator/dump.go b/plugins/configurator/dump.go index 43c56affbb..9a671f2632 100644 --- a/plugins/configurator/dump.go +++ b/plugins/configurator/dump.go @@ -137,6 +137,16 @@ func (svc *dumpService) Dump(ctx context.Context, req *rpc.DumpRequest) (*rpc.Du svc.log.Errorf("DumpDNAT44s failed: %v", err) return nil, err } + dump.VppConfig.Nat44Interfaces, err = svc.DumpNAT44Interfaces() + if err != nil { + svc.log.Errorf("DumpNAT44Interfaces failed: %v", err) + return nil, err + } + dump.VppConfig.Nat44Pools, err = svc.DumpNAT44AddressPools() + if err != nil { + svc.log.Errorf("DumpNAT44AddressPools failed: %v", err) + return nil, err + } dump.VppConfig.PuntTohosts, err = svc.DumpPunt() if err != nil { svc.log.Errorf("DumpPunt failed: %v", err) @@ -356,14 +366,14 @@ func (svc *dumpService) DumpABFs() (abfs []*vpp_abf.ABF, err error) { return abfs, nil } -// DumpNAT44GLobal dumps NAT44Global +// DumpNAT44Global dumps NAT44Global func (svc *dumpService) DumpNAT44Global() (glob *vpp_nat.Nat44Global, err error) { if svc.natHandler == nil { // handler is not available return nil, nil } - glob, err = svc.natHandler.Nat44GlobalConfigDump() + glob, err = svc.natHandler.Nat44GlobalConfigDump(false) if err != nil { return nil, err } @@ -384,6 +394,34 @@ func (svc *dumpService) DumpDNAT44s() (dnats []*vpp_nat.DNat44, err error) { return dnats, nil } +// DumpNAT44Interfaces dumps NAT44Interfaces +func (svc *dumpService) DumpNAT44Interfaces() (natIfs []*vpp_nat.Nat44Interface, err error) { + if svc.natHandler == nil { + // handler is not available + return nil, nil + } + + natIfs, err = svc.natHandler.Nat44Nat44InterfacesDump() + if err != nil { + return nil, err + } + return natIfs, nil +} + +// DumpNAT44AddressPools dumps NAT44AddressPools +func (svc *dumpService) DumpNAT44AddressPools() (natPools []*vpp_nat.Nat44AddressPool, err error) { + if svc.natHandler == nil { + // handler is not available + return nil, nil + } + + natPools, err = svc.natHandler.Nat44AddressPoolsDump() + if err != nil { + return nil, err + } + return natPools, nil +} + // DumpPunt reads VPP Punt socket registrations and returns them as an *PuntResponse. func (svc *dumpService) DumpPunt() (punts []*vpp_punt.ToHost, err error) { if svc.puntHandler == nil { diff --git a/plugins/restapi/handlers.go b/plugins/restapi/handlers.go index 6dd2b652fb..babf16fcb5 100644 --- a/plugins/restapi/handlers.go +++ b/plugins/restapi/handlers.go @@ -105,7 +105,7 @@ func (p *Plugin) registerNATHandlers() { if p.natHandler == nil { return nil, ErrHandlerUnavailable } - return p.natHandler.Nat44GlobalConfigDump() + return p.natHandler.Nat44GlobalConfigDump(false) }) // GET DNAT config p.registerHTTPHandler(resturl.NatDNat, GET, func() (interface{}, error) { @@ -114,6 +114,20 @@ func (p *Plugin) registerNATHandlers() { } return p.natHandler.DNat44Dump() }) + // GET NAT interfaces + p.registerHTTPHandler(resturl.NatInterfaces, GET, func() (interface{}, error) { + if p.natHandler == nil { + return nil, ErrHandlerUnavailable + } + return p.natHandler.Nat44Nat44InterfacesDump() + }) + // GET NAT address pools + p.registerHTTPHandler(resturl.NatAddressPools, GET, func() (interface{}, error) { + if p.natHandler == nil { + return nil, ErrHandlerUnavailable + } + return p.natHandler.Nat44AddressPoolsDump() + }) } // Registers L2 plugin REST handlers diff --git a/plugins/restapi/resturl/urls.go b/plugins/restapi/resturl/urls.go index f213f28956..f9b40f6938 100644 --- a/plugins/restapi/resturl/urls.go +++ b/plugins/restapi/resturl/urls.go @@ -68,6 +68,10 @@ const ( NatGlobal = "/dump/vpp/v2/nat/global" // NatDNat is a REST path of a DNAT configurations NatDNat = "/dump/vpp/v2/nat/dnat" + // NatInterfaces is a REST path of NAT interfaces config + NatInterfaces = "/dump/vpp/v2/nat/interfaces" + // NatAddressPools is a REST path of NAT address pools config + NatAddressPools = "/dump/vpp/v2/nat/pools" ) // L2 plugin diff --git a/plugins/vpp/natplugin/descriptor/adapter/nat44addresspool.go b/plugins/vpp/natplugin/descriptor/adapter/nat44addresspool.go new file mode 100644 index 0000000000..07a59e6087 --- /dev/null +++ b/plugins/vpp/natplugin/descriptor/adapter/nat44addresspool.go @@ -0,0 +1,233 @@ +// Code generated by adapter-generator. DO NOT EDIT. + +package adapter + +import ( + "github.com/golang/protobuf/proto" + . "go.ligato.io/vpp-agent/v2/plugins/kvscheduler/api" + "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" +) + +////////// type-safe key-value pair with metadata ////////// + +type NAT44AddressPoolKVWithMetadata struct { + Key string + Value *vpp_nat.Nat44AddressPool + Metadata interface{} + Origin ValueOrigin +} + +////////// type-safe Descriptor structure ////////// + +type NAT44AddressPoolDescriptor struct { + Name string + KeySelector KeySelector + ValueTypeName string + KeyLabel func(key string) string + ValueComparator func(key string, oldValue, newValue *vpp_nat.Nat44AddressPool) bool + NBKeyPrefix string + WithMetadata bool + MetadataMapFactory MetadataMapFactory + Validate func(key string, value *vpp_nat.Nat44AddressPool) error + Create func(key string, value *vpp_nat.Nat44AddressPool) (metadata interface{}, err error) + Delete func(key string, value *vpp_nat.Nat44AddressPool, metadata interface{}) error + Update func(key string, oldValue, newValue *vpp_nat.Nat44AddressPool, oldMetadata interface{}) (newMetadata interface{}, err error) + UpdateWithRecreate func(key string, oldValue, newValue *vpp_nat.Nat44AddressPool, metadata interface{}) bool + Retrieve func(correlate []NAT44AddressPoolKVWithMetadata) ([]NAT44AddressPoolKVWithMetadata, error) + IsRetriableFailure func(err error) bool + DerivedValues func(key string, value *vpp_nat.Nat44AddressPool) []KeyValuePair + Dependencies func(key string, value *vpp_nat.Nat44AddressPool) []Dependency + RetrieveDependencies []string /* descriptor name */ +} + +////////// Descriptor adapter ////////// + +type NAT44AddressPoolDescriptorAdapter struct { + descriptor *NAT44AddressPoolDescriptor +} + +func NewNAT44AddressPoolDescriptor(typedDescriptor *NAT44AddressPoolDescriptor) *KVDescriptor { + adapter := &NAT44AddressPoolDescriptorAdapter{descriptor: typedDescriptor} + descriptor := &KVDescriptor{ + Name: typedDescriptor.Name, + KeySelector: typedDescriptor.KeySelector, + ValueTypeName: typedDescriptor.ValueTypeName, + KeyLabel: typedDescriptor.KeyLabel, + NBKeyPrefix: typedDescriptor.NBKeyPrefix, + WithMetadata: typedDescriptor.WithMetadata, + MetadataMapFactory: typedDescriptor.MetadataMapFactory, + IsRetriableFailure: typedDescriptor.IsRetriableFailure, + RetrieveDependencies: typedDescriptor.RetrieveDependencies, + } + if typedDescriptor.ValueComparator != nil { + descriptor.ValueComparator = adapter.ValueComparator + } + if typedDescriptor.Validate != nil { + descriptor.Validate = adapter.Validate + } + if typedDescriptor.Create != nil { + descriptor.Create = adapter.Create + } + if typedDescriptor.Delete != nil { + descriptor.Delete = adapter.Delete + } + if typedDescriptor.Update != nil { + descriptor.Update = adapter.Update + } + if typedDescriptor.UpdateWithRecreate != nil { + descriptor.UpdateWithRecreate = adapter.UpdateWithRecreate + } + if typedDescriptor.Retrieve != nil { + descriptor.Retrieve = adapter.Retrieve + } + if typedDescriptor.Dependencies != nil { + descriptor.Dependencies = adapter.Dependencies + } + if typedDescriptor.DerivedValues != nil { + descriptor.DerivedValues = adapter.DerivedValues + } + return descriptor +} + +func (da *NAT44AddressPoolDescriptorAdapter) ValueComparator(key string, oldValue, newValue proto.Message) bool { + typedOldValue, err1 := castNAT44AddressPoolValue(key, oldValue) + typedNewValue, err2 := castNAT44AddressPoolValue(key, newValue) + if err1 != nil || err2 != nil { + return false + } + return da.descriptor.ValueComparator(key, typedOldValue, typedNewValue) +} + +func (da *NAT44AddressPoolDescriptorAdapter) Validate(key string, value proto.Message) (err error) { + typedValue, err := castNAT44AddressPoolValue(key, value) + if err != nil { + return err + } + return da.descriptor.Validate(key, typedValue) +} + +func (da *NAT44AddressPoolDescriptorAdapter) Create(key string, value proto.Message) (metadata Metadata, err error) { + typedValue, err := castNAT44AddressPoolValue(key, value) + if err != nil { + return nil, err + } + return da.descriptor.Create(key, typedValue) +} + +func (da *NAT44AddressPoolDescriptorAdapter) Update(key string, oldValue, newValue proto.Message, oldMetadata Metadata) (newMetadata Metadata, err error) { + oldTypedValue, err := castNAT44AddressPoolValue(key, oldValue) + if err != nil { + return nil, err + } + newTypedValue, err := castNAT44AddressPoolValue(key, newValue) + if err != nil { + return nil, err + } + typedOldMetadata, err := castNAT44AddressPoolMetadata(key, oldMetadata) + if err != nil { + return nil, err + } + return da.descriptor.Update(key, oldTypedValue, newTypedValue, typedOldMetadata) +} + +func (da *NAT44AddressPoolDescriptorAdapter) Delete(key string, value proto.Message, metadata Metadata) error { + typedValue, err := castNAT44AddressPoolValue(key, value) + if err != nil { + return err + } + typedMetadata, err := castNAT44AddressPoolMetadata(key, metadata) + if err != nil { + return err + } + return da.descriptor.Delete(key, typedValue, typedMetadata) +} + +func (da *NAT44AddressPoolDescriptorAdapter) UpdateWithRecreate(key string, oldValue, newValue proto.Message, metadata Metadata) bool { + oldTypedValue, err := castNAT44AddressPoolValue(key, oldValue) + if err != nil { + return true + } + newTypedValue, err := castNAT44AddressPoolValue(key, newValue) + if err != nil { + return true + } + typedMetadata, err := castNAT44AddressPoolMetadata(key, metadata) + if err != nil { + return true + } + return da.descriptor.UpdateWithRecreate(key, oldTypedValue, newTypedValue, typedMetadata) +} + +func (da *NAT44AddressPoolDescriptorAdapter) Retrieve(correlate []KVWithMetadata) ([]KVWithMetadata, error) { + var correlateWithType []NAT44AddressPoolKVWithMetadata + for _, kvpair := range correlate { + typedValue, err := castNAT44AddressPoolValue(kvpair.Key, kvpair.Value) + if err != nil { + continue + } + typedMetadata, err := castNAT44AddressPoolMetadata(kvpair.Key, kvpair.Metadata) + if err != nil { + continue + } + correlateWithType = append(correlateWithType, + NAT44AddressPoolKVWithMetadata{ + Key: kvpair.Key, + Value: typedValue, + Metadata: typedMetadata, + Origin: kvpair.Origin, + }) + } + + typedValues, err := da.descriptor.Retrieve(correlateWithType) + if err != nil { + return nil, err + } + var values []KVWithMetadata + for _, typedKVWithMetadata := range typedValues { + kvWithMetadata := KVWithMetadata{ + Key: typedKVWithMetadata.Key, + Metadata: typedKVWithMetadata.Metadata, + Origin: typedKVWithMetadata.Origin, + } + kvWithMetadata.Value = typedKVWithMetadata.Value + values = append(values, kvWithMetadata) + } + return values, err +} + +func (da *NAT44AddressPoolDescriptorAdapter) DerivedValues(key string, value proto.Message) []KeyValuePair { + typedValue, err := castNAT44AddressPoolValue(key, value) + if err != nil { + return nil + } + return da.descriptor.DerivedValues(key, typedValue) +} + +func (da *NAT44AddressPoolDescriptorAdapter) Dependencies(key string, value proto.Message) []Dependency { + typedValue, err := castNAT44AddressPoolValue(key, value) + if err != nil { + return nil + } + return da.descriptor.Dependencies(key, typedValue) +} + +////////// Helper methods ////////// + +func castNAT44AddressPoolValue(key string, value proto.Message) (*vpp_nat.Nat44AddressPool, error) { + typedValue, ok := value.(*vpp_nat.Nat44AddressPool) + if !ok { + return nil, ErrInvalidValueType(key, value) + } + return typedValue, nil +} + +func castNAT44AddressPoolMetadata(key string, metadata Metadata) (interface{}, error) { + if metadata == nil { + return nil, nil + } + typedMetadata, ok := metadata.(interface{}) + if !ok { + return nil, ErrInvalidMetadataType(key) + } + return typedMetadata, nil +} diff --git a/plugins/vpp/natplugin/descriptor/adapter/nat44address.go b/plugins/vpp/natplugin/descriptor/adapter/nat44globaladdress.go similarity index 63% rename from plugins/vpp/natplugin/descriptor/adapter/nat44address.go rename to plugins/vpp/natplugin/descriptor/adapter/nat44globaladdress.go index 84fcd96ffd..ac25f3f4dc 100644 --- a/plugins/vpp/natplugin/descriptor/adapter/nat44address.go +++ b/plugins/vpp/natplugin/descriptor/adapter/nat44globaladdress.go @@ -10,7 +10,7 @@ import ( ////////// type-safe key-value pair with metadata ////////// -type NAT44AddressKVWithMetadata struct { +type NAT44GlobalAddressKVWithMetadata struct { Key string Value *vpp_nat.Nat44Global_Address Metadata interface{} @@ -19,7 +19,7 @@ type NAT44AddressKVWithMetadata struct { ////////// type-safe Descriptor structure ////////// -type NAT44AddressDescriptor struct { +type NAT44GlobalAddressDescriptor struct { Name string KeySelector KeySelector ValueTypeName string @@ -33,7 +33,7 @@ type NAT44AddressDescriptor struct { Delete func(key string, value *vpp_nat.Nat44Global_Address, metadata interface{}) error Update func(key string, oldValue, newValue *vpp_nat.Nat44Global_Address, oldMetadata interface{}) (newMetadata interface{}, err error) UpdateWithRecreate func(key string, oldValue, newValue *vpp_nat.Nat44Global_Address, metadata interface{}) bool - Retrieve func(correlate []NAT44AddressKVWithMetadata) ([]NAT44AddressKVWithMetadata, error) + Retrieve func(correlate []NAT44GlobalAddressKVWithMetadata) ([]NAT44GlobalAddressKVWithMetadata, error) IsRetriableFailure func(err error) bool DerivedValues func(key string, value *vpp_nat.Nat44Global_Address) []KeyValuePair Dependencies func(key string, value *vpp_nat.Nat44Global_Address) []Dependency @@ -42,12 +42,12 @@ type NAT44AddressDescriptor struct { ////////// Descriptor adapter ////////// -type NAT44AddressDescriptorAdapter struct { - descriptor *NAT44AddressDescriptor +type NAT44GlobalAddressDescriptorAdapter struct { + descriptor *NAT44GlobalAddressDescriptor } -func NewNAT44AddressDescriptor(typedDescriptor *NAT44AddressDescriptor) *KVDescriptor { - adapter := &NAT44AddressDescriptorAdapter{descriptor: typedDescriptor} +func NewNAT44GlobalAddressDescriptor(typedDescriptor *NAT44GlobalAddressDescriptor) *KVDescriptor { + adapter := &NAT44GlobalAddressDescriptorAdapter{descriptor: typedDescriptor} descriptor := &KVDescriptor{ Name: typedDescriptor.Name, KeySelector: typedDescriptor.KeySelector, @@ -89,88 +89,88 @@ func NewNAT44AddressDescriptor(typedDescriptor *NAT44AddressDescriptor) *KVDescr return descriptor } -func (da *NAT44AddressDescriptorAdapter) ValueComparator(key string, oldValue, newValue proto.Message) bool { - typedOldValue, err1 := castNAT44AddressValue(key, oldValue) - typedNewValue, err2 := castNAT44AddressValue(key, newValue) +func (da *NAT44GlobalAddressDescriptorAdapter) ValueComparator(key string, oldValue, newValue proto.Message) bool { + typedOldValue, err1 := castNAT44GlobalAddressValue(key, oldValue) + typedNewValue, err2 := castNAT44GlobalAddressValue(key, newValue) if err1 != nil || err2 != nil { return false } return da.descriptor.ValueComparator(key, typedOldValue, typedNewValue) } -func (da *NAT44AddressDescriptorAdapter) Validate(key string, value proto.Message) (err error) { - typedValue, err := castNAT44AddressValue(key, value) +func (da *NAT44GlobalAddressDescriptorAdapter) Validate(key string, value proto.Message) (err error) { + typedValue, err := castNAT44GlobalAddressValue(key, value) if err != nil { return err } return da.descriptor.Validate(key, typedValue) } -func (da *NAT44AddressDescriptorAdapter) Create(key string, value proto.Message) (metadata Metadata, err error) { - typedValue, err := castNAT44AddressValue(key, value) +func (da *NAT44GlobalAddressDescriptorAdapter) Create(key string, value proto.Message) (metadata Metadata, err error) { + typedValue, err := castNAT44GlobalAddressValue(key, value) if err != nil { return nil, err } return da.descriptor.Create(key, typedValue) } -func (da *NAT44AddressDescriptorAdapter) Update(key string, oldValue, newValue proto.Message, oldMetadata Metadata) (newMetadata Metadata, err error) { - oldTypedValue, err := castNAT44AddressValue(key, oldValue) +func (da *NAT44GlobalAddressDescriptorAdapter) Update(key string, oldValue, newValue proto.Message, oldMetadata Metadata) (newMetadata Metadata, err error) { + oldTypedValue, err := castNAT44GlobalAddressValue(key, oldValue) if err != nil { return nil, err } - newTypedValue, err := castNAT44AddressValue(key, newValue) + newTypedValue, err := castNAT44GlobalAddressValue(key, newValue) if err != nil { return nil, err } - typedOldMetadata, err := castNAT44AddressMetadata(key, oldMetadata) + typedOldMetadata, err := castNAT44GlobalAddressMetadata(key, oldMetadata) if err != nil { return nil, err } return da.descriptor.Update(key, oldTypedValue, newTypedValue, typedOldMetadata) } -func (da *NAT44AddressDescriptorAdapter) Delete(key string, value proto.Message, metadata Metadata) error { - typedValue, err := castNAT44AddressValue(key, value) +func (da *NAT44GlobalAddressDescriptorAdapter) Delete(key string, value proto.Message, metadata Metadata) error { + typedValue, err := castNAT44GlobalAddressValue(key, value) if err != nil { return err } - typedMetadata, err := castNAT44AddressMetadata(key, metadata) + typedMetadata, err := castNAT44GlobalAddressMetadata(key, metadata) if err != nil { return err } return da.descriptor.Delete(key, typedValue, typedMetadata) } -func (da *NAT44AddressDescriptorAdapter) UpdateWithRecreate(key string, oldValue, newValue proto.Message, metadata Metadata) bool { - oldTypedValue, err := castNAT44AddressValue(key, oldValue) +func (da *NAT44GlobalAddressDescriptorAdapter) UpdateWithRecreate(key string, oldValue, newValue proto.Message, metadata Metadata) bool { + oldTypedValue, err := castNAT44GlobalAddressValue(key, oldValue) if err != nil { return true } - newTypedValue, err := castNAT44AddressValue(key, newValue) + newTypedValue, err := castNAT44GlobalAddressValue(key, newValue) if err != nil { return true } - typedMetadata, err := castNAT44AddressMetadata(key, metadata) + typedMetadata, err := castNAT44GlobalAddressMetadata(key, metadata) if err != nil { return true } return da.descriptor.UpdateWithRecreate(key, oldTypedValue, newTypedValue, typedMetadata) } -func (da *NAT44AddressDescriptorAdapter) Retrieve(correlate []KVWithMetadata) ([]KVWithMetadata, error) { - var correlateWithType []NAT44AddressKVWithMetadata +func (da *NAT44GlobalAddressDescriptorAdapter) Retrieve(correlate []KVWithMetadata) ([]KVWithMetadata, error) { + var correlateWithType []NAT44GlobalAddressKVWithMetadata for _, kvpair := range correlate { - typedValue, err := castNAT44AddressValue(kvpair.Key, kvpair.Value) + typedValue, err := castNAT44GlobalAddressValue(kvpair.Key, kvpair.Value) if err != nil { continue } - typedMetadata, err := castNAT44AddressMetadata(kvpair.Key, kvpair.Metadata) + typedMetadata, err := castNAT44GlobalAddressMetadata(kvpair.Key, kvpair.Metadata) if err != nil { continue } correlateWithType = append(correlateWithType, - NAT44AddressKVWithMetadata{ + NAT44GlobalAddressKVWithMetadata{ Key: kvpair.Key, Value: typedValue, Metadata: typedMetadata, @@ -195,16 +195,16 @@ func (da *NAT44AddressDescriptorAdapter) Retrieve(correlate []KVWithMetadata) ([ return values, err } -func (da *NAT44AddressDescriptorAdapter) DerivedValues(key string, value proto.Message) []KeyValuePair { - typedValue, err := castNAT44AddressValue(key, value) +func (da *NAT44GlobalAddressDescriptorAdapter) DerivedValues(key string, value proto.Message) []KeyValuePair { + typedValue, err := castNAT44GlobalAddressValue(key, value) if err != nil { return nil } return da.descriptor.DerivedValues(key, typedValue) } -func (da *NAT44AddressDescriptorAdapter) Dependencies(key string, value proto.Message) []Dependency { - typedValue, err := castNAT44AddressValue(key, value) +func (da *NAT44GlobalAddressDescriptorAdapter) Dependencies(key string, value proto.Message) []Dependency { + typedValue, err := castNAT44GlobalAddressValue(key, value) if err != nil { return nil } @@ -213,7 +213,7 @@ func (da *NAT44AddressDescriptorAdapter) Dependencies(key string, value proto.Me ////////// Helper methods ////////// -func castNAT44AddressValue(key string, value proto.Message) (*vpp_nat.Nat44Global_Address, error) { +func castNAT44GlobalAddressValue(key string, value proto.Message) (*vpp_nat.Nat44Global_Address, error) { typedValue, ok := value.(*vpp_nat.Nat44Global_Address) if !ok { return nil, ErrInvalidValueType(key, value) @@ -221,7 +221,7 @@ func castNAT44AddressValue(key string, value proto.Message) (*vpp_nat.Nat44Globa return typedValue, nil } -func castNAT44AddressMetadata(key string, metadata Metadata) (interface{}, error) { +func castNAT44GlobalAddressMetadata(key string, metadata Metadata) (interface{}, error) { if metadata == nil { return nil, nil } diff --git a/plugins/vpp/natplugin/descriptor/adapter/nat44globalinterface.go b/plugins/vpp/natplugin/descriptor/adapter/nat44globalinterface.go new file mode 100644 index 0000000000..fc14b00231 --- /dev/null +++ b/plugins/vpp/natplugin/descriptor/adapter/nat44globalinterface.go @@ -0,0 +1,233 @@ +// Code generated by adapter-generator. DO NOT EDIT. + +package adapter + +import ( + "github.com/golang/protobuf/proto" + . "go.ligato.io/vpp-agent/v2/plugins/kvscheduler/api" + "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" +) + +////////// type-safe key-value pair with metadata ////////// + +type NAT44GlobalInterfaceKVWithMetadata struct { + Key string + Value *vpp_nat.Nat44Global_Interface + Metadata interface{} + Origin ValueOrigin +} + +////////// type-safe Descriptor structure ////////// + +type NAT44GlobalInterfaceDescriptor struct { + Name string + KeySelector KeySelector + ValueTypeName string + KeyLabel func(key string) string + ValueComparator func(key string, oldValue, newValue *vpp_nat.Nat44Global_Interface) bool + NBKeyPrefix string + WithMetadata bool + MetadataMapFactory MetadataMapFactory + Validate func(key string, value *vpp_nat.Nat44Global_Interface) error + Create func(key string, value *vpp_nat.Nat44Global_Interface) (metadata interface{}, err error) + Delete func(key string, value *vpp_nat.Nat44Global_Interface, metadata interface{}) error + Update func(key string, oldValue, newValue *vpp_nat.Nat44Global_Interface, oldMetadata interface{}) (newMetadata interface{}, err error) + UpdateWithRecreate func(key string, oldValue, newValue *vpp_nat.Nat44Global_Interface, metadata interface{}) bool + Retrieve func(correlate []NAT44GlobalInterfaceKVWithMetadata) ([]NAT44GlobalInterfaceKVWithMetadata, error) + IsRetriableFailure func(err error) bool + DerivedValues func(key string, value *vpp_nat.Nat44Global_Interface) []KeyValuePair + Dependencies func(key string, value *vpp_nat.Nat44Global_Interface) []Dependency + RetrieveDependencies []string /* descriptor name */ +} + +////////// Descriptor adapter ////////// + +type NAT44GlobalInterfaceDescriptorAdapter struct { + descriptor *NAT44GlobalInterfaceDescriptor +} + +func NewNAT44GlobalInterfaceDescriptor(typedDescriptor *NAT44GlobalInterfaceDescriptor) *KVDescriptor { + adapter := &NAT44GlobalInterfaceDescriptorAdapter{descriptor: typedDescriptor} + descriptor := &KVDescriptor{ + Name: typedDescriptor.Name, + KeySelector: typedDescriptor.KeySelector, + ValueTypeName: typedDescriptor.ValueTypeName, + KeyLabel: typedDescriptor.KeyLabel, + NBKeyPrefix: typedDescriptor.NBKeyPrefix, + WithMetadata: typedDescriptor.WithMetadata, + MetadataMapFactory: typedDescriptor.MetadataMapFactory, + IsRetriableFailure: typedDescriptor.IsRetriableFailure, + RetrieveDependencies: typedDescriptor.RetrieveDependencies, + } + if typedDescriptor.ValueComparator != nil { + descriptor.ValueComparator = adapter.ValueComparator + } + if typedDescriptor.Validate != nil { + descriptor.Validate = adapter.Validate + } + if typedDescriptor.Create != nil { + descriptor.Create = adapter.Create + } + if typedDescriptor.Delete != nil { + descriptor.Delete = adapter.Delete + } + if typedDescriptor.Update != nil { + descriptor.Update = adapter.Update + } + if typedDescriptor.UpdateWithRecreate != nil { + descriptor.UpdateWithRecreate = adapter.UpdateWithRecreate + } + if typedDescriptor.Retrieve != nil { + descriptor.Retrieve = adapter.Retrieve + } + if typedDescriptor.Dependencies != nil { + descriptor.Dependencies = adapter.Dependencies + } + if typedDescriptor.DerivedValues != nil { + descriptor.DerivedValues = adapter.DerivedValues + } + return descriptor +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) ValueComparator(key string, oldValue, newValue proto.Message) bool { + typedOldValue, err1 := castNAT44GlobalInterfaceValue(key, oldValue) + typedNewValue, err2 := castNAT44GlobalInterfaceValue(key, newValue) + if err1 != nil || err2 != nil { + return false + } + return da.descriptor.ValueComparator(key, typedOldValue, typedNewValue) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) Validate(key string, value proto.Message) (err error) { + typedValue, err := castNAT44GlobalInterfaceValue(key, value) + if err != nil { + return err + } + return da.descriptor.Validate(key, typedValue) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) Create(key string, value proto.Message) (metadata Metadata, err error) { + typedValue, err := castNAT44GlobalInterfaceValue(key, value) + if err != nil { + return nil, err + } + return da.descriptor.Create(key, typedValue) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) Update(key string, oldValue, newValue proto.Message, oldMetadata Metadata) (newMetadata Metadata, err error) { + oldTypedValue, err := castNAT44GlobalInterfaceValue(key, oldValue) + if err != nil { + return nil, err + } + newTypedValue, err := castNAT44GlobalInterfaceValue(key, newValue) + if err != nil { + return nil, err + } + typedOldMetadata, err := castNAT44GlobalInterfaceMetadata(key, oldMetadata) + if err != nil { + return nil, err + } + return da.descriptor.Update(key, oldTypedValue, newTypedValue, typedOldMetadata) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) Delete(key string, value proto.Message, metadata Metadata) error { + typedValue, err := castNAT44GlobalInterfaceValue(key, value) + if err != nil { + return err + } + typedMetadata, err := castNAT44GlobalInterfaceMetadata(key, metadata) + if err != nil { + return err + } + return da.descriptor.Delete(key, typedValue, typedMetadata) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) UpdateWithRecreate(key string, oldValue, newValue proto.Message, metadata Metadata) bool { + oldTypedValue, err := castNAT44GlobalInterfaceValue(key, oldValue) + if err != nil { + return true + } + newTypedValue, err := castNAT44GlobalInterfaceValue(key, newValue) + if err != nil { + return true + } + typedMetadata, err := castNAT44GlobalInterfaceMetadata(key, metadata) + if err != nil { + return true + } + return da.descriptor.UpdateWithRecreate(key, oldTypedValue, newTypedValue, typedMetadata) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) Retrieve(correlate []KVWithMetadata) ([]KVWithMetadata, error) { + var correlateWithType []NAT44GlobalInterfaceKVWithMetadata + for _, kvpair := range correlate { + typedValue, err := castNAT44GlobalInterfaceValue(kvpair.Key, kvpair.Value) + if err != nil { + continue + } + typedMetadata, err := castNAT44GlobalInterfaceMetadata(kvpair.Key, kvpair.Metadata) + if err != nil { + continue + } + correlateWithType = append(correlateWithType, + NAT44GlobalInterfaceKVWithMetadata{ + Key: kvpair.Key, + Value: typedValue, + Metadata: typedMetadata, + Origin: kvpair.Origin, + }) + } + + typedValues, err := da.descriptor.Retrieve(correlateWithType) + if err != nil { + return nil, err + } + var values []KVWithMetadata + for _, typedKVWithMetadata := range typedValues { + kvWithMetadata := KVWithMetadata{ + Key: typedKVWithMetadata.Key, + Metadata: typedKVWithMetadata.Metadata, + Origin: typedKVWithMetadata.Origin, + } + kvWithMetadata.Value = typedKVWithMetadata.Value + values = append(values, kvWithMetadata) + } + return values, err +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) DerivedValues(key string, value proto.Message) []KeyValuePair { + typedValue, err := castNAT44GlobalInterfaceValue(key, value) + if err != nil { + return nil + } + return da.descriptor.DerivedValues(key, typedValue) +} + +func (da *NAT44GlobalInterfaceDescriptorAdapter) Dependencies(key string, value proto.Message) []Dependency { + typedValue, err := castNAT44GlobalInterfaceValue(key, value) + if err != nil { + return nil + } + return da.descriptor.Dependencies(key, typedValue) +} + +////////// Helper methods ////////// + +func castNAT44GlobalInterfaceValue(key string, value proto.Message) (*vpp_nat.Nat44Global_Interface, error) { + typedValue, ok := value.(*vpp_nat.Nat44Global_Interface) + if !ok { + return nil, ErrInvalidValueType(key, value) + } + return typedValue, nil +} + +func castNAT44GlobalInterfaceMetadata(key string, metadata Metadata) (interface{}, error) { + if metadata == nil { + return nil, nil + } + typedMetadata, ok := metadata.(interface{}) + if !ok { + return nil, ErrInvalidMetadataType(key) + } + return typedMetadata, nil +} diff --git a/plugins/vpp/natplugin/descriptor/adapter/nat44interface.go b/plugins/vpp/natplugin/descriptor/adapter/nat44interface.go index 9b55853678..33ac7b042d 100644 --- a/plugins/vpp/natplugin/descriptor/adapter/nat44interface.go +++ b/plugins/vpp/natplugin/descriptor/adapter/nat44interface.go @@ -12,7 +12,7 @@ import ( type NAT44InterfaceKVWithMetadata struct { Key string - Value *vpp_nat.Nat44Global_Interface + Value *vpp_nat.Nat44Interface Metadata interface{} Origin ValueOrigin } @@ -24,19 +24,19 @@ type NAT44InterfaceDescriptor struct { KeySelector KeySelector ValueTypeName string KeyLabel func(key string) string - ValueComparator func(key string, oldValue, newValue *vpp_nat.Nat44Global_Interface) bool + ValueComparator func(key string, oldValue, newValue *vpp_nat.Nat44Interface) bool NBKeyPrefix string WithMetadata bool MetadataMapFactory MetadataMapFactory - Validate func(key string, value *vpp_nat.Nat44Global_Interface) error - Create func(key string, value *vpp_nat.Nat44Global_Interface) (metadata interface{}, err error) - Delete func(key string, value *vpp_nat.Nat44Global_Interface, metadata interface{}) error - Update func(key string, oldValue, newValue *vpp_nat.Nat44Global_Interface, oldMetadata interface{}) (newMetadata interface{}, err error) - UpdateWithRecreate func(key string, oldValue, newValue *vpp_nat.Nat44Global_Interface, metadata interface{}) bool + Validate func(key string, value *vpp_nat.Nat44Interface) error + Create func(key string, value *vpp_nat.Nat44Interface) (metadata interface{}, err error) + Delete func(key string, value *vpp_nat.Nat44Interface, metadata interface{}) error + Update func(key string, oldValue, newValue *vpp_nat.Nat44Interface, oldMetadata interface{}) (newMetadata interface{}, err error) + UpdateWithRecreate func(key string, oldValue, newValue *vpp_nat.Nat44Interface, metadata interface{}) bool Retrieve func(correlate []NAT44InterfaceKVWithMetadata) ([]NAT44InterfaceKVWithMetadata, error) IsRetriableFailure func(err error) bool - DerivedValues func(key string, value *vpp_nat.Nat44Global_Interface) []KeyValuePair - Dependencies func(key string, value *vpp_nat.Nat44Global_Interface) []Dependency + DerivedValues func(key string, value *vpp_nat.Nat44Interface) []KeyValuePair + Dependencies func(key string, value *vpp_nat.Nat44Interface) []Dependency RetrieveDependencies []string /* descriptor name */ } @@ -213,8 +213,8 @@ func (da *NAT44InterfaceDescriptorAdapter) Dependencies(key string, value proto. ////////// Helper methods ////////// -func castNAT44InterfaceValue(key string, value proto.Message) (*vpp_nat.Nat44Global_Interface, error) { - typedValue, ok := value.(*vpp_nat.Nat44Global_Interface) +func castNAT44InterfaceValue(key string, value proto.Message) (*vpp_nat.Nat44Interface, error) { + typedValue, ok := value.(*vpp_nat.Nat44Interface) if !ok { return nil, ErrInvalidValueType(key, value) } diff --git a/plugins/vpp/natplugin/descriptor/nat44_global.go b/plugins/vpp/natplugin/descriptor/nat44_global.go index 8e656835b8..0146971acf 100644 --- a/plugins/vpp/natplugin/descriptor/nat44_global.go +++ b/plugins/vpp/natplugin/descriptor/nat44_global.go @@ -68,10 +68,14 @@ var defaultGlobalCfg = &nat.Nat44Global{ type NAT44GlobalDescriptor struct { log logging.Logger natHandler vppcalls.NatVppAPI + + // UseDeprecatedAPI tracks whether deprecated global API (NAT interfaces, addresses) is being used on NB. + // Used to orchestrate which data should be dumped from which descriptor on Retrieve. + UseDeprecatedAPI bool } // NewNAT44GlobalDescriptor creates a new instance of the NAT44Global descriptor. -func NewNAT44GlobalDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { +func NewNAT44GlobalDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginLogger) (*NAT44GlobalDescriptor, *kvs.KVDescriptor) { ctx := &NAT44GlobalDescriptor{ natHandler: natHandler, log: log.NewLogger("nat44-global-descriptor"), @@ -91,7 +95,7 @@ func NewNAT44GlobalDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginL DerivedValues: ctx.DerivedValues, RetrieveDependencies: []string{vpp_ifdescriptor.InterfaceDescriptorName}, } - return adapter.NewNAT44GlobalDescriptor(typedDescr) + return ctx, adapter.NewNAT44GlobalDescriptor(typedDescr) } // EquivalentNAT44Global compares two NAT44 global configs for equality. @@ -110,6 +114,12 @@ func (d *NAT44GlobalDescriptor) EquivalentNAT44Global(key string, oldGlobalCfg, // Validate validates VPP NAT44 global configuration. func (d *NAT44GlobalDescriptor) Validate(key string, globalCfg *nat.Nat44Global) error { + if len(globalCfg.NatInterfaces) > 0 { + d.log.Warnf("NatInterfaces are deprecated in global NAT44 config, use separate Nat44Interface entries.") + } + if len(globalCfg.AddressPool) > 0 { + d.log.Warnf("AddressPool is deprecated in global NAT44 config, use separate Nat44AddressPool entries.") + } // check NAT interface features for collisions natIfaceMap := make(map[string]*natIface) for _, iface := range globalCfg.NatInterfaces { @@ -203,7 +213,16 @@ func (d *NAT44GlobalDescriptor) Update(key string, oldGlobalCfg, newGlobalCfg *n // Retrieve returns the current NAT44 global configuration. func (d *NAT44GlobalDescriptor) Retrieve(correlate []adapter.NAT44GlobalKVWithMetadata) ([]adapter.NAT44GlobalKVWithMetadata, error) { - globalCfg, err := d.natHandler.Nat44GlobalConfigDump() + // Note: either this descriptor (deprecated) or separate interface / address pool descriptors + // can retrieve NAT interfaces / address pools, never both of them. Use correlate to decide. + d.UseDeprecatedAPI = false + for _, g := range correlate { + if len(g.Value.NatInterfaces) > 0 || len(g.Value.AddressPool) > 0 { + d.UseDeprecatedAPI = true + } + } + + globalCfg, err := d.natHandler.Nat44GlobalConfigDump(d.UseDeprecatedAPI) if err != nil { d.log.Error(err) return nil, err @@ -230,14 +249,14 @@ func (d *NAT44GlobalDescriptor) DerivedValues(key string, globalCfg *nat.Nat44Gl // NAT addresses for _, natAddr := range globalCfg.AddressPool { derValues = append(derValues, kvs.KeyValuePair{ - Key: nat.AddressNAT44Key(natAddr.Address, natAddr.TwiceNat), + Key: nat.DerivedAddressNAT44Key(natAddr.Address, natAddr.TwiceNat), Value: natAddr, }) } // NAT interfaces for _, natIface := range globalCfg.NatInterfaces { derValues = append(derValues, kvs.KeyValuePair{ - Key: nat.InterfaceNAT44Key(natIface.Name, natIface.IsInside), + Key: nat.DerivedInterfaceNAT44Key(natIface.Name, natIface.IsInside), Value: natIface, }) } diff --git a/plugins/vpp/natplugin/descriptor/nat44_address.go b/plugins/vpp/natplugin/descriptor/nat44_global_address.go similarity index 59% rename from plugins/vpp/natplugin/descriptor/nat44_address.go rename to plugins/vpp/natplugin/descriptor/nat44_global_address.go index 5ac53db43e..2ddcdb07f7 100644 --- a/plugins/vpp/natplugin/descriptor/nat44_address.go +++ b/plugins/vpp/natplugin/descriptor/nat44_global_address.go @@ -29,9 +29,9 @@ import ( ) const ( - // NAT44AddressDescriptorName is the name of the descriptor for IP addresses + // NAT44GlobalAddressDescriptorName is the name of the descriptor for IP addresses // from the VPP NAT44 address pool. - NAT44AddressDescriptorName = "vpp-nat44-address" + NAT44GlobalAddressDescriptorName = "vpp-nat44-global-address" // dependency labels addressVrfDep = "vrf-table-exists" @@ -44,40 +44,42 @@ var ( ErrInvalidNATAddress = errors.New("Invalid VPP NAT address") ) -// NAT44AddressDescriptor teaches KVScheduler how to add/remove IP addresses +// NAT44GlobalAddressDescriptor teaches KVScheduler how to add/remove IP addresses // to/from the VPP NAT44 address pool. -type NAT44AddressDescriptor struct { +// Deprecated. Functionality moved to NAT44AddressPoolDescriptor. Kept for backward compatibility. +type NAT44GlobalAddressDescriptor struct { log logging.Logger natHandler vppcalls.NatVppAPI } -// NewNAT44AddressDescriptor creates a new instance of the NAT44Address descriptor. -func NewNAT44AddressDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { - ctx := &NAT44AddressDescriptor{ +// NewNAT44GlobalAddressDescriptor creates a new instance of the NAT44Address descriptor. +// Deprecated. Functionality moved to NAT44AddressPoolDescriptor. Kept for backward compatibility. +func NewNAT44GlobalAddressDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { + ctx := &NAT44GlobalAddressDescriptor{ natHandler: natHandler, - log: log.NewLogger("nat44-address-descriptor"), + log: log.NewLogger("nat44-global-address-descriptor"), } - typedDescr := &adapter.NAT44AddressDescriptor{ - Name: NAT44AddressDescriptorName, - KeySelector: ctx.IsNat44AddressKey, + typedDescr := &adapter.NAT44GlobalAddressDescriptor{ + Name: NAT44GlobalAddressDescriptorName, + KeySelector: ctx.IsNat44DerivedAddressKey, ValueTypeName: proto.MessageName(&nat.Nat44Global_Address{}), Create: ctx.Create, Delete: ctx.Delete, Dependencies: ctx.Dependencies, } - return adapter.NewNAT44AddressDescriptor(typedDescr) + return adapter.NewNAT44GlobalAddressDescriptor(typedDescr) } -// IsNat44AddressKey returns true if the key is identifying configuration +// IsNat44DerivedAddressKey returns true if the key is identifying configuration // for a single address from the NAT44 address pool. -func (d *NAT44AddressDescriptor) IsNat44AddressKey(key string) bool { - _, _, isNATAddrKey := nat.ParseAddressNAT44Key(key) +func (d *NAT44GlobalAddressDescriptor) IsNat44DerivedAddressKey(key string) bool { + _, _, isNATAddrKey := nat.ParseDerivedAddressNAT44Key(key) return isNATAddrKey } -// Validates validate configuration for NAT44 address. -func (d *NAT44AddressDescriptor) Validate(key string, natAddr *nat.Nat44Global_Address) error { +// Validate validates configuration for NAT44 address. +func (d *NAT44GlobalAddressDescriptor) Validate(key string, natAddr *nat.Nat44Global_Address) error { ipAddr := net.ParseIP(natAddr.Address) if ipAddr == nil { return kvs.NewInvalidValueError(ErrInvalidNATAddress, "address") @@ -86,7 +88,7 @@ func (d *NAT44AddressDescriptor) Validate(key string, natAddr *nat.Nat44Global_A } // Create adds IP address into the NAT44 address pool. -func (d *NAT44AddressDescriptor) Create(key string, natAddr *nat.Nat44Global_Address) (metadata interface{}, err error) { +func (d *NAT44GlobalAddressDescriptor) Create(key string, natAddr *nat.Nat44Global_Address) (metadata interface{}, err error) { err = d.natHandler.AddNat44Address(natAddr.Address, natAddr.VrfId, natAddr.TwiceNat) if err != nil { d.log.Error(err) @@ -96,7 +98,7 @@ func (d *NAT44AddressDescriptor) Create(key string, natAddr *nat.Nat44Global_Add } // Delete removes IP address from the NAT44 address pool. -func (d *NAT44AddressDescriptor) Delete(key string, natAddr *nat.Nat44Global_Address, metadata interface{}) error { +func (d *NAT44GlobalAddressDescriptor) Delete(key string, natAddr *nat.Nat44Global_Address, metadata interface{}) error { err := d.natHandler.DelNat44Address(natAddr.Address, natAddr.VrfId, natAddr.TwiceNat) if err != nil { d.log.Error(err) @@ -106,7 +108,7 @@ func (d *NAT44AddressDescriptor) Delete(key string, natAddr *nat.Nat44Global_Add } // Dependencies lists non-zero VRF as the only dependency. -func (d *NAT44AddressDescriptor) Dependencies(key string, natAddr *nat.Nat44Global_Address) []kvs.Dependency { +func (d *NAT44GlobalAddressDescriptor) Dependencies(key string, natAddr *nat.Nat44Global_Address) []kvs.Dependency { if natAddr.VrfId == 0 || natAddr.VrfId == ^uint32(0) { return nil } diff --git a/plugins/vpp/natplugin/descriptor/nat44_global_interface.go b/plugins/vpp/natplugin/descriptor/nat44_global_interface.go new file mode 100644 index 0000000000..7c8f9cec89 --- /dev/null +++ b/plugins/vpp/natplugin/descriptor/nat44_global_interface.go @@ -0,0 +1,101 @@ +// Copyright (c) 2018 Cisco and/or its affiliates. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at: +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package descriptor + +import ( + "github.com/golang/protobuf/proto" + "github.com/ligato/cn-infra/logging" + + kvs "go.ligato.io/vpp-agent/v2/plugins/kvscheduler/api" + "go.ligato.io/vpp-agent/v2/plugins/vpp/natplugin/descriptor/adapter" + "go.ligato.io/vpp-agent/v2/plugins/vpp/natplugin/vppcalls" + interfaces "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/interfaces" + nat "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" +) + +const ( + // NAT44GlobalInterfaceDescriptorName is the name of the descriptor for VPP NAT44 + // features applied to interfaces. + NAT44GlobalInterfaceDescriptorName = "vpp-nat44-global-interface" + + // dependency labels + natInterfaceDep = "interface-exists" +) + +// NAT44GlobalInterfaceDescriptor teaches KVScheduler how to configure VPP NAT interface +// features. +// Deprecated. Functionality moved to NAT44InterfaceDescriptor. Kept for backward compatibility. +type NAT44GlobalInterfaceDescriptor struct { + log logging.Logger + natHandler vppcalls.NatVppAPI +} + +// NewNAT44GlobalInterfaceDescriptor creates a new instance of the NAT44GlobalInterface descriptor. +// Deprecated. Functionality moved to NAT44InterfaceDescriptor. Kept for backward compatibility. +func NewNAT44GlobalInterfaceDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { + ctx := &NAT44GlobalInterfaceDescriptor{ + natHandler: natHandler, + log: log.NewLogger("nat44-global-iface-descriptor"), + } + + typedDescr := &adapter.NAT44GlobalInterfaceDescriptor{ + Name: NAT44GlobalInterfaceDescriptorName, + KeySelector: ctx.IsNAT44DerivedInterfaceKey, + ValueTypeName: proto.MessageName(&nat.Nat44Global_Interface{}), + Create: ctx.Create, + Delete: ctx.Delete, + Dependencies: ctx.Dependencies, + } + return adapter.NewNAT44GlobalInterfaceDescriptor(typedDescr) +} + +// IsNAT44DerivedInterfaceKey returns true if the key is identifying NAT-44 configuration +// for interface. +func (d *NAT44GlobalInterfaceDescriptor) IsNAT44DerivedInterfaceKey(key string) bool { + _, _, isNATIfaceKey := nat.ParseDerivedInterfaceNAT44Key(key) + return isNATIfaceKey +} + +// Create enables NAT44 for an interface. +func (d *NAT44GlobalInterfaceDescriptor) Create(key string, natIface *nat.Nat44Global_Interface) (metadata interface{}, err error) { + err = d.natHandler.EnableNat44Interface(natIface.Name, natIface.IsInside, natIface.OutputFeature) + if err != nil { + d.log.Error(err) + return nil, err + + } + return nil, nil +} + +// Delete disables NAT44 for an interface. +func (d *NAT44GlobalInterfaceDescriptor) Delete(key string, natIface *nat.Nat44Global_Interface, metadata interface{}) error { + err := d.natHandler.DisableNat44Interface(natIface.Name, natIface.IsInside, natIface.OutputFeature) + if err != nil { + d.log.Error(err) + return err + + } + return nil +} + +// Dependencies lists the interface as the only dependency. +func (d *NAT44GlobalInterfaceDescriptor) Dependencies(key string, natIface *nat.Nat44Global_Interface) []kvs.Dependency { + return []kvs.Dependency{ + { + Label: natInterfaceDep, + Key: interfaces.InterfaceKey(natIface.Name), + }, + } +} diff --git a/plugins/vpp/natplugin/descriptor/nat44_interface.go b/plugins/vpp/natplugin/descriptor/nat44_interface.go index d787d5294e..a5953b4aeb 100644 --- a/plugins/vpp/natplugin/descriptor/nat44_interface.go +++ b/plugins/vpp/natplugin/descriptor/nat44_interface.go @@ -15,9 +15,7 @@ package descriptor import ( - "github.com/golang/protobuf/proto" "github.com/ligato/cn-infra/logging" - kvs "go.ligato.io/vpp-agent/v2/plugins/kvscheduler/api" "go.ligato.io/vpp-agent/v2/plugins/vpp/natplugin/descriptor/adapter" "go.ligato.io/vpp-agent/v2/plugins/vpp/natplugin/vppcalls" @@ -26,70 +24,114 @@ import ( ) const ( - // NAT44InterfaceDescriptorName is the name of the descriptor for VPP NAT44 - // features applied to interfaces. + // NAT44InterfaceDescriptorName is the name of the descriptor for VPP NAT44 features applied to interfaces. NAT44InterfaceDescriptorName = "vpp-nat44-interface" - - // dependency labels - natInterfaceDep = "interface-exists" ) -// NAT44InterfaceDescriptor teaches KVScheduler how to configure VPP NAT interface -// features. +// NAT44InterfaceDescriptor teaches KVScheduler how to configure VPP NAT interface features. type NAT44InterfaceDescriptor struct { - log logging.Logger - natHandler vppcalls.NatVppAPI + log logging.Logger + natHandler vppcalls.NatVppAPI + nat44GlobalDesc *NAT44GlobalDescriptor } // NewNAT44InterfaceDescriptor creates a new instance of the NAT44Interface descriptor. -func NewNAT44InterfaceDescriptor(natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { +func NewNAT44InterfaceDescriptor(nat44GlobalDesc *NAT44GlobalDescriptor, + natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { ctx := &NAT44InterfaceDescriptor{ - natHandler: natHandler, - log: log.NewLogger("nat44-iface-descriptor"), + nat44GlobalDesc: nat44GlobalDesc, + natHandler: natHandler, + log: log.NewLogger("nat44-iface-descriptor"), } typedDescr := &adapter.NAT44InterfaceDescriptor{ Name: NAT44InterfaceDescriptorName, - KeySelector: ctx.IsNAT44InterfaceKey, - ValueTypeName: proto.MessageName(&nat.Nat44Global_Interface{}), + NBKeyPrefix: nat.ModelNat44Interface.KeyPrefix(), + ValueTypeName: nat.ModelNat44Interface.ProtoName(), + KeySelector: nat.ModelNat44Interface.IsKeyValid, + KeyLabel: nat.ModelNat44Interface.StripKeyPrefix, + Validate: ctx.Validate, Create: ctx.Create, Delete: ctx.Delete, + Retrieve: ctx.Retrieve, Dependencies: ctx.Dependencies, + // retrieve global NAT config first (required for deprecated global NAT interface & address API) + RetrieveDependencies: []string{NAT44GlobalDescriptorName}, } return adapter.NewNAT44InterfaceDescriptor(typedDescr) } -// IsNAT44InterfaceKey returns true if the key is identifying NAT-44 configuration -// for interface. -func (d *NAT44InterfaceDescriptor) IsNAT44InterfaceKey(key string) bool { - _, _, isNATIfaceKey := nat.ParseInterfaceNAT44Key(key) - return isNATIfaceKey +// Validate validates VPP NAT44 interface configuration. +func (d *NAT44InterfaceDescriptor) Validate(key string, natIface *nat.Nat44Interface) error { + if natIface.NatOutside && natIface.NatInside && natIface.OutputFeature { + // output feature cannot be enabled on interface with both inside & outside NAT enabled + return kvs.NewInvalidValueError(ErrNATInterfaceFeatureCollision, "output_feature") + } + return nil } -// Create enables NAT44 for an interface. -func (d *NAT44InterfaceDescriptor) Create(key string, natIface *nat.Nat44Global_Interface) (metadata interface{}, err error) { - err = d.natHandler.EnableNat44Interface(natIface.Name, natIface.IsInside, natIface.OutputFeature) - if err != nil { - d.log.Error(err) - return nil, err - +// Create enables NAT44 on an interface. +func (d *NAT44InterfaceDescriptor) Create(key string, natIface *nat.Nat44Interface) (metadata interface{}, err error) { + if natIface.NatInside { + err = d.natHandler.EnableNat44Interface(natIface.Name, true, natIface.OutputFeature) + if err != nil { + d.log.Error(err) + return nil, err + } + } + if natIface.NatOutside { + err = d.natHandler.EnableNat44Interface(natIface.Name, false, natIface.OutputFeature) + if err != nil { + d.log.Error(err) + return nil, err + } } return nil, nil } -// Delete disables NAT44 for an interface. -func (d *NAT44InterfaceDescriptor) Delete(key string, natIface *nat.Nat44Global_Interface, metadata interface{}) error { - err := d.natHandler.DisableNat44Interface(natIface.Name, natIface.IsInside, natIface.OutputFeature) +// Delete disables NAT44 on an interface. +func (d *NAT44InterfaceDescriptor) Delete(key string, natIface *nat.Nat44Interface, metadata interface{}) error { + if natIface.NatInside { + err := d.natHandler.DisableNat44Interface(natIface.Name, true, natIface.OutputFeature) + if err != nil { + d.log.Error(err) + return err + } + } + if natIface.NatOutside { + err := d.natHandler.DisableNat44Interface(natIface.Name, false, natIface.OutputFeature) + if err != nil { + d.log.Error(err) + return err + } + } + return nil +} + +// Retrieve returns the current NAT44 interface configuration. +func (d *NAT44InterfaceDescriptor) Retrieve(correlate []adapter.NAT44InterfaceKVWithMetadata) ([]adapter.NAT44InterfaceKVWithMetadata, error) { + if d.nat44GlobalDesc.UseDeprecatedAPI { + return nil, nil // NAT interfaces already dumped by global descriptor (deprecated API is in use) + } + natIfs, err := d.natHandler.Nat44Nat44InterfacesDump() if err != nil { d.log.Error(err) - return err + return nil, err + } + retrieved := make([]adapter.NAT44InterfaceKVWithMetadata, 0) + for _, natIf := range natIfs { + retrieved = append(retrieved, adapter.NAT44InterfaceKVWithMetadata{ + Key: nat.Nat44InterfaceKey(natIf.Name), + Value: natIf, + Origin: kvs.FromNB, + }) } - return nil + return retrieved, nil } // Dependencies lists the interface as the only dependency. -func (d *NAT44InterfaceDescriptor) Dependencies(key string, natIface *nat.Nat44Global_Interface) []kvs.Dependency { +func (d *NAT44InterfaceDescriptor) Dependencies(key string, natIface *nat.Nat44Interface) []kvs.Dependency { return []kvs.Dependency{ { Label: natInterfaceDep, diff --git a/plugins/vpp/natplugin/natplugin.go b/plugins/vpp/natplugin/natplugin.go index bdcda5cddc..1fc7cb123b 100644 --- a/plugins/vpp/natplugin/natplugin.go +++ b/plugins/vpp/natplugin/natplugin.go @@ -13,9 +13,11 @@ // limitations under the License. //go:generate descriptor-adapter --descriptor-name NAT44Global --value-type *vpp_nat.Nat44Global --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" -//go:generate descriptor-adapter --descriptor-name NAT44Interface --value-type *vpp_nat.Nat44Global_Interface --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" -//go:generate descriptor-adapter --descriptor-name NAT44Address --value-type *vpp_nat.Nat44Global_Address --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" +//go:generate descriptor-adapter --descriptor-name NAT44GlobalInterface --value-type *vpp_nat.Nat44Global_Interface --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" +//go:generate descriptor-adapter --descriptor-name NAT44GlobalAddress --value-type *vpp_nat.Nat44Global_Address --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" //go:generate descriptor-adapter --descriptor-name DNAT44 --value-type *vpp_nat.DNat44 --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" +//go:generate descriptor-adapter --descriptor-name NAT44Interface --value-type *vpp_nat.Nat44Interface --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" +//go:generate descriptor-adapter --descriptor-name NAT44AddressPool --value-type *vpp_nat.Nat44AddressPool --import "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" --output-dir "descriptor" package natplugin @@ -68,16 +70,18 @@ func (p *NATPlugin) Init() (err error) { } // init and register descriptors - nat44GlobalDescriptor := descriptor.NewNAT44GlobalDescriptor(p.natHandler, p.Log) - nat44IfaceDescriptor := descriptor.NewNAT44InterfaceDescriptor(p.natHandler, p.Log) - nat44AddrDescriptor := descriptor.NewNAT44AddressDescriptor(p.natHandler, p.Log) + nat44GlobalCtx, nat44GlobalDescriptor := descriptor.NewNAT44GlobalDescriptor(p.natHandler, p.Log) + nat44GlobalIfaceDescriptor := descriptor.NewNAT44GlobalInterfaceDescriptor(p.natHandler, p.Log) + nat44GlobalAddrDescriptor := descriptor.NewNAT44GlobalAddressDescriptor(p.natHandler, p.Log) dnat44Descriptor := descriptor.NewDNAT44Descriptor(p.natHandler, p.Log) + nat44IfaceDescriptor := descriptor.NewNAT44InterfaceDescriptor(nat44GlobalCtx, p.natHandler, p.Log) err = p.KVScheduler.RegisterKVDescriptor( nat44GlobalDescriptor, - nat44IfaceDescriptor, - nat44AddrDescriptor, + nat44GlobalIfaceDescriptor, // deprecated, kept for backward compatibility + nat44GlobalAddrDescriptor, // deprecated, kept for backward compatibility dnat44Descriptor, + nat44IfaceDescriptor, ) if err != nil { return err diff --git a/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go index ade5a8fce8..c41fe69dbf 100644 --- a/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go @@ -55,9 +55,14 @@ type NatVppAPI interface { // NatVppRead provides read methods for VPP NAT configuration. type NatVppRead interface { // Nat44GlobalConfigDump dumps global NAT44 config in NB format. - Nat44GlobalConfigDump() (*nat.Nat44Global, error) + // If dumpDeprecated is true, dumps deprecated NAT44 global config as well. + Nat44GlobalConfigDump(dumpDeprecated bool) (*nat.Nat44Global, error) // DNat44Dump dumps all configured DNAT-44 configurations ordered by label. DNat44Dump() ([]*nat.DNat44, error) + // Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. + Nat44Nat44InterfacesDump() ([]*nat.Nat44Interface, error) + // Nat44AddressPoolsDump dumps all configured NAT44 address pools. + Nat44AddressPoolsDump() ([]*nat.Nat44AddressPool, error) } var handler = vpp.RegisterHandler(vpp.HandlerDesc{ diff --git a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go index cf10bf12b4..54d2d326e7 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go @@ -39,31 +39,27 @@ type stMappingMap map[string][]*nat.DNat44_StaticMapping type idMappingMap map[string][]*nat.DNat44_IdentityMapping // Nat44GlobalConfigDump dumps global NAT44 config in NB format. -func (h *NatVppHandler) Nat44GlobalConfigDump() (*nat.Nat44Global, error) { - isEnabled, err := h.isNat44ForwardingEnabled() +func (h *NatVppHandler) Nat44GlobalConfigDump(dumpDeprecated bool) (cfg *nat.Nat44Global, err error) { + cfg = &nat.Nat44Global{} + cfg.Forwarding, err = h.isNat44ForwardingEnabled() if err != nil { return nil, err } - natInterfaces, err := h.nat44InterfaceDump() + cfg.VirtualReassembly, _, err = h.virtualReassemblyDump() if err != nil { return nil, err } - natAddressPool, err := h.nat44AddressDump() - if err != nil { - return nil, err - } - vrIPv4, _, err := h.virtualReassemblyDump() - if err != nil { - return nil, err + if dumpDeprecated { + cfg.NatInterfaces, err = h.nat44InterfaceDump() + if err != nil { + return nil, err + } + cfg.AddressPool, err = h.nat44AddressDump() + if err != nil { + return nil, err + } } - - // combine into the global NAT configuration - return &nat.Nat44Global{ - Forwarding: isEnabled, - NatInterfaces: natInterfaces, - AddressPool: natAddressPool, - VirtualReassembly: vrIPv4, - }, nil + return } // DNat44Dump dumps all configured DNAT-44 configurations ordered by label. @@ -111,7 +107,70 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } +// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { + + // dump NAT interfaces without output feature enabled + req1 := &ba_nat.Nat44InterfaceDump{} + reqContext := h.callsChannel.SendMultiRequest(req1) + for { + msg := &ba_nat.Nat44InterfaceDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: msg.IsInside == 1 || msg.IsInside == 2, + NatOutside: msg.IsInside == 0 || msg.IsInside == 2, + OutputFeature: false, + } + natIfs = append(natIfs, natIf) + } + + // dump interfaces with output feature enabled + req2 := &ba_nat.Nat44InterfaceOutputFeatureDump{} + reqContext = h.callsChannel.SendMultiRequest(req2) + for { + msg := &ba_nat.Nat44InterfaceOutputFeatureDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface output feature: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: msg.IsInside == 1 || msg.IsInside == 2, + NatOutside: msg.IsInside == 0 || msg.IsInside == 2, + OutputFeature: true, + } + natIfs = append(natIfs, natIf) + } + return +} + +// Nat44AddressPoolsDump dumps all configured NAT44 address pools. +func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { + return // TODO: implement me +} + // nat44AddressDump returns NAT44 address pool configured in the VPP. +// Deprecated. Functionality moved to Nat44AddressPoolsDump. Kept for backward compatibility. func (h *NatVppHandler) nat44AddressDump() (addressPool []*nat.Nat44Global_Address, err error) { req := &ba_nat.Nat44AddressDump{} reqContext := h.callsChannel.SendMultiRequest(req) @@ -392,6 +451,7 @@ func (h *NatVppHandler) nat44IdentityMappingDump() (entries idMappingMap, err er } // nat44InterfaceDump dumps NAT44 interface features. +// Deprecated. Functionality moved to Nat44Nat44InterfacesDump. Kept for backward compatibility. func (h *NatVppHandler) nat44InterfaceDump() (interfaces []*nat.Nat44Global_Interface, err error) { /* dump non-Output interfaces first */ diff --git a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls_test.go index 8c7efceffb..7064e7e450 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls_test.go @@ -43,6 +43,20 @@ func TestNat44GlobalConfigDump(t *testing.T) { Enabled: 1, }) + // virtual reassembly + ctx.MockVpp.MockReply(&bin_api.NatGetReassReply{ + // IPv4 + IP4Timeout: 10, + IP4MaxReass: 5, + IP4MaxFrag: 7, + IP4DropFrag: 1, + // IPv6 + IP6Timeout: 20, + IP6MaxReass: 8, + IP6MaxFrag: 13, + IP6DropFrag: 0, + }) + // non-output interfaces ctx.MockVpp.MockReply( &bin_api.Nat44InterfaceDetails{ @@ -76,25 +90,11 @@ func TestNat44GlobalConfigDump(t *testing.T) { }) ctx.MockVpp.MockReply(&vpe.ControlPingReply{}) - // virtual reassembly - ctx.MockVpp.MockReply(&bin_api.NatGetReassReply{ - // IPv4 - IP4Timeout: 10, - IP4MaxReass: 5, - IP4MaxFrag: 7, - IP4DropFrag: 1, - // IPv6 - IP6Timeout: 20, - IP6MaxReass: 8, - IP6MaxFrag: 13, - IP6DropFrag: 0, - }) - swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) - globalCfg, err := natHandler.Nat44GlobalConfigDump() + globalCfg, err := natHandler.Nat44GlobalConfigDump(true) Expect(err).To(Succeed()) Expect(globalCfg.Forwarding).To(BeTrue()) diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go index cb661d7961..5cf8a62ea6 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go @@ -38,31 +38,27 @@ type stMappingMap map[string][]*nat.DNat44_StaticMapping type idMappingMap map[string][]*nat.DNat44_IdentityMapping // Nat44GlobalConfigDump dumps global NAT44 config in NB format. -func (h *NatVppHandler) Nat44GlobalConfigDump() (*nat.Nat44Global, error) { - isEnabled, err := h.isNat44ForwardingEnabled() +func (h *NatVppHandler) Nat44GlobalConfigDump(dumpDeprecated bool) (cfg *nat.Nat44Global, err error) { + cfg = &nat.Nat44Global{} + cfg.Forwarding, err = h.isNat44ForwardingEnabled() if err != nil { return nil, err } - natInterfaces, err := h.nat44InterfaceDump() + cfg.VirtualReassembly, _, err = h.virtualReassemblyDump() if err != nil { return nil, err } - natAddressPool, err := h.nat44AddressDump() - if err != nil { - return nil, err - } - vrIPv4, _, err := h.virtualReassemblyDump() - if err != nil { - return nil, err + if dumpDeprecated { + cfg.NatInterfaces, err = h.nat44InterfaceDump() + if err != nil { + return nil, err + } + cfg.AddressPool, err = h.nat44AddressDump() + if err != nil { + return nil, err + } } - - // combine into the global NAT configuration - return &nat.Nat44Global{ - Forwarding: isEnabled, - NatInterfaces: natInterfaces, - AddressPool: natAddressPool, - VirtualReassembly: vrIPv4, - }, nil + return } // DNat44Dump dumps all configured DNAT-44 configurations ordered by label. @@ -110,7 +106,72 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } +// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { + + // dump NAT interfaces without output feature enabled + req1 := &ba_nat.Nat44InterfaceDump{} + reqContext := h.callsChannel.SendMultiRequest(req1) + for { + msg := &ba_nat.Nat44InterfaceDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + flags := getNat44Flags(msg.Flags) + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: flags.isInside, + NatOutside: flags.isOutside, + OutputFeature: false, + } + natIfs = append(natIfs, natIf) + } + + // dump interfaces with output feature enabled + req2 := &ba_nat.Nat44InterfaceOutputFeatureDump{} + reqContext = h.callsChannel.SendMultiRequest(req2) + for { + msg := &ba_nat.Nat44InterfaceOutputFeatureDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface output feature: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + flags := getNat44Flags(msg.Flags) + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: flags.isInside, + NatOutside: flags.isOutside, + OutputFeature: true, + } + natIfs = append(natIfs, natIf) + } + return +} + +// Nat44AddressPoolsDump dumps all configured NAT44 address pools. +func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { + return // TODO: implement me +} + // nat44AddressDump returns NAT44 address pool configured in the VPP. +// Deprecated. Functionality moved to Nat44AddressPoolsDump. Kept for backward compatibility. func (h *NatVppHandler) nat44AddressDump() (addressPool []*nat.Nat44Global_Address, err error) { req := &ba_nat.Nat44AddressDump{} reqContext := h.callsChannel.SendMultiRequest(req) @@ -384,6 +445,7 @@ func (h *NatVppHandler) nat44IdentityMappingDump() (entries idMappingMap, err er } // nat44InterfaceDump dumps NAT44 interface features. +// Deprecated. Functionality moved to Nat44Nat44InterfacesDump. Kept for backward compatibility. func (h *NatVppHandler) nat44InterfaceDump() (interfaces []*nat.Nat44Global_Interface, err error) { /* dump non-Output interfaces first */ diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go index 85bbaa8b4a..c925c828ae 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go @@ -42,6 +42,20 @@ func TestNat44GlobalConfigDump(t *testing.T) { Enabled: true, }) + // virtual reassembly + ctx.MockVpp.MockReply(&bin_api.NatGetReassReply{ + // IPv4 + IP4Timeout: 10, + IP4MaxReass: 5, + IP4MaxFrag: 7, + IP4DropFrag: 1, + // IPv6 + IP6Timeout: 20, + IP6MaxReass: 8, + IP6MaxFrag: 13, + IP6DropFrag: 0, + }) + // non-output interfaces ctx.MockVpp.MockReply( &bin_api.Nat44InterfaceDetails{ @@ -73,25 +87,11 @@ func TestNat44GlobalConfigDump(t *testing.T) { }) ctx.MockVpp.MockReply(&vpe.ControlPingReply{}) - // virtual reassembly - ctx.MockVpp.MockReply(&bin_api.NatGetReassReply{ - // IPv4 - IP4Timeout: 10, - IP4MaxReass: 5, - IP4MaxFrag: 7, - IP4DropFrag: 1, - // IPv6 - IP6Timeout: 20, - IP6MaxReass: 8, - IP6MaxFrag: 13, - IP6DropFrag: 0, - }) - swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) - globalCfg, err := natHandler.Nat44GlobalConfigDump() + globalCfg, err := natHandler.Nat44GlobalConfigDump(true) Expect(err).To(Succeed()) Expect(globalCfg.Forwarding).To(BeTrue()) diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go index 1b147f4b02..f8a1d701bc 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go @@ -38,31 +38,27 @@ type stMappingMap map[string][]*nat.DNat44_StaticMapping type idMappingMap map[string][]*nat.DNat44_IdentityMapping // Nat44GlobalConfigDump dumps global NAT44 config in NB format. -func (h *NatVppHandler) Nat44GlobalConfigDump() (*nat.Nat44Global, error) { - isEnabled, err := h.isNat44ForwardingEnabled() +func (h *NatVppHandler) Nat44GlobalConfigDump(dumpDeprecated bool) (cfg *nat.Nat44Global, err error) { + cfg = &nat.Nat44Global{} + cfg.Forwarding, err = h.isNat44ForwardingEnabled() if err != nil { return nil, err } - natInterfaces, err := h.nat44InterfaceDump() + cfg.VirtualReassembly, _, err = h.virtualReassemblyDump() if err != nil { return nil, err } - natAddressPool, err := h.nat44AddressDump() - if err != nil { - return nil, err - } - vrIPv4, _, err := h.virtualReassemblyDump() - if err != nil { - return nil, err + if dumpDeprecated { + cfg.NatInterfaces, err = h.nat44InterfaceDump() + if err != nil { + return nil, err + } + cfg.AddressPool, err = h.nat44AddressDump() + if err != nil { + return nil, err + } } - - // combine into the global NAT configuration - return &nat.Nat44Global{ - Forwarding: isEnabled, - NatInterfaces: natInterfaces, - AddressPool: natAddressPool, - VirtualReassembly: vrIPv4, - }, nil + return } // DNat44Dump dumps all configured DNAT-44 configurations ordered by label. @@ -110,7 +106,72 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } +// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { + + // dump NAT interfaces without output feature enabled + req1 := &vpp_nat.Nat44InterfaceDump{} + reqContext := h.callsChannel.SendMultiRequest(req1) + for { + msg := &vpp_nat.Nat44InterfaceDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + flags := getNat44Flags(msg.Flags) + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: flags.isInside, + NatOutside: flags.isOutside, + OutputFeature: false, + } + natIfs = append(natIfs, natIf) + } + + // dump interfaces with output feature enabled + req2 := &vpp_nat.Nat44InterfaceOutputFeatureDump{} + reqContext = h.callsChannel.SendMultiRequest(req2) + for { + msg := &vpp_nat.Nat44InterfaceOutputFeatureDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface output feature: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + flags := getNat44Flags(msg.Flags) + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: flags.isInside, + NatOutside: flags.isOutside, + OutputFeature: true, + } + natIfs = append(natIfs, natIf) + } + return +} + +// Nat44AddressPoolsDump dumps all configured NAT44 address pools. +func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { + return // TODO: implement me +} + // nat44AddressDump returns NAT44 address pool configured in the VPP. +// Deprecated. Functionality moved to Nat44AddressPoolsDump. Kept for backward compatibility. func (h *NatVppHandler) nat44AddressDump() (addressPool []*nat.Nat44Global_Address, err error) { req := &vpp_nat.Nat44AddressDump{} reqContext := h.callsChannel.SendMultiRequest(req) @@ -384,6 +445,7 @@ func (h *NatVppHandler) nat44IdentityMappingDump() (entries idMappingMap, err er } // nat44InterfaceDump dumps NAT44 interface features. +// Deprecated. Functionality moved to Nat44Nat44InterfacesDump. Kept for backward compatibility. func (h *NatVppHandler) nat44InterfaceDump() (interfaces []*nat.Nat44Global_Interface, err error) { /* dump non-Output interfaces first */ diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go index 3fc9f87ae6..cfff91bc14 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go @@ -42,6 +42,20 @@ func TestNat44GlobalConfigDump(t *testing.T) { Enabled: true, }) + // virtual reassembly + ctx.MockVpp.MockReply(&vpp_nat.NatGetReassReply{ + // IPv4 + IP4Timeout: 10, + IP4MaxReass: 5, + IP4MaxFrag: 7, + IP4DropFrag: 1, + // IPv6 + IP6Timeout: 20, + IP6MaxReass: 8, + IP6MaxFrag: 13, + IP6DropFrag: 0, + }) + // non-output interfaces ctx.MockVpp.MockReply( &vpp_nat.Nat44InterfaceDetails{ @@ -73,25 +87,11 @@ func TestNat44GlobalConfigDump(t *testing.T) { }) ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) - // virtual reassembly - ctx.MockVpp.MockReply(&vpp_nat.NatGetReassReply{ - // IPv4 - IP4Timeout: 10, - IP4MaxReass: 5, - IP4MaxFrag: 7, - IP4DropFrag: 1, - // IPv6 - IP6Timeout: 20, - IP6MaxReass: 8, - IP6MaxFrag: 13, - IP6DropFrag: 0, - }) - swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) - globalCfg, err := natHandler.Nat44GlobalConfigDump() + globalCfg, err := natHandler.Nat44GlobalConfigDump(true) Expect(err).To(Succeed()) Expect(globalCfg.Forwarding).To(BeTrue()) diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go index f55eead3a9..37be562303 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go @@ -38,31 +38,27 @@ type stMappingMap map[string][]*nat.DNat44_StaticMapping type idMappingMap map[string][]*nat.DNat44_IdentityMapping // Nat44GlobalConfigDump dumps global NAT44 config in NB format. -func (h *NatVppHandler) Nat44GlobalConfigDump() (*nat.Nat44Global, error) { - isEnabled, err := h.isNat44ForwardingEnabled() +func (h *NatVppHandler) Nat44GlobalConfigDump(dumpDeprecated bool) (cfg *nat.Nat44Global, err error) { + cfg = &nat.Nat44Global{} + cfg.Forwarding, err = h.isNat44ForwardingEnabled() if err != nil { return nil, err } - natInterfaces, err := h.nat44InterfaceDump() + cfg.VirtualReassembly, _, err = h.virtualReassemblyDump() if err != nil { return nil, err } - natAddressPool, err := h.nat44AddressDump() - if err != nil { - return nil, err - } - vrIPv4, _, err := h.virtualReassemblyDump() - if err != nil { - return nil, err + if dumpDeprecated { + cfg.NatInterfaces, err = h.nat44InterfaceDump() + if err != nil { + return nil, err + } + cfg.AddressPool, err = h.nat44AddressDump() + if err != nil { + return nil, err + } } - - // combine into the global NAT configuration - return &nat.Nat44Global{ - Forwarding: isEnabled, - NatInterfaces: natInterfaces, - AddressPool: natAddressPool, - VirtualReassembly: vrIPv4, - }, nil + return } // DNat44Dump dumps all configured DNAT-44 configurations ordered by label. @@ -110,7 +106,72 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } +// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { + + // dump NAT interfaces without output feature enabled + req1 := &vpp_nat.Nat44InterfaceDump{} + reqContext := h.callsChannel.SendMultiRequest(req1) + for { + msg := &vpp_nat.Nat44InterfaceDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + flags := getNat44Flags(msg.Flags) + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: flags.isInside, + NatOutside: flags.isOutside, + OutputFeature: false, + } + natIfs = append(natIfs, natIf) + } + + // dump interfaces with output feature enabled + req2 := &vpp_nat.Nat44InterfaceOutputFeatureDump{} + reqContext = h.callsChannel.SendMultiRequest(req2) + for { + msg := &vpp_nat.Nat44InterfaceOutputFeatureDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 interface output feature: %v", err) + } + if stop { + break + } + ifName, _, found := h.ifIndexes.LookupBySwIfIndex(uint32(msg.SwIfIndex)) + if !found { + h.log.Warnf("Interface with index %d not found in the mapping", msg.SwIfIndex) + continue + } + flags := getNat44Flags(msg.Flags) + natIf := &nat.Nat44Interface{ + Name: ifName, + NatInside: flags.isInside, + NatOutside: flags.isOutside, + OutputFeature: true, + } + natIfs = append(natIfs, natIf) + } + return +} + +// Nat44AddressPoolsDump dumps all configured NAT44 address pools. +func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { + return // TODO: implement me +} + // nat44AddressDump returns NAT44 address pool configured in the VPP. +// Deprecated. Functionality moved to Nat44AddressPoolsDump. Kept for backward compatibility. func (h *NatVppHandler) nat44AddressDump() (addressPool []*nat.Nat44Global_Address, err error) { req := &vpp_nat.Nat44AddressDump{} reqContext := h.callsChannel.SendMultiRequest(req) @@ -384,6 +445,7 @@ func (h *NatVppHandler) nat44IdentityMappingDump() (entries idMappingMap, err er } // nat44InterfaceDump dumps NAT44 interface features. +// Deprecated. Functionality moved to Nat44Nat44InterfacesDump. Kept for backward compatibility. func (h *NatVppHandler) nat44InterfaceDump() (interfaces []*nat.Nat44Global_Interface, err error) { /* dump non-Output interfaces first */ diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go index 45eb267eb0..db1be1b372 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go @@ -42,6 +42,20 @@ func TestNat44GlobalConfigDump(t *testing.T) { Enabled: true, }) + // virtual reassembly + ctx.MockVpp.MockReply(&vpp_nat.NatGetReassReply{ + // IPv4 + IP4Timeout: 10, + IP4MaxReass: 5, + IP4MaxFrag: 7, + IP4DropFrag: 1, + // IPv6 + IP6Timeout: 20, + IP6MaxReass: 8, + IP6MaxFrag: 13, + IP6DropFrag: 0, + }) + // non-output interfaces ctx.MockVpp.MockReply( &vpp_nat.Nat44InterfaceDetails{ @@ -73,25 +87,11 @@ func TestNat44GlobalConfigDump(t *testing.T) { }) ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) - // virtual reassembly - ctx.MockVpp.MockReply(&vpp_nat.NatGetReassReply{ - // IPv4 - IP4Timeout: 10, - IP4MaxReass: 5, - IP4MaxFrag: 7, - IP4DropFrag: 1, - // IPv6 - IP6Timeout: 20, - IP6MaxReass: 8, - IP6MaxFrag: 13, - IP6DropFrag: 0, - }) - swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) - globalCfg, err := natHandler.Nat44GlobalConfigDump() + globalCfg, err := natHandler.Nat44GlobalConfigDump(true) Expect(err).To(Succeed()) Expect(globalCfg.Forwarding).To(BeTrue()) diff --git a/proto/ligato/vpp/nat/models.go b/proto/ligato/vpp/nat/models.go index dd362d275f..9bdd08491a 100644 --- a/proto/ligato/vpp/nat/models.go +++ b/proto/ligato/vpp/nat/models.go @@ -34,6 +34,16 @@ var ( Type: "dnat44", Version: "v2", }, models.WithNameTemplate("{{.Label}}")) + ModelNat44Interface = models.Register(&Nat44Interface{}, models.Spec{ + Module: ModuleName, + Type: "nat44-interfaces", + Version: "v2", + }, models.WithNameTemplate("{{.Name}}")) + ModelNat44AddressPool = models.Register(&Nat44AddressPool{}, models.Spec{ + Module: ModuleName, + Type: "nat44-pools", + Version: "v2", + }, models.WithNameTemplate("{{.Label}}")) ) // GlobalNAT44Key returns key for Nat44Global. @@ -49,6 +59,22 @@ func DNAT44Key(label string) string { }) } +// Nat44InterfaceKey returns the key used in NB DB to store the configuration of the +// given NAT44 interface. +func Nat44InterfaceKey(name string) string { + return models.Key(&Nat44Interface{ + Name: name, + }) +} + +// Nat44AddressPoolKey returns the key used in NB DB to store the configuration of the +// given NAT44 address pool. +func Nat44AddressPoolKey(label string) string { + return models.Key(&Nat44AddressPool{ + Label: label, + }) +} + /* NAT44 interface (derived) */ const ( @@ -88,9 +114,9 @@ const ( /* NAT44 interface (derived) */ -// InterfaceNAT44Key returns (derived) key representing NAT44 configuration +// DerivedInterfaceNAT44Key returns (derived) key representing NAT44 configuration // for a given interface. -func InterfaceNAT44Key(iface string, isInside bool) string { +func DerivedInterfaceNAT44Key(iface string, isInside bool) string { if iface == "" { iface = InvalidKeyPart } @@ -103,9 +129,9 @@ func InterfaceNAT44Key(iface string, isInside bool) string { return key } -// ParseInterfaceNAT44Key parses interface name and the assigned NAT44 feature +// ParseDerivedInterfaceNAT44Key parses interface name and the assigned NAT44 feature // from Interface-NAT44 key. -func ParseInterfaceNAT44Key(key string) (iface string, isInside bool, isInterfaceNAT44Key bool) { +func ParseDerivedInterfaceNAT44Key(key string) (iface string, isInside bool, isInterfaceNAT44Key bool) { trim := strings.TrimPrefix(key, interfaceNAT44KeyPrefix) if trim != key && trim != "" { fibComps := strings.Split(trim, "/") @@ -123,10 +149,10 @@ func ParseInterfaceNAT44Key(key string) (iface string, isInside bool, isInterfac /* NAT44 address (derived) */ -// AddressNAT44Key returns (derived) key representing NAT44 configuration +// DerivedAddressNAT44Key returns (derived) key representing NAT44 configuration // for a single IP address from the NAT44 address pool. // Address is inserted into the key without validation! -func AddressNAT44Key(address string, twiceNat bool) string { +func DerivedAddressNAT44Key(address string, twiceNat bool) string { key := strings.Replace(addressNAT44KeyTemplate, "{address}", address, 1) twiceNatFlag := twiceNatOff if twiceNat { @@ -136,9 +162,9 @@ func AddressNAT44Key(address string, twiceNat bool) string { return key } -// ParseAddressNAT44Key parses configuration of a single NAT44 address from a key -// returned by AddressNAT44Key(). -func ParseAddressNAT44Key(key string) (address string, twiceNat bool, isAddressNAT44Key bool) { +// ParseDerivedAddressNAT44Key parses configuration of a single NAT44 address from a key +// returned by DerivedAddressNAT44Key(). +func ParseDerivedAddressNAT44Key(key string) (address string, twiceNat bool, isAddressNAT44Key bool) { trim := strings.TrimPrefix(key, addressNAT44KeyPrefix) if trim != key && trim != "" { fibComps := strings.Split(trim, "/") diff --git a/proto/ligato/vpp/nat/models_test.go b/proto/ligato/vpp/nat/models_test.go index b3773f2201..f47cafc579 100644 --- a/proto/ligato/vpp/nat/models_test.go +++ b/proto/ligato/vpp/nat/models_test.go @@ -93,7 +93,7 @@ func TestInterfaceNAT44Key(t *testing.T) { } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - key := InterfaceNAT44Key(test.iface, test.isInside) + key := DerivedInterfaceNAT44Key(test.iface, test.isInside) if key != test.expectedKey { t.Errorf("failed for: iface=%s isInside=%t\n"+ "expected key:\n\t%q\ngot key:\n\t%q", @@ -163,7 +163,7 @@ func TestParseInterfaceNAT44Key(t *testing.T) { } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - iface, isInside, isInterfaceNAT44Key := ParseInterfaceNAT44Key(test.key) + iface, isInside, isInterfaceNAT44Key := ParseDerivedInterfaceNAT44Key(test.key) if isInterfaceNAT44Key != test.expectedIsInterfaceNAT44Key { t.Errorf("expected isInterfaceNAT44Key: %v\tgot: %v", test.expectedIsInterfaceNAT44Key, isInterfaceNAT44Key) } @@ -211,7 +211,7 @@ func TestAddressNAT44Key(t *testing.T) { } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - key := AddressNAT44Key(test.address, test.twiceNat) + key := DerivedAddressNAT44Key(test.address, test.twiceNat) if key != test.expectedKey { t.Errorf("failed for: address=%s twiceNat=%t\n"+ "expected key:\n\t%q\ngot key:\n\t%q", @@ -270,7 +270,7 @@ func TestParseAddressNAT44Key(t *testing.T) { } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - address, twiceNat, isAddressNAT44Key := ParseAddressNAT44Key(test.key) + address, twiceNat, isAddressNAT44Key := ParseDerivedAddressNAT44Key(test.key) if isAddressNAT44Key != test.expectedIsAddressNAT44Key { t.Errorf("expected isAddressNAT44Key: %v\tgot: %v", test.expectedIsAddressNAT44Key, isAddressNAT44Key) } diff --git a/proto/ligato/vpp/nat/nat.pb.go b/proto/ligato/vpp/nat/nat.pb.go index 502e264393..f27d4c2569 100644 --- a/proto/ligato/vpp/nat/nat.pb.go +++ b/proto/ligato/vpp/nat/nat.pb.go @@ -78,8 +78,8 @@ func (DNat44_StaticMapping_TwiceNatMode) EnumDescriptor() ([]byte, []int) { type Nat44Global struct { Forwarding bool `protobuf:"varint,1,opt,name=forwarding,proto3" json:"forwarding,omitempty"` - NatInterfaces []*Nat44Global_Interface `protobuf:"bytes,2,rep,name=nat_interfaces,json=natInterfaces,proto3" json:"nat_interfaces,omitempty"` - AddressPool []*Nat44Global_Address `protobuf:"bytes,3,rep,name=address_pool,json=addressPool,proto3" json:"address_pool,omitempty"` + NatInterfaces []*Nat44Global_Interface `protobuf:"bytes,2,rep,name=nat_interfaces,json=natInterfaces,proto3" json:"nat_interfaces,omitempty"` // Deprecated: Do not use. + AddressPool []*Nat44Global_Address `protobuf:"bytes,3,rep,name=address_pool,json=addressPool,proto3" json:"address_pool,omitempty"` // Deprecated: Do not use. VirtualReassembly *VirtualReassembly `protobuf:"bytes,4,opt,name=virtual_reassembly,json=virtualReassembly,proto3" json:"virtual_reassembly,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -118,6 +118,7 @@ func (m *Nat44Global) GetForwarding() bool { return false } +// Deprecated: Do not use. func (m *Nat44Global) GetNatInterfaces() []*Nat44Global_Interface { if m != nil { return m.NatInterfaces @@ -125,6 +126,7 @@ func (m *Nat44Global) GetNatInterfaces() []*Nat44Global_Interface { return nil } +// Deprecated: Do not use. func (m *Nat44Global) GetAddressPool() []*Nat44Global_Address { if m != nil { return m.AddressPool @@ -525,6 +527,143 @@ func (m *DNat44_IdentityMapping) GetProtocol() DNat44_Protocol { return DNat44_TCP } +// Local network interfaces enabled for NAT44. +type Nat44Interface struct { + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + NatInside bool `protobuf:"varint,2,opt,name=nat_inside,json=natInside,proto3" json:"nat_inside,omitempty"` + NatOutside bool `protobuf:"varint,3,opt,name=nat_outside,json=natOutside,proto3" json:"nat_outside,omitempty"` + OutputFeature bool `protobuf:"varint,4,opt,name=output_feature,json=outputFeature,proto3" json:"output_feature,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Nat44Interface) Reset() { *m = Nat44Interface{} } +func (m *Nat44Interface) String() string { return proto.CompactTextString(m) } +func (*Nat44Interface) ProtoMessage() {} +func (*Nat44Interface) Descriptor() ([]byte, []int) { + return fileDescriptor_6c5496f531b4b7d3, []int{2} +} + +func (m *Nat44Interface) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Nat44Interface.Unmarshal(m, b) +} +func (m *Nat44Interface) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Nat44Interface.Marshal(b, m, deterministic) +} +func (m *Nat44Interface) XXX_Merge(src proto.Message) { + xxx_messageInfo_Nat44Interface.Merge(m, src) +} +func (m *Nat44Interface) XXX_Size() int { + return xxx_messageInfo_Nat44Interface.Size(m) +} +func (m *Nat44Interface) XXX_DiscardUnknown() { + xxx_messageInfo_Nat44Interface.DiscardUnknown(m) +} + +var xxx_messageInfo_Nat44Interface proto.InternalMessageInfo + +func (m *Nat44Interface) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Nat44Interface) GetNatInside() bool { + if m != nil { + return m.NatInside + } + return false +} + +func (m *Nat44Interface) GetNatOutside() bool { + if m != nil { + return m.NatOutside + } + return false +} + +func (m *Nat44Interface) GetOutputFeature() bool { + if m != nil { + return m.OutputFeature + } + return false +} + +// Address Pools used for NAT44. +type Nat44AddressPool struct { + Label string `protobuf:"bytes,1,opt,name=label,proto3" json:"label,omitempty"` + VrfId uint32 `protobuf:"varint,2,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + FirstIp string `protobuf:"bytes,3,opt,name=first_ip,json=firstIp,proto3" json:"first_ip,omitempty"` + LastIp string `protobuf:"bytes,4,opt,name=last_ip,json=lastIp,proto3" json:"last_ip,omitempty"` + TwiceNat bool `protobuf:"varint,5,opt,name=twice_nat,json=twiceNat,proto3" json:"twice_nat,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Nat44AddressPool) Reset() { *m = Nat44AddressPool{} } +func (m *Nat44AddressPool) String() string { return proto.CompactTextString(m) } +func (*Nat44AddressPool) ProtoMessage() {} +func (*Nat44AddressPool) Descriptor() ([]byte, []int) { + return fileDescriptor_6c5496f531b4b7d3, []int{3} +} + +func (m *Nat44AddressPool) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Nat44AddressPool.Unmarshal(m, b) +} +func (m *Nat44AddressPool) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Nat44AddressPool.Marshal(b, m, deterministic) +} +func (m *Nat44AddressPool) XXX_Merge(src proto.Message) { + xxx_messageInfo_Nat44AddressPool.Merge(m, src) +} +func (m *Nat44AddressPool) XXX_Size() int { + return xxx_messageInfo_Nat44AddressPool.Size(m) +} +func (m *Nat44AddressPool) XXX_DiscardUnknown() { + xxx_messageInfo_Nat44AddressPool.DiscardUnknown(m) +} + +var xxx_messageInfo_Nat44AddressPool proto.InternalMessageInfo + +func (m *Nat44AddressPool) GetLabel() string { + if m != nil { + return m.Label + } + return "" +} + +func (m *Nat44AddressPool) GetVrfId() uint32 { + if m != nil { + return m.VrfId + } + return 0 +} + +func (m *Nat44AddressPool) GetFirstIp() string { + if m != nil { + return m.FirstIp + } + return "" +} + +func (m *Nat44AddressPool) GetLastIp() string { + if m != nil { + return m.LastIp + } + return "" +} + +func (m *Nat44AddressPool) GetTwiceNat() bool { + if m != nil { + return m.TwiceNat + } + return false +} + +// NAT virtual reassembly type VirtualReassembly struct { Timeout uint32 `protobuf:"varint,1,opt,name=timeout,proto3" json:"timeout,omitempty"` MaxReassemblies uint32 `protobuf:"varint,2,opt,name=max_reassemblies,json=maxReassemblies,proto3" json:"max_reassemblies,omitempty"` @@ -539,7 +678,7 @@ func (m *VirtualReassembly) Reset() { *m = VirtualReassembly{} } func (m *VirtualReassembly) String() string { return proto.CompactTextString(m) } func (*VirtualReassembly) ProtoMessage() {} func (*VirtualReassembly) Descriptor() ([]byte, []int) { - return fileDescriptor_6c5496f531b4b7d3, []int{2} + return fileDescriptor_6c5496f531b4b7d3, []int{4} } func (m *VirtualReassembly) XXX_Unmarshal(b []byte) error { @@ -598,62 +737,70 @@ func init() { proto.RegisterType((*DNat44_StaticMapping)(nil), "ligato.vpp.nat.DNat44.StaticMapping") proto.RegisterType((*DNat44_StaticMapping_LocalIP)(nil), "ligato.vpp.nat.DNat44.StaticMapping.LocalIP") proto.RegisterType((*DNat44_IdentityMapping)(nil), "ligato.vpp.nat.DNat44.IdentityMapping") + proto.RegisterType((*Nat44Interface)(nil), "ligato.vpp.nat.Nat44Interface") + proto.RegisterType((*Nat44AddressPool)(nil), "ligato.vpp.nat.Nat44AddressPool") proto.RegisterType((*VirtualReassembly)(nil), "ligato.vpp.nat.VirtualReassembly") } func init() { proto.RegisterFile("ligato/vpp/nat/nat.proto", fileDescriptor_6c5496f531b4b7d3) } var fileDescriptor_6c5496f531b4b7d3 = []byte{ - // 806 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xdd, 0x6a, 0x1c, 0x37, - 0x14, 0xce, 0x7a, 0xd7, 0xde, 0xd9, 0x33, 0x5e, 0x67, 0x2d, 0x5a, 0x98, 0x6e, 0x7f, 0xb2, 0xdd, - 0x34, 0xc1, 0x85, 0x66, 0x97, 0x3a, 0xa1, 0x14, 0x72, 0xe5, 0xc4, 0x76, 0x18, 0xb0, 0xcd, 0x30, - 0x4e, 0x5b, 0xe8, 0xcd, 0xa0, 0xdd, 0xd1, 0x2c, 0x82, 0x19, 0x49, 0x48, 0xda, 0x89, 0x0d, 0x7d, - 0x9c, 0x3e, 0x43, 0x2f, 0xfa, 0x0c, 0xbd, 0xeb, 0x0b, 0x95, 0x91, 0x34, 0x3f, 0x76, 0x71, 0x09, - 0xf4, 0x62, 0x40, 0xfa, 0xf4, 0xe9, 0xd3, 0xf9, 0xce, 0x39, 0xd2, 0x40, 0x90, 0xd3, 0x0d, 0xd6, - 0x7c, 0x59, 0x0a, 0xb1, 0x64, 0x58, 0x57, 0xdf, 0x42, 0x48, 0xae, 0x39, 0x3a, 0xb0, 0x2b, 0x8b, - 0x52, 0x88, 0x05, 0xc3, 0x7a, 0xfe, 0x77, 0x1f, 0xfc, 0x2b, 0xac, 0x5f, 0xbd, 0x7a, 0x97, 0xf3, - 0x15, 0xce, 0xd1, 0x57, 0x00, 0x19, 0x97, 0x1f, 0xb0, 0x4c, 0x29, 0xdb, 0x04, 0xbd, 0x59, 0xef, - 0xc8, 0x8b, 0x3b, 0x08, 0xba, 0x80, 0x03, 0x86, 0x75, 0x42, 0x99, 0x26, 0x32, 0xc3, 0x6b, 0xa2, - 0x82, 0x9d, 0x59, 0xff, 0xc8, 0x3f, 0x7e, 0xb6, 0xb8, 0x2b, 0xbc, 0xe8, 0x88, 0x2e, 0xc2, 0x9a, - 0x1d, 0x8f, 0x19, 0xd6, 0xcd, 0x4c, 0xa1, 0x73, 0xd8, 0xc7, 0x69, 0x2a, 0x89, 0x52, 0x89, 0xe0, - 0x3c, 0x0f, 0xfa, 0x46, 0xeb, 0xe9, 0x7f, 0x69, 0x9d, 0x58, 0x7e, 0xec, 0xbb, 0x8d, 0x11, 0xe7, - 0x39, 0x8a, 0x00, 0x95, 0x54, 0xea, 0x2d, 0xce, 0x13, 0x49, 0xb0, 0x52, 0xa4, 0x58, 0xe5, 0xb7, - 0xc1, 0x60, 0xd6, 0x3b, 0xf2, 0x8f, 0xbf, 0xbe, 0xaf, 0xf6, 0xb3, 0x65, 0xc6, 0x0d, 0x31, 0x3e, - 0x2c, 0xef, 0x43, 0xd3, 0x35, 0x8c, 0x9a, 0x38, 0x11, 0x82, 0x01, 0xc3, 0x05, 0x31, 0xe9, 0x18, - 0xc5, 0x66, 0x8c, 0x3e, 0x87, 0x11, 0x55, 0x09, 0x65, 0x8a, 0xa6, 0x24, 0xd8, 0x31, 0x79, 0xf2, - 0xa8, 0x0a, 0xcd, 0x1c, 0x3d, 0x83, 0x03, 0xbe, 0xd5, 0x62, 0xab, 0x93, 0x8c, 0x60, 0xbd, 0x95, - 0x24, 0xe8, 0x1b, 0xc6, 0xd8, 0xa2, 0xe7, 0x16, 0x9c, 0xfe, 0x02, 0x43, 0x67, 0x07, 0x05, 0x30, - 0x74, 0x86, 0xdc, 0x29, 0xf5, 0x14, 0x7d, 0x0a, 0x7b, 0xa5, 0xcc, 0x12, 0x9a, 0x9a, 0x53, 0xc6, - 0xf1, 0x6e, 0x29, 0xb3, 0x30, 0xad, 0xce, 0xd7, 0x1f, 0xe8, 0x9a, 0x24, 0x0c, 0x6b, 0xa7, 0xee, - 0x19, 0xe0, 0x0a, 0xeb, 0xf9, 0x5f, 0x43, 0xd8, 0x3b, 0x35, 0x59, 0x43, 0x9f, 0xc0, 0x6e, 0x8e, - 0x57, 0x24, 0x77, 0xb2, 0x76, 0x82, 0xce, 0xc0, 0x57, 0x3a, 0x29, 0xb0, 0x10, 0x94, 0x6d, 0xea, - 0x1a, 0x7e, 0x73, 0x3f, 0x53, 0x56, 0x62, 0x71, 0xad, 0xb1, 0xa6, 0xeb, 0x4b, 0x4b, 0x8e, 0x41, - 0x69, 0x37, 0x54, 0xe8, 0x1d, 0xf8, 0x34, 0x6d, 0x65, 0x6c, 0xf9, 0x9e, 0x3f, 0x20, 0x13, 0xa6, - 0x84, 0x69, 0xaa, 0x6f, 0x1b, 0x21, 0x9a, 0xd6, 0x42, 0xd3, 0x3f, 0x07, 0x30, 0xbe, 0x73, 0x0c, - 0x7a, 0x01, 0x88, 0xdc, 0x68, 0x22, 0x19, 0xce, 0xdb, 0x6e, 0x73, 0x26, 0x0e, 0xeb, 0x95, 0xb6, - 0x44, 0x4f, 0xc0, 0x6f, 0xe9, 0xc2, 0xa4, 0x6a, 0x14, 0x43, 0xc3, 0x13, 0xe8, 0x29, 0x8c, 0x1b, - 0x82, 0xe0, 0xd2, 0xe6, 0x6c, 0x1c, 0xef, 0xd7, 0x60, 0xc4, 0xa5, 0x46, 0x21, 0x8c, 0x72, 0xbe, - 0x36, 0x12, 0x2a, 0x18, 0x18, 0x37, 0xdf, 0x7d, 0x4c, 0x52, 0x16, 0x17, 0xd5, 0xae, 0x30, 0x8a, - 0x3d, 0xb3, 0x3d, 0x14, 0x0a, 0xbd, 0x06, 0xcf, 0xdc, 0xb8, 0x35, 0xcf, 0x83, 0xdd, 0x59, 0xef, - 0xe8, 0xe0, 0xf8, 0xc9, 0x03, 0x4a, 0x91, 0xa3, 0xc5, 0xcd, 0x06, 0x74, 0xd5, 0x2d, 0xee, 0x9e, - 0xd9, 0xfd, 0xfd, 0x47, 0xc5, 0xf1, 0xde, 0x75, 0xc0, 0x25, 0x4f, 0x49, 0xdb, 0x0f, 0xe8, 0x5b, - 0x98, 0x28, 0xa2, 0x14, 0xe5, 0x2c, 0xc1, 0x59, 0x46, 0x19, 0xd5, 0xb7, 0xc1, 0xd0, 0xf8, 0x7f, - 0xec, 0xf0, 0x13, 0x07, 0x4f, 0x7f, 0x83, 0xa1, 0x33, 0xd3, 0xe9, 0xbc, 0x5e, 0xb7, 0xf3, 0x3e, - 0x03, 0xaf, 0x4e, 0x92, 0xcb, 0xf3, 0xd0, 0xb9, 0x46, 0x5f, 0x02, 0xd8, 0xa5, 0x4e, 0x86, 0x6d, - 0x46, 0x4d, 0x7a, 0x67, 0xe0, 0x0b, 0xc9, 0x57, 0x78, 0x45, 0xf3, 0x2a, 0x82, 0x81, 0x59, 0xef, - 0x42, 0xf3, 0x97, 0xb0, 0xdf, 0xb5, 0x80, 0xf6, 0xc1, 0x3b, 0x0d, 0xaf, 0x4f, 0xde, 0x5c, 0x9c, - 0x9d, 0x4e, 0x1e, 0x21, 0x1f, 0x86, 0x67, 0x57, 0x76, 0xd2, 0x43, 0x1e, 0x0c, 0xae, 0xcf, 0x2e, - 0xce, 0x27, 0x3b, 0xd3, 0x3f, 0x7a, 0xf0, 0xf8, 0x5e, 0x73, 0x3d, 0x14, 0xfb, 0x17, 0x30, 0x6a, - 0x9b, 0xc9, 0x06, 0xdf, 0x02, 0x55, 0xf8, 0x54, 0x24, 0xf5, 0x3d, 0xec, 0xbb, 0x65, 0x51, 0xdf, - 0x51, 0x04, 0x03, 0xe3, 0xcb, 0xc6, 0x6d, 0xc6, 0xff, 0xab, 0xcc, 0xf3, 0xe7, 0xe0, 0xd5, 0x28, - 0x1a, 0x42, 0xff, 0xfd, 0xdb, 0x68, 0xf2, 0xa8, 0x1a, 0xfc, 0x74, 0x1a, 0x59, 0x83, 0xe1, 0xdb, - 0xcb, 0x68, 0xb2, 0x33, 0xff, 0xbd, 0x07, 0x87, 0xff, 0x7a, 0xb5, 0xaa, 0x27, 0x43, 0xd3, 0x82, - 0xf0, 0xad, 0x76, 0x1e, 0xeb, 0x69, 0x55, 0xee, 0x02, 0xdf, 0xb4, 0x4f, 0x21, 0x35, 0xcf, 0xb4, - 0x29, 0x77, 0x81, 0x6f, 0xe2, 0x0e, 0x5c, 0x5d, 0x8b, 0x8a, 0x9a, 0x49, 0xbc, 0x29, 0x08, 0xd3, - 0xaa, 0xbe, 0x16, 0x05, 0xbe, 0x39, 0xaf, 0xb1, 0xea, 0x39, 0x4b, 0x25, 0x17, 0x1d, 0xd6, 0xc0, - 0x3e, 0x67, 0x15, 0xda, 0xd0, 0xde, 0xfc, 0xf8, 0xeb, 0x0f, 0x1b, 0x5e, 0xbb, 0xa7, 0xe6, 0xef, - 0xf3, 0x02, 0x6f, 0x08, 0xd3, 0xcb, 0xf2, 0x78, 0x69, 0x4c, 0x2f, 0xef, 0xfe, 0x97, 0x5e, 0x97, - 0x42, 0x54, 0x2d, 0xbe, 0xda, 0x33, 0xab, 0x2f, 0xff, 0x09, 0x00, 0x00, 0xff, 0xff, 0xd0, 0xa6, - 0xe1, 0x25, 0xb8, 0x06, 0x00, 0x00, + // 904 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xdd, 0x6e, 0xe3, 0x44, + 0x14, 0x5e, 0x27, 0x69, 0xec, 0x1c, 0x37, 0xd9, 0x74, 0x04, 0xc2, 0x1b, 0x58, 0x1a, 0xb2, 0xec, + 0xaa, 0x48, 0x6c, 0x22, 0xba, 0x2b, 0x84, 0xb4, 0x57, 0xed, 0xb6, 0x5d, 0x19, 0xb5, 0xc5, 0x72, + 0x17, 0x90, 0xb8, 0xb1, 0x26, 0xf1, 0x38, 0x1a, 0xc9, 0xf1, 0x8c, 0x3c, 0x93, 0x6c, 0x2b, 0xf1, + 0x06, 0xdc, 0xf0, 0x10, 0x3c, 0x03, 0x17, 0x3c, 0x03, 0x6f, 0xc0, 0xcb, 0xa0, 0xf9, 0x71, 0xe2, + 0x86, 0x76, 0xb5, 0x12, 0x17, 0x96, 0x3c, 0xdf, 0x39, 0xf3, 0xf9, 0x9c, 0x6f, 0xce, 0x7c, 0x86, + 0x20, 0xa7, 0x73, 0x2c, 0xd9, 0x64, 0xc5, 0xf9, 0xa4, 0xc0, 0x52, 0x3d, 0x63, 0x5e, 0x32, 0xc9, + 0x50, 0xcf, 0x44, 0xc6, 0x2b, 0xce, 0xc7, 0x05, 0x96, 0xa3, 0x7f, 0x9a, 0xe0, 0x5f, 0x62, 0xf9, + 0xf2, 0xe5, 0x9b, 0x9c, 0x4d, 0x71, 0x8e, 0x3e, 0x07, 0xc8, 0x58, 0xf9, 0x0e, 0x97, 0x29, 0x2d, + 0xe6, 0x81, 0x33, 0x74, 0x0e, 0xbc, 0xb8, 0x86, 0xa0, 0x08, 0x7a, 0x05, 0x96, 0x09, 0x2d, 0x24, + 0x29, 0x33, 0x3c, 0x23, 0x22, 0x68, 0x0c, 0x9b, 0x07, 0xfe, 0xe1, 0xd3, 0xf1, 0x6d, 0xe2, 0x71, + 0x8d, 0x74, 0x1c, 0x56, 0xd9, 0xc7, 0x8d, 0xc0, 0x89, 0xbb, 0x05, 0x96, 0x6b, 0x44, 0xa0, 0xef, + 0x61, 0x17, 0xa7, 0x69, 0x49, 0x84, 0x48, 0x38, 0x63, 0x79, 0xd0, 0xd4, 0x7c, 0x4f, 0xde, 0xc7, + 0x77, 0x64, 0xf2, 0x35, 0x9b, 0x6f, 0x37, 0x47, 0x8c, 0xe5, 0x28, 0x02, 0xb4, 0xa2, 0xa5, 0x5c, + 0xe2, 0x3c, 0x29, 0x09, 0x16, 0x82, 0x2c, 0xa6, 0xf9, 0x4d, 0xd0, 0x1a, 0x3a, 0x07, 0xfe, 0xe1, + 0x17, 0xdb, 0x8c, 0x3f, 0x99, 0xcc, 0x78, 0x9d, 0x18, 0xef, 0xad, 0xb6, 0xa1, 0xc1, 0x0c, 0x3a, + 0xeb, 0x5a, 0x11, 0x82, 0x56, 0x81, 0x17, 0x44, 0xcb, 0xd2, 0x89, 0xf5, 0x3b, 0xfa, 0x14, 0x3a, + 0x54, 0x24, 0xb4, 0x10, 0x34, 0x25, 0x41, 0x43, 0xeb, 0xe5, 0x51, 0x11, 0xea, 0x35, 0x7a, 0x0a, + 0x3d, 0xb6, 0x94, 0x7c, 0x29, 0x93, 0x8c, 0x60, 0xb9, 0x2c, 0x49, 0xd0, 0xd4, 0x19, 0x5d, 0x83, + 0x9e, 0x19, 0x70, 0xf0, 0x33, 0xb8, 0xb6, 0x25, 0x14, 0x80, 0x6b, 0x1b, 0xb2, 0x5f, 0xa9, 0x96, + 0xe8, 0x63, 0x68, 0xaf, 0xca, 0x2c, 0xa1, 0xa9, 0xfe, 0x4a, 0x37, 0xde, 0x59, 0x95, 0x59, 0x98, + 0xaa, 0xef, 0xcb, 0x77, 0x74, 0x46, 0x92, 0x02, 0x4b, 0xcb, 0xee, 0x69, 0xe0, 0x12, 0xcb, 0xd1, + 0xdf, 0x2e, 0xb4, 0x4f, 0xb4, 0x72, 0xe8, 0x23, 0xd8, 0xc9, 0xf1, 0x94, 0xe4, 0x96, 0xd6, 0x2c, + 0xd0, 0x29, 0xf8, 0x42, 0x26, 0x0b, 0xcc, 0x39, 0x2d, 0xe6, 0xd5, 0x59, 0x7e, 0xb9, 0xad, 0x94, + 0xa1, 0x18, 0x5f, 0x49, 0x2c, 0xe9, 0xec, 0xc2, 0x24, 0xc7, 0x20, 0xa4, 0x7d, 0x15, 0xe8, 0x0d, + 0xf8, 0x34, 0xdd, 0xd0, 0x98, 0x23, 0x7c, 0x76, 0x0f, 0x4d, 0x98, 0x92, 0x42, 0x52, 0x79, 0xb3, + 0x26, 0xa2, 0x69, 0x45, 0x34, 0xf8, 0xab, 0x05, 0xdd, 0x5b, 0x9f, 0x41, 0xcf, 0x01, 0x91, 0x6b, + 0x49, 0xca, 0x02, 0xe7, 0x9b, 0xa9, 0xb3, 0x4d, 0xec, 0x55, 0x91, 0xcd, 0x11, 0xed, 0x83, 0xbf, + 0x49, 0xe7, 0x5a, 0xaa, 0x4e, 0x0c, 0xeb, 0x3c, 0x8e, 0x9e, 0x40, 0x77, 0x9d, 0xc0, 0x59, 0x69, + 0x34, 0xeb, 0xc6, 0xbb, 0x15, 0x18, 0xb1, 0x52, 0xa2, 0x10, 0x3a, 0x39, 0x9b, 0x69, 0x0a, 0x11, + 0xb4, 0x74, 0x37, 0x5f, 0x7f, 0x88, 0x28, 0xe3, 0x73, 0xb5, 0x2b, 0x8c, 0x62, 0x4f, 0x6f, 0x0f, + 0xb9, 0x40, 0xaf, 0xc0, 0xd3, 0x37, 0x6f, 0xc6, 0xf2, 0x60, 0x67, 0xe8, 0x1c, 0xf4, 0x0e, 0xf7, + 0xef, 0x61, 0x8a, 0x6c, 0x5a, 0xbc, 0xde, 0x80, 0x2e, 0xeb, 0x87, 0xdb, 0xd6, 0xbb, 0xbf, 0xf9, + 0xa0, 0x3a, 0xde, 0xda, 0x09, 0xb8, 0x60, 0x29, 0xd9, 0xcc, 0x03, 0xfa, 0x0a, 0xfa, 0x82, 0x08, + 0x41, 0x59, 0x91, 0xe0, 0x2c, 0xa3, 0x05, 0x95, 0x37, 0x81, 0xab, 0xfb, 0x7f, 0x68, 0xf1, 0x23, + 0x0b, 0x0f, 0x7e, 0x05, 0xd7, 0x36, 0x53, 0x9b, 0x3c, 0xa7, 0x3e, 0x79, 0x8f, 0xc0, 0xab, 0x44, + 0xb2, 0x3a, 0xbb, 0xb6, 0x6b, 0xf4, 0x18, 0xc0, 0x84, 0x6a, 0x0a, 0x1b, 0x45, 0xb5, 0xbc, 0x43, + 0xf0, 0x79, 0xc9, 0xa6, 0x78, 0x4a, 0x73, 0x55, 0x41, 0x4b, 0xc7, 0xeb, 0xd0, 0xe8, 0x05, 0xec, + 0xd6, 0x5b, 0x40, 0xbb, 0xe0, 0x9d, 0x84, 0x57, 0x47, 0xc7, 0xe7, 0xa7, 0x27, 0xfd, 0x07, 0xc8, + 0x07, 0xf7, 0xf4, 0xd2, 0x2c, 0x1c, 0xe4, 0x41, 0xeb, 0xea, 0xf4, 0xfc, 0xac, 0xdf, 0x18, 0xfc, + 0xe9, 0xc0, 0xc3, 0xad, 0xe1, 0xba, 0xaf, 0xf6, 0xcf, 0xa0, 0xb3, 0x19, 0x26, 0x53, 0xfc, 0x06, + 0x50, 0xe5, 0x53, 0x9e, 0x54, 0xf7, 0xb0, 0x69, 0xc3, 0xbc, 0xba, 0xa3, 0x08, 0x5a, 0xba, 0x2f, + 0x53, 0xb7, 0x7e, 0xff, 0x5f, 0xc7, 0x3c, 0x7a, 0x06, 0x5e, 0x85, 0x22, 0x17, 0x9a, 0x6f, 0x5f, + 0x47, 0xfd, 0x07, 0xea, 0xe5, 0xc7, 0x93, 0xc8, 0x34, 0x18, 0xbe, 0xbe, 0x88, 0xfa, 0x8d, 0xd1, + 0x6f, 0x0e, 0xf4, 0x34, 0xc9, 0xfb, 0x2d, 0xe9, 0x31, 0x80, 0xf1, 0xe8, 0x9a, 0x27, 0x75, 0xb4, + 0xe9, 0x6a, 0x53, 0xda, 0x07, 0x5f, 0x85, 0xd9, 0x52, 0xea, 0xb8, 0xf1, 0x0c, 0xb5, 0xe3, 0x07, + 0x83, 0xdc, 0xe1, 0x5a, 0xad, 0x3b, 0x5c, 0x6b, 0xf4, 0xbb, 0x03, 0x7d, 0x5d, 0xcd, 0x51, 0xcd, + 0x81, 0xef, 0xb6, 0x99, 0x7b, 0xbc, 0xeb, 0x11, 0x78, 0x19, 0x2d, 0x85, 0x54, 0x13, 0x64, 0x54, + 0x76, 0xf5, 0x3a, 0xe4, 0xe8, 0x13, 0x70, 0x73, 0x6c, 0x22, 0x2d, 0x1d, 0x69, 0xab, 0x65, 0xc8, + 0x6f, 0xfb, 0xdd, 0xce, 0x96, 0xdf, 0xfd, 0xe1, 0xc0, 0xde, 0x7f, 0x6c, 0x5d, 0x79, 0xaa, 0xa4, + 0x0b, 0xc2, 0x96, 0xd2, 0x0e, 0x41, 0xb5, 0x54, 0xf7, 0x61, 0x81, 0xaf, 0x37, 0xff, 0x0a, 0xaa, + 0xff, 0x67, 0xfa, 0x3e, 0x2c, 0xf0, 0x75, 0x5c, 0x83, 0x95, 0x6f, 0xa8, 0xd4, 0xac, 0xc4, 0xf3, + 0x05, 0x29, 0xa4, 0xa8, 0x7c, 0x63, 0x81, 0xaf, 0xcf, 0x2a, 0x4c, 0x29, 0x97, 0x96, 0x8c, 0xd7, + 0xb2, 0xac, 0x72, 0x0a, 0x5d, 0xa7, 0x1d, 0x7f, 0xf7, 0xcb, 0xb7, 0x73, 0x56, 0x8d, 0x07, 0xd5, + 0xbf, 0xe9, 0xe7, 0x78, 0x4e, 0x0a, 0x39, 0x59, 0x1d, 0x4e, 0xf4, 0x54, 0x4c, 0x6e, 0xff, 0xc0, + 0x5f, 0xad, 0x38, 0x57, 0x0d, 0x4f, 0xdb, 0x3a, 0xfa, 0xe2, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, + 0x9f, 0xc8, 0x2b, 0x82, 0xe1, 0x07, 0x00, 0x00, } diff --git a/proto/ligato/vpp/nat/nat.proto b/proto/ligato/vpp/nat/nat.proto index 2fafafa6a0..caf8bbbf94 100644 --- a/proto/ligato/vpp/nat/nat.proto +++ b/proto/ligato/vpp/nat/nat.proto @@ -12,7 +12,7 @@ message Nat44Global { bool is_inside = 2; /* Distinguish between inside/outside interface. */ bool output_feature = 3; /* Enable/disable output feature. */ } - repeated Interface nat_interfaces = 2; + repeated Interface nat_interfaces = 2 [deprecated=true]; /* Use separate Nat44Interface entries instead. */ message Address { string address = 1; /* IPv4 address. */ @@ -22,7 +22,7 @@ message Nat44Global { */ bool twice_nat = 3; /* Enable/disable twice NAT. */ } - repeated Address address_pool = 3; + repeated Address address_pool = 3 [deprecated=true]; /* Use separate Nat44AddressPool entries instead. */ VirtualReassembly virtual_reassembly = 4; /* Virtual reassembly for IPv4 */ } @@ -75,7 +75,28 @@ message DNat44 { repeated IdentityMapping id_mappings = 3; } -message VirtualReassembly { /* NAT virtual reassembly */ +/* Local network interfaces enabled for NAT44. */ +message Nat44Interface { + string name = 1; /* (logical) Interface name. */ + bool nat_inside = 2; /* Enable/disable NAT on inside. */ + bool nat_outside = 3; /* Enable/disable NAT on outside. */ + bool output_feature = 4; /* Enable/disable output feature. */ +} + +/* Address Pools used for NAT44. */ +message Nat44AddressPool { + string label = 1; /* Unique identifier for the NAT44 pool. */ + uint32 vrf_id = 2; /* VRF id of tenant, 0xFFFFFFFF means independent of VRF. + Non-zero (and not all-ones) VRF has to be explicitly created + (see api/models/vpp/l3/vrf.proto). + */ + string first_ip = 3; /* First IP address of the pool. */ + string last_ip = 4; /* Last IP address of the pool. Should be higher than first_ip or empty. */ + bool twice_nat = 5; /* Enable/disable twice NAT. */ +} + +/* NAT virtual reassembly */ +message VirtualReassembly { uint32 timeout = 1; /* Reassembly timeout */ uint32 max_reassemblies = 2; /* Maximum number of concurrent reassemblies */ uint32 max_fragments = 3; /* Maximum number of fragments per reassembly */ diff --git a/proto/ligato/vpp/vpp.pb.go b/proto/ligato/vpp/vpp.pb.go index 3bd1bcec72..f1b26e47b7 100644 --- a/proto/ligato/vpp/vpp.pb.go +++ b/proto/ligato/vpp/vpp.pb.go @@ -44,6 +44,8 @@ type ConfigData struct { Vrfs []*l3.VrfTable `protobuf:"bytes,44,rep,name=vrfs,proto3" json:"vrfs,omitempty"` Nat44Global *nat.Nat44Global `protobuf:"bytes,50,opt,name=nat44_global,json=nat44Global,proto3" json:"nat44_global,omitempty"` Dnat44S []*nat.DNat44 `protobuf:"bytes,51,rep,name=dnat44s,proto3" json:"dnat44s,omitempty"` + Nat44Interfaces []*nat.Nat44Interface `protobuf:"bytes,52,rep,name=nat44_interfaces,json=nat44Interfaces,proto3" json:"nat44_interfaces,omitempty"` + Nat44Pools []*nat.Nat44AddressPool `protobuf:"bytes,53,rep,name=nat44_pools,json=nat44Pools,proto3" json:"nat44_pools,omitempty"` IpsecSpds []*ipsec.SecurityPolicyDatabase `protobuf:"bytes,60,rep,name=ipsec_spds,json=ipsecSpds,proto3" json:"ipsec_spds,omitempty"` IpsecSas []*ipsec.SecurityAssociation `protobuf:"bytes,61,rep,name=ipsec_sas,json=ipsecSas,proto3" json:"ipsec_sas,omitempty"` PuntIpredirects []*punt.IPRedirect `protobuf:"bytes,70,rep,name=punt_ipredirects,json=puntIpredirects,proto3" json:"punt_ipredirects,omitempty"` @@ -181,6 +183,20 @@ func (m *ConfigData) GetDnat44S() []*nat.DNat44 { return nil } +func (m *ConfigData) GetNat44Interfaces() []*nat.Nat44Interface { + if m != nil { + return m.Nat44Interfaces + } + return nil +} + +func (m *ConfigData) GetNat44Pools() []*nat.Nat44AddressPool { + if m != nil { + return m.Nat44Pools + } + return nil +} + func (m *ConfigData) GetIpsecSpds() []*ipsec.SecurityPolicyDatabase { if m != nil { return m.IpsecSpds @@ -331,59 +347,62 @@ func init() { func init() { proto.RegisterFile("ligato/vpp/vpp.proto", fileDescriptor_0138a1608d5d59f2) } var fileDescriptor_0138a1608d5d59f2 = []byte{ - // 854 bytes of a gzipped FileDescriptorProto + // 902 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x95, 0x6f, 0x6f, 0xdb, 0x36, - 0x10, 0xc6, 0x51, 0xac, 0xed, 0x1a, 0x3a, 0x49, 0x07, 0x2e, 0x6b, 0xd9, 0xec, 0x9f, 0x17, 0x20, - 0x58, 0xd6, 0x66, 0xf2, 0x66, 0x07, 0x7d, 0x31, 0x74, 0x43, 0xed, 0xa4, 0x4e, 0x3d, 0x04, 0x81, - 0x46, 0x07, 0xc3, 0xd0, 0x37, 0x02, 0x25, 0x53, 0x2e, 0x01, 0x8d, 0x24, 0x78, 0x8c, 0x91, 0x7c, - 0xd1, 0x7d, 0x9e, 0x81, 0x27, 0x29, 0x96, 0x63, 0x19, 0x7d, 0x21, 0x41, 0xc7, 0xfb, 0x3d, 0xcf, - 0x51, 0xe4, 0x89, 0x22, 0x7b, 0x85, 0x9a, 0x0b, 0x6f, 0x7a, 0x0b, 0x6b, 0xc3, 0x15, 0x59, 0x67, - 0xbc, 0xa1, 0xa4, 0x1c, 0x8d, 0x16, 0xd6, 0xee, 0xb3, 0x06, 0x21, 0xd2, 0x3c, 0x5c, 0x25, 0xb5, - 0x9a, 0xc9, 0x8a, 0x70, 0x55, 0x99, 0xc3, 0x46, 0x46, 0x69, 0x2f, 0x5d, 0x2e, 0x32, 0x09, 0xcb, - 0xc7, 0x0a, 0xeb, 0xb6, 0x63, 0x60, 0x85, 0xae, 0x88, 0x1f, 0x36, 0x10, 0x5e, 0xf8, 0xda, 0xe4, - 0x9b, 0x26, 0x62, 0x41, 0x66, 0xe5, 0xbd, 0xc5, 0xa0, 0xe8, 0xf7, 0x52, 0xa7, 0x66, 0x73, 0x99, - 0xcc, 0xcc, 0xbf, 0x42, 0xd5, 0x35, 0x9e, 0xaf, 0x22, 0xb9, 0x4a, 0x5b, 0x9c, 0x8b, 0x7e, 0xef, - 0x26, 0x33, 0x5a, 0xcb, 0xcc, 0xb7, 0xc9, 0x06, 0x3d, 0xe1, 0xaa, 0xc5, 0xdb, 0x7f, 0xb6, 0x9a, - 0x28, 0x06, 0xd5, 0xf8, 0x8b, 0xd5, 0x71, 0x67, 0xae, 0xef, 0xde, 0xe1, 0x9e, 0xd7, 0xc2, 0xb5, - 0x2d, 0xb1, 0x16, 0x3e, 0x5c, 0x55, 0x66, 0xbf, 0x91, 0xb1, 0xd7, 0xda, 0xe3, 0xad, 0x25, 0x07, - 0x6e, 0xf1, 0x1a, 0x6f, 0x65, 0xee, 0xe0, 0x3f, 0x42, 0xc8, 0xa9, 0xd1, 0xb9, 0x9a, 0x9f, 0x09, - 0x2f, 0xe8, 0x5b, 0x42, 0x96, 0xeb, 0xca, 0x48, 0xf7, 0xb3, 0xa3, 0x4e, 0xbf, 0x1b, 0x2d, 0xb7, - 0x3f, 0x5a, 0x66, 0xa3, 0x49, 0xfd, 0xc8, 0x1b, 0x1a, 0xfa, 0x2b, 0x79, 0x14, 0x36, 0x0c, 0x58, - 0x07, 0xc5, 0x5f, 0x6f, 0x10, 0x4f, 0xad, 0xd0, 0xbc, 0x24, 0xe9, 0x8f, 0xe4, 0xa1, 0xc8, 0x0a, - 0x60, 0x7b, 0xa8, 0xf8, 0xb2, 0xa9, 0x08, 0x3d, 0x34, 0x3c, 0xbd, 0xe0, 0x08, 0x20, 0x98, 0xe6, - 0xc0, 0xbe, 0x6a, 0x01, 0xd3, 0x3c, 0x1a, 0x8e, 0xc6, 0x1c, 0x01, 0x3a, 0x22, 0xbb, 0x2b, 0x5b, - 0x0b, 0xec, 0xbb, 0xf5, 0xd9, 0x14, 0xfd, 0x68, 0x84, 0xd0, 0x19, 0x32, 0x7c, 0x27, 0x6d, 0x44, - 0x40, 0x5f, 0x91, 0x87, 0xb9, 0x4a, 0x81, 0x7d, 0x8f, 0xca, 0xe7, 0xf7, 0x94, 0xe3, 0xc9, 0xe8, - 0x9d, 0xf6, 0xee, 0x96, 0x23, 0x14, 0x0a, 0xd6, 0xfd, 0x90, 0x58, 0xa1, 0x1c, 0xb0, 0x6e, 0x6b, - 0xc1, 0x7f, 0x4e, 0x4b, 0x28, 0x16, 0xca, 0xf1, 0x9d, 0x5a, 0x12, 0x22, 0xa0, 0xc7, 0xe4, 0x31, - 0x36, 0x01, 0xb0, 0x23, 0xd4, 0xee, 0xad, 0x68, 0x07, 0x11, 0x0f, 0x49, 0x5e, 0x31, 0x61, 0x7a, - 0xc2, 0x59, 0x60, 0x3f, 0xb5, 0x4c, 0x6f, 0x10, 0x0d, 0x79, 0x5c, 0x4d, 0x2f, 0x40, 0xf4, 0x84, - 0x6c, 0x59, 0x67, 0x6e, 0x6e, 0x13, 0xe1, 0x2c, 0x7b, 0xd9, 0x7d, 0xd0, 0xa2, 0x88, 0x43, 0x7e, - 0xc8, 0x63, 0xfe, 0x04, 0xc9, 0xa1, 0xb3, 0x74, 0x4c, 0x9e, 0x2a, 0x0b, 0x99, 0xd0, 0x89, 0x96, - 0x6a, 0xfe, 0x31, 0x35, 0x8e, 0xbd, 0x42, 0xed, 0xb7, 0xf7, 0xb4, 0x93, 0x78, 0x9a, 0x09, 0x7d, - 0x59, 0x41, 0x7c, 0xb7, 0x54, 0xd5, 0x71, 0x98, 0xea, 0xc2, 0xe5, 0xc0, 0x8e, 0x5b, 0xa7, 0xfa, - 0xb7, 0xcb, 0xaf, 0x44, 0x5a, 0x48, 0x8e, 0x10, 0xfd, 0x83, 0x6c, 0x6b, 0xe1, 0x4f, 0x4e, 0x92, - 0x79, 0x61, 0x52, 0x51, 0xb0, 0x3e, 0x56, 0x5c, 0x59, 0xc7, 0xd0, 0xf5, 0x97, 0x81, 0x39, 0x47, - 0x84, 0x77, 0xf4, 0x32, 0xa0, 0xbf, 0x90, 0xcf, 0x67, 0x18, 0x03, 0x1b, 0x60, 0xbd, 0x67, 0xf7, - 0xa5, 0x67, 0xa8, 0xe5, 0x35, 0x46, 0xcf, 0x09, 0xc1, 0x23, 0x22, 0x01, 0x3b, 0x03, 0xf6, 0x06, - 0x45, 0x47, 0x2b, 0x6d, 0x8b, 0x07, 0xc8, 0x54, 0x66, 0xd7, 0x4e, 0xf9, 0xdb, 0xd8, 0x14, 0x2a, - 0xbb, 0x0d, 0x5f, 0x4b, 0x2a, 0x40, 0xf2, 0x2d, 0xcc, 0x4e, 0xed, 0x2c, 0x34, 0xc1, 0x56, 0x65, - 0x24, 0x80, 0xfd, 0x8e, 0x3e, 0x87, 0x9b, 0x7d, 0x86, 0x00, 0x26, 0x53, 0xc2, 0x2b, 0xa3, 0xf9, - 0x93, 0xd2, 0x44, 0x00, 0x1d, 0x93, 0x2f, 0xc2, 0x97, 0x9b, 0x28, 0xeb, 0xe4, 0x4c, 0x39, 0x99, - 0x79, 0x60, 0xe3, 0xf5, 0x56, 0xc2, 0xaf, 0x7b, 0x12, 0xf3, 0x8a, 0xe1, 0x4f, 0xc3, 0xc0, 0x64, - 0xa9, 0xa1, 0xbf, 0x91, 0x6d, 0xf4, 0xf1, 0xe6, 0xa3, 0x01, 0x0f, 0xec, 0x7c, 0x7d, 0xed, 0xd1, - 0xe3, 0xca, 0xbc, 0x37, 0xe0, 0x79, 0x27, 0x04, 0x57, 0x25, 0x4b, 0x4f, 0x09, 0xda, 0x25, 0xf2, - 0x26, 0x93, 0x36, 0xcc, 0x0f, 0xd8, 0x7b, 0x94, 0xef, 0xaf, 0xc9, 0xdf, 0xd5, 0x08, 0xdf, 0x0d, - 0xf1, 0x5d, 0x08, 0xf4, 0x2d, 0xd9, 0x0d, 0xc7, 0x4c, 0x52, 0x98, 0x4c, 0x14, 0xa0, 0x66, 0xc0, - 0x62, 0xf4, 0x78, 0xd1, 0xf4, 0xc0, 0x83, 0xe8, 0x22, 0x10, 0xd3, 0xc9, 0x19, 0xdf, 0x09, 0xe1, - 0x45, 0xcd, 0xd3, 0x37, 0x04, 0x07, 0x12, 0x1b, 0x16, 0x5c, 0x49, 0x60, 0x7f, 0xad, 0xbf, 0x03, - 0x1a, 0x94, 0x3b, 0xc2, 0xb7, 0x43, 0x10, 0x57, 0xf0, 0x5d, 0x7d, 0xf0, 0x52, 0x3a, 0xa5, 0xe7, - 0xc0, 0xf8, 0x86, 0xfa, 0xd3, 0x8a, 0x28, 0xeb, 0xd7, 0x51, 0xa8, 0xdf, 0x41, 0x87, 0xaa, 0x11, - 0xa7, 0xeb, 0x8d, 0x58, 0xca, 0xf9, 0xe2, 0x75, 0xd5, 0x88, 0x24, 0x0c, 0x94, 0xcf, 0x07, 0x1f, - 0xc8, 0xf6, 0xa5, 0xf1, 0x2a, 0x57, 0x19, 0x6e, 0x31, 0xfd, 0x93, 0x6c, 0xdd, 0x1d, 0x7f, 0xec, - 0x01, 0x7a, 0x1d, 0x7f, 0xea, 0x60, 0x6d, 0x1a, 0xf0, 0xa5, 0xfc, 0xe0, 0x82, 0x3c, 0x9a, 0x7a, - 0x81, 0x3b, 0xb5, 0x66, 0x7a, 0xf8, 0x29, 0x53, 0x54, 0x36, 0xdc, 0x46, 0xc7, 0x1f, 0x5e, 0xce, - 0x4d, 0xad, 0x52, 0xf8, 0x9b, 0xf8, 0x59, 0xcc, 0xa5, 0xf6, 0xbd, 0x45, 0xbf, 0x87, 0x7f, 0x89, - 0xde, 0xf2, 0x07, 0x92, 0x3e, 0xc6, 0x91, 0xc1, 0xff, 0x01, 0x00, 0x00, 0xff, 0xff, 0xd5, 0x61, - 0x23, 0x29, 0x2a, 0x08, 0x00, 0x00, + 0x10, 0xc6, 0x51, 0xac, 0xed, 0x1a, 0x3a, 0x7f, 0x0a, 0x2e, 0x6b, 0xd9, 0x6c, 0xeb, 0xbc, 0x00, + 0xc1, 0xb2, 0x36, 0xb3, 0x37, 0x3b, 0xeb, 0x8b, 0xa1, 0x1b, 0x6a, 0x27, 0x75, 0xea, 0x21, 0x08, + 0x34, 0x3a, 0x18, 0x86, 0xbe, 0x11, 0x28, 0x99, 0x72, 0x09, 0x68, 0x24, 0xc1, 0x63, 0x8c, 0xe4, + 0xfb, 0xee, 0x83, 0x14, 0x3c, 0x49, 0xb6, 0x1c, 0x2b, 0xc8, 0x0b, 0x19, 0x3a, 0xde, 0xef, 0x79, + 0x8e, 0x26, 0x8f, 0x14, 0xd9, 0xcd, 0xd5, 0x4c, 0x78, 0xd3, 0x9d, 0x5b, 0x1b, 0x9e, 0x8e, 0x75, + 0xc6, 0x1b, 0x4a, 0x8a, 0xd1, 0xce, 0xdc, 0xda, 0x3d, 0x56, 0x23, 0x44, 0x92, 0x85, 0xa7, 0xa0, + 0x56, 0x33, 0x69, 0x1e, 0x9e, 0x32, 0x73, 0x50, 0xcb, 0x28, 0xed, 0xa5, 0xcb, 0x44, 0x2a, 0x61, + 0xf9, 0x5a, 0x62, 0xed, 0x66, 0x0c, 0xac, 0xd0, 0x25, 0xf1, 0xc3, 0x1d, 0x84, 0x17, 0xbe, 0x32, + 0xf9, 0xb6, 0x8e, 0x58, 0x90, 0x69, 0xf1, 0xdb, 0x60, 0x90, 0xf7, 0xba, 0x89, 0x53, 0xd3, 0x99, + 0x8c, 0xa7, 0xe6, 0x3f, 0xa1, 0xaa, 0x1a, 0xcf, 0x57, 0x91, 0x4c, 0x25, 0x0d, 0xce, 0x79, 0xaf, + 0x7b, 0x9d, 0x1a, 0xad, 0x65, 0xea, 0x9b, 0x64, 0xfd, 0xae, 0x70, 0xe5, 0xe2, 0xed, 0x3d, 0x5b, + 0x4d, 0xe4, 0xfd, 0x72, 0xfc, 0xc5, 0xea, 0xb8, 0x33, 0x57, 0x8b, 0xff, 0x70, 0xcb, 0x6b, 0xee, + 0x9a, 0x96, 0x58, 0x0b, 0x1f, 0x9e, 0x32, 0xb3, 0x57, 0xcb, 0xd8, 0x2b, 0xed, 0xf1, 0xa7, 0x21, + 0x07, 0x6e, 0xfe, 0x06, 0x7f, 0x8a, 0xdc, 0xfe, 0xff, 0x2d, 0x42, 0x4e, 0x8c, 0xce, 0xd4, 0xec, + 0x54, 0x78, 0x41, 0xdf, 0x11, 0xb2, 0x5c, 0x57, 0x46, 0xda, 0x5f, 0x1c, 0xb6, 0x7a, 0xed, 0xce, + 0x72, 0xfb, 0x3b, 0xcb, 0x6c, 0x67, 0x5c, 0xbd, 0xf2, 0x9a, 0x86, 0xfe, 0x4a, 0x1e, 0x85, 0x0d, + 0x03, 0xd6, 0x42, 0xf1, 0x37, 0x77, 0x88, 0x27, 0x56, 0x68, 0x5e, 0x90, 0xf4, 0x47, 0xf2, 0x50, + 0xa4, 0x39, 0xb0, 0x5d, 0x54, 0x7c, 0x55, 0x57, 0x84, 0x1e, 0x1a, 0x9c, 0x9c, 0x73, 0x04, 0x10, + 0x4c, 0x32, 0x60, 0x5f, 0x37, 0x80, 0x49, 0xd6, 0x19, 0x0c, 0x47, 0x1c, 0x01, 0x3a, 0x24, 0xdb, + 0x2b, 0x5b, 0x0b, 0xec, 0xe5, 0xfa, 0x6c, 0xf2, 0x5e, 0x67, 0x88, 0xd0, 0x29, 0x32, 0x7c, 0x2b, + 0xa9, 0x45, 0x40, 0x5f, 0x93, 0x87, 0x99, 0x4a, 0x80, 0x7d, 0x8f, 0xca, 0xe7, 0xb7, 0x94, 0xa3, + 0xf1, 0xf0, 0xbd, 0xf6, 0xee, 0x86, 0x23, 0x14, 0x0a, 0x56, 0xfd, 0x10, 0x5b, 0xa1, 0x1c, 0xb0, + 0x76, 0x63, 0xc1, 0x7f, 0x4f, 0x0a, 0x28, 0x12, 0xca, 0xf1, 0xad, 0x4a, 0x12, 0x22, 0xa0, 0x47, + 0xe4, 0x31, 0x36, 0x01, 0xb0, 0x43, 0xd4, 0xee, 0xae, 0x68, 0xfb, 0x1d, 0x1e, 0x92, 0xbc, 0x64, + 0xc2, 0xf4, 0x84, 0xb3, 0xc0, 0x7e, 0x6a, 0x98, 0x5e, 0xbf, 0x33, 0xe0, 0x51, 0x39, 0xbd, 0x00, + 0xd1, 0x63, 0xb2, 0x61, 0x9d, 0xb9, 0xbe, 0x89, 0x85, 0xb3, 0xec, 0x55, 0xfb, 0x41, 0x83, 0x22, + 0x0a, 0xf9, 0x01, 0x8f, 0xf8, 0x13, 0x24, 0x07, 0xce, 0xd2, 0x11, 0xd9, 0x51, 0x16, 0x52, 0xa1, + 0x63, 0x2d, 0xd5, 0xec, 0x53, 0x62, 0x1c, 0x7b, 0x8d, 0xda, 0xef, 0x6e, 0x69, 0xc7, 0xd1, 0x24, + 0x15, 0xfa, 0xa2, 0x84, 0xf8, 0x76, 0xa1, 0xaa, 0xe2, 0x30, 0xd5, 0xb9, 0xcb, 0x80, 0x1d, 0x35, + 0x4e, 0xf5, 0x1f, 0x97, 0x5d, 0x8a, 0x24, 0x97, 0x1c, 0x21, 0xfa, 0x27, 0xd9, 0xd4, 0xc2, 0x1f, + 0x1f, 0xc7, 0xb3, 0xdc, 0x24, 0x22, 0x67, 0x3d, 0xac, 0xb8, 0xb2, 0x8e, 0xa1, 0xeb, 0x2f, 0x02, + 0x73, 0x86, 0x08, 0x6f, 0xe9, 0x65, 0x40, 0x7f, 0x21, 0x5f, 0x4e, 0x31, 0x06, 0xd6, 0xc7, 0x7a, + 0xcf, 0x6e, 0x4b, 0x4f, 0x51, 0xcb, 0x2b, 0x8c, 0x8e, 0xc9, 0xd3, 0xa2, 0x62, 0xad, 0xf3, 0x8f, + 0x51, 0xfa, 0xb2, 0xb1, 0xea, 0xb2, 0xef, 0x77, 0xf4, 0x4a, 0x0c, 0x74, 0x40, 0x8a, 0xb9, 0xc4, + 0xd6, 0x98, 0x1c, 0xd8, 0x6f, 0xeb, 0xe7, 0x67, 0xe1, 0x32, 0x98, 0x4e, 0x9d, 0x04, 0x88, 0x8c, + 0xc9, 0x39, 0x41, 0x51, 0x78, 0x05, 0x7a, 0x46, 0x08, 0x5e, 0x58, 0x31, 0xd8, 0x29, 0xb0, 0xb7, + 0xe8, 0x70, 0xb8, 0x72, 0x88, 0xf0, 0x3a, 0x9b, 0xc8, 0xf4, 0xca, 0x29, 0x7f, 0x13, 0x99, 0x5c, + 0xa5, 0x37, 0xe1, 0xec, 0x26, 0x02, 0x24, 0xdf, 0xc0, 0xec, 0xc4, 0x4e, 0x43, 0x4b, 0x6e, 0x94, + 0x46, 0x02, 0xd8, 0x1f, 0xe8, 0x73, 0x70, 0xb7, 0xcf, 0x00, 0xc0, 0xa4, 0x4a, 0x78, 0x65, 0x34, + 0x7f, 0x52, 0x98, 0x08, 0xa0, 0x23, 0xf2, 0x34, 0xdc, 0x23, 0xb1, 0xb2, 0x4e, 0x4e, 0x95, 0x93, + 0xa9, 0x07, 0x36, 0x5a, 0x6f, 0x6c, 0xbc, 0x6b, 0xc6, 0x11, 0x2f, 0x19, 0xbe, 0x13, 0x06, 0xc6, + 0x4b, 0x0d, 0xfd, 0x9d, 0x6c, 0xa2, 0x8f, 0x37, 0x9f, 0x0c, 0x78, 0x60, 0x67, 0xeb, 0x9d, 0x80, + 0x1e, 0x97, 0xe6, 0x83, 0x01, 0xcf, 0x5b, 0x21, 0xb8, 0x2c, 0x58, 0x7a, 0x42, 0xd0, 0x2e, 0x96, + 0xd7, 0xa9, 0xb4, 0x61, 0x7e, 0xc0, 0x3e, 0xa0, 0x7c, 0x6f, 0x4d, 0xfe, 0xbe, 0x42, 0xf8, 0x76, + 0x88, 0x17, 0x21, 0xd0, 0x77, 0x64, 0x3b, 0x5c, 0x7a, 0x71, 0x6e, 0x52, 0x91, 0x83, 0x9a, 0x02, + 0x8b, 0xd0, 0xe3, 0x45, 0xdd, 0x03, 0xaf, 0xc5, 0xf3, 0x40, 0x4c, 0xc6, 0xa7, 0x7c, 0x2b, 0x84, + 0xe7, 0x15, 0x4f, 0xdf, 0x12, 0x1c, 0x88, 0x6d, 0x58, 0x70, 0x25, 0x81, 0xfd, 0xbd, 0xfe, 0x1f, + 0xd0, 0xa0, 0xd8, 0x11, 0xbe, 0x19, 0x82, 0xa8, 0x84, 0x17, 0xf5, 0xc1, 0x4b, 0xe9, 0x94, 0x9e, + 0x01, 0xe3, 0x77, 0xd4, 0x9f, 0x94, 0x44, 0x51, 0xbf, 0x8a, 0x42, 0xfd, 0x16, 0x3a, 0x94, 0xc7, + 0x62, 0xb2, 0x7e, 0x2c, 0x0a, 0x39, 0x9f, 0xbf, 0x29, 0x8f, 0x05, 0x09, 0x03, 0xc5, 0xfb, 0xfe, + 0x47, 0xb2, 0x79, 0x61, 0xbc, 0xca, 0x54, 0x8a, 0x5b, 0x4c, 0xff, 0x22, 0x1b, 0x8b, 0x6e, 0x67, + 0x0f, 0xd0, 0xeb, 0xe8, 0xbe, 0x6b, 0xbe, 0x6e, 0xc0, 0x97, 0xf2, 0xfd, 0x73, 0xf2, 0x68, 0xe2, + 0x05, 0xee, 0xd4, 0x9a, 0xe9, 0xc1, 0x7d, 0xa6, 0xa8, 0xac, 0xb9, 0x0d, 0x8f, 0x3e, 0xbe, 0x9a, + 0x99, 0x4a, 0xa5, 0xf0, 0xa3, 0xf5, 0xb3, 0x98, 0x49, 0xed, 0xbb, 0xf3, 0x5e, 0x17, 0xbf, 0x59, + 0xdd, 0xe5, 0xe7, 0x2c, 0x79, 0x8c, 0x23, 0xfd, 0xcf, 0x01, 0x00, 0x00, 0xff, 0xff, 0xe3, 0x36, + 0x23, 0xb2, 0xb8, 0x08, 0x00, 0x00, } diff --git a/proto/ligato/vpp/vpp.proto b/proto/ligato/vpp/vpp.proto index becc35791e..c524019bfb 100644 --- a/proto/ligato/vpp/vpp.proto +++ b/proto/ligato/vpp/vpp.proto @@ -40,6 +40,8 @@ message ConfigData { nat.Nat44Global nat44_global = 50; repeated nat.DNat44 dnat44s = 51; + repeated nat.Nat44Interface nat44_interfaces = 52; + repeated nat.Nat44AddressPool nat44_pools = 53; repeated ipsec.SecurityPolicyDatabase ipsec_spds = 60; repeated ipsec.SecurityAssociation ipsec_sas = 61; From d77bb9889baba68e49e01c49e5d31b93c7989fa3 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Wed, 18 Dec 2019 00:14:57 +0100 Subject: [PATCH 2/9] clientv2 support for the new APIs Signed-off-by: Rastislav Szabo --- clientv2/vpp/data_change_api.go | 4 ++++ clientv2/vpp/data_resync_api.go | 4 ++++ clientv2/vpp/dbadapter/data_change_db.go | 12 ++++++++++++ clientv2/vpp/dbadapter/data_resync_db.go | 18 ++++++++++++++++++ 4 files changed, 38 insertions(+) diff --git a/clientv2/vpp/data_change_api.go b/clientv2/vpp/data_change_api.go index 537c6e9aff..3a3524b3c8 100644 --- a/clientv2/vpp/data_change_api.go +++ b/clientv2/vpp/data_change_api.go @@ -83,6 +83,10 @@ type PutDSL interface { NAT44Global(nat *nat.Nat44Global) PutDSL // DNAT44 adds a request to create or update DNAT44 configuration DNAT44(dnat *nat.DNat44) PutDSL + // NAT44Interface adds a request to create or update NAT44 interface configuration. + NAT44Interface(natIf *nat.Nat44Interface) PutDSL + // NAT44AddressPool adds a request to create or update NAT44 address pool. + NAT44AddressPool(pool *nat.Nat44AddressPool) PutDSL // IPSecSA adds request to create a new Security Association IPSecSA(sa *ipsec.SecurityAssociation) PutDSL // IPSecSPD adds request to create a new Security Policy Database diff --git a/clientv2/vpp/data_resync_api.go b/clientv2/vpp/data_resync_api.go index 6b89891ddc..04d5286a4f 100644 --- a/clientv2/vpp/data_resync_api.go +++ b/clientv2/vpp/data_resync_api.go @@ -63,6 +63,10 @@ type DataResyncDSL interface { NAT44Global(nat *nat.Nat44Global) DataResyncDSL // DNAT44 adds DNAT44 configuration to the RESYNC request DNAT44(dnat *nat.DNat44) DataResyncDSL + // NAT44Interface adds NAT44 interface configuration to the RESYNC request. + NAT44Interface(natIf *nat.Nat44Interface) DataResyncDSL + // NAT44AddressPool adds NAT44 address pool configuration to the RESYNC request. + NAT44AddressPool(pool *nat.Nat44AddressPool) DataResyncDSL // IPSecSA adds request to RESYNC a new Security Association IPSecSA(sa *ipsec.SecurityAssociation) DataResyncDSL // IPSecSPD adds request to RESYNC a new Security Policy Database diff --git a/clientv2/vpp/dbadapter/data_change_db.go b/clientv2/vpp/dbadapter/data_change_db.go index 8eaf54fefe..200a52bb07 100644 --- a/clientv2/vpp/dbadapter/data_change_db.go +++ b/clientv2/vpp/dbadapter/data_change_db.go @@ -167,6 +167,18 @@ func (dsl *PutDSL) DNAT44(nat44 *nat.DNat44) vppclient.PutDSL { return dsl } +// NAT44Interface adds a request to create or update NAT44 interface configuration. +func (dsl *PutDSL) NAT44Interface(natIf *nat.Nat44Interface) vppclient.PutDSL { + dsl.parent.txn.Put(models.Key(&nat.Nat44Interface{}), natIf) + return dsl +} + +// NAT44AddressPool adds a request to create or update NAT44 address pool. +func (dsl *PutDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) vppclient.PutDSL { + dsl.parent.txn.Put(models.Key(&nat.Nat44AddressPool{}), pool) + return dsl +} + // IPSecSA adds request to create a new Security Association func (dsl *PutDSL) IPSecSA(sa *ipsec.SecurityAssociation) vppclient.PutDSL { dsl.parent.txn.Put(ipsec.SAKey(sa.Index), sa) diff --git a/clientv2/vpp/dbadapter/data_resync_db.go b/clientv2/vpp/dbadapter/data_resync_db.go index 9ae511b525..bd1d924d40 100644 --- a/clientv2/vpp/dbadapter/data_resync_db.go +++ b/clientv2/vpp/dbadapter/data_resync_db.go @@ -184,6 +184,24 @@ func (dsl *DataResyncDSL) DNAT44(nat44 *nat.DNat44) vppclient.DataResyncDSL { return dsl } +// NAT44Interface adds NAT44 interface configuration to the RESYNC request. +func (dsl *DataResyncDSL) NAT44Interface(natIf *nat.Nat44Interface) vppclient.DataResyncDSL { + key := models.Key(&nat.Nat44Interface{}) + dsl.txn.Put(key, natIf) + dsl.txnKeys = append(dsl.txnKeys, key) + + return dsl +} + +// NAT44AddressPool adds NAT44 address pool configuration to the RESYNC request. +func (dsl *DataResyncDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) vppclient.DataResyncDSL { + key := models.Key(&nat.Nat44AddressPool{}) + dsl.txn.Put(key, pool) + dsl.txnKeys = append(dsl.txnKeys, key) + + return dsl +} + // IPSecSA adds request to create a new Security Association func (dsl *DataResyncDSL) IPSecSA(sa *ipsec.SecurityAssociation) vppclient.DataResyncDSL { key := ipsec.SAKey(sa.Index) From eb05a487eafebf45ad377428ede3f3feda78fa2e Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 19 Dec 2019 16:08:23 +0100 Subject: [PATCH 3/9] NAT44 address pool descriptor + dumps Signed-off-by: Rastislav Szabo --- plugins/configurator/dump.go | 2 +- plugins/restapi/handlers.go | 2 +- .../descriptor/nat44_address_pool.go | 135 ++++++++++++++++++ .../descriptor/nat44_global_address.go | 4 +- .../natplugin/descriptor/nat44_interface.go | 32 ++--- plugins/vpp/natplugin/natplugin.go | 2 + .../vpp/natplugin/vppcalls/nat_vppcalls.go | 12 +- .../vppcalls/vpp1904/dump_nat_vppcalls.go | 53 ++++++- .../vppcalls/vpp1904/nat_vppcalls.go | 34 +++-- .../vppcalls/vpp1904/nat_vppcalls_test.go | 8 +- .../vppcalls/vpp1908/dump_nat_vppcalls.go | 53 ++++++- .../vpp1908/dump_nat_vppcalls_test.go | 89 ++++++++++++ .../vppcalls/vpp1908/nat_vppcalls.go | 31 ++-- .../vppcalls/vpp1908/nat_vppcalls_test.go | 36 +++-- .../vppcalls/vpp2001/dump_nat_vppcalls.go | 53 ++++++- .../vpp2001/dump_nat_vppcalls_test.go | 89 ++++++++++++ .../vppcalls/vpp2001/nat_vppcalls.go | 31 ++-- .../vppcalls/vpp2001/nat_vppcalls_test.go | 36 +++-- .../vppcalls/vpp2001_324/dump_nat_vppcalls.go | 53 ++++++- .../vpp2001_324/dump_nat_vppcalls_test.go | 89 ++++++++++++ .../vppcalls/vpp2001_324/nat_vppcalls.go | 31 ++-- .../vppcalls/vpp2001_324/nat_vppcalls_test.go | 36 +++-- proto/ligato/vpp/nat/models.go | 19 ++- proto/ligato/vpp/nat/nat.pb.go | 131 ++++++++--------- proto/ligato/vpp/nat/nat.proto | 14 +- 25 files changed, 864 insertions(+), 211 deletions(-) create mode 100644 plugins/vpp/natplugin/descriptor/nat44_address_pool.go diff --git a/plugins/configurator/dump.go b/plugins/configurator/dump.go index 9a671f2632..cfe38a1a67 100644 --- a/plugins/configurator/dump.go +++ b/plugins/configurator/dump.go @@ -401,7 +401,7 @@ func (svc *dumpService) DumpNAT44Interfaces() (natIfs []*vpp_nat.Nat44Interface, return nil, nil } - natIfs, err = svc.natHandler.Nat44Nat44InterfacesDump() + natIfs, err = svc.natHandler.Nat44InterfacesDump() if err != nil { return nil, err } diff --git a/plugins/restapi/handlers.go b/plugins/restapi/handlers.go index babf16fcb5..ff304d29a1 100644 --- a/plugins/restapi/handlers.go +++ b/plugins/restapi/handlers.go @@ -119,7 +119,7 @@ func (p *Plugin) registerNATHandlers() { if p.natHandler == nil { return nil, ErrHandlerUnavailable } - return p.natHandler.Nat44Nat44InterfacesDump() + return p.natHandler.Nat44InterfacesDump() }) // GET NAT address pools p.registerHTTPHandler(resturl.NatAddressPools, GET, func() (interface{}, error) { diff --git a/plugins/vpp/natplugin/descriptor/nat44_address_pool.go b/plugins/vpp/natplugin/descriptor/nat44_address_pool.go new file mode 100644 index 0000000000..e5b82618f6 --- /dev/null +++ b/plugins/vpp/natplugin/descriptor/nat44_address_pool.go @@ -0,0 +1,135 @@ +// Copyright (c) 2019 Cisco and/or its affiliates. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at: +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package descriptor + +import ( + "bytes" + "errors" + "net" + + "github.com/ligato/cn-infra/logging" + + kvs "go.ligato.io/vpp-agent/v2/plugins/kvscheduler/api" + "go.ligato.io/vpp-agent/v2/plugins/vpp/natplugin/descriptor/adapter" + "go.ligato.io/vpp-agent/v2/plugins/vpp/natplugin/vppcalls" + l3 "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/l3" + nat "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat" +) + +const ( + // NAT44AddressPoolDescriptorName is the name of the descriptor for NAT44 IP address pools. + NAT44AddressPoolDescriptorName = "vpp-nat44-address-pool" +) + +// A list of non-retriable errors: +var ( + // errInvalidIPAddress is returned when IP address from NAT address pool cannot be parsed. + errInvalidIPAddress = errors.New("invalid IP address") + // errInvalidLastPoolAddress is returned when last IP of the pool is not higher than first IP of the pool, or empty. + errInvalidLastPoolAddress = errors.New("last IP should be higher than first IP, or empty") +) + +// NAT44AddressPoolDescriptor teaches KVScheduler how to add/remove VPP NAT44 IP addresses pools. +type NAT44AddressPoolDescriptor struct { + log logging.Logger + natHandler vppcalls.NatVppAPI + nat44GlobalDesc *NAT44GlobalDescriptor +} + +// NewNAT44AddressPoolDescriptor creates a new instance of the NAT44AddressPoolDescriptor. +func NewNAT44AddressPoolDescriptor(nat44GlobalDesc *NAT44GlobalDescriptor, + natHandler vppcalls.NatVppAPI, log logging.PluginLogger) *kvs.KVDescriptor { + ctx := &NAT44AddressPoolDescriptor{ + nat44GlobalDesc: nat44GlobalDesc, + natHandler: natHandler, + log: log.NewLogger("nat44-address-pool-descriptor"), + } + typedDescr := &adapter.NAT44AddressPoolDescriptor{ + Name: NAT44AddressPoolDescriptorName, + NBKeyPrefix: nat.ModelNat44AddressPool.KeyPrefix(), + ValueTypeName: nat.ModelNat44AddressPool.ProtoName(), + KeySelector: nat.ModelNat44AddressPool.IsKeyValid, + KeyLabel: nat.ModelNat44AddressPool.StripKeyPrefix, + Validate: ctx.Validate, + Create: ctx.Create, + Delete: ctx.Delete, + Retrieve: ctx.Retrieve, + Dependencies: ctx.Dependencies, + } + return adapter.NewNAT44AddressPoolDescriptor(typedDescr) +} + +// Validate validates configuration for NAT44 IP addresses pool. +func (d *NAT44AddressPoolDescriptor) Validate(key string, natAddr *nat.Nat44AddressPool) error { + firstIp := net.ParseIP(natAddr.FirstIp) + if firstIp == nil { + return kvs.NewInvalidValueError(errInvalidIPAddress, "first_ip") + } + if natAddr.LastIp != "" { + lastIp := net.ParseIP(natAddr.LastIp) + if lastIp == nil { + return kvs.NewInvalidValueError(errInvalidIPAddress, "last_ip") + } + if bytes.Compare(firstIp, lastIp) > 0 { + // last IP should be empty or higher than first IP + return kvs.NewInvalidValueError(errInvalidLastPoolAddress, "last_ip") + } + } + return nil +} + +// Create adds IP address pool into VPP NAT44 address pools. +func (d *NAT44AddressPoolDescriptor) Create(key string, natAddr *nat.Nat44AddressPool) (metadata interface{}, err error) { + return nil, + d.natHandler.AddNat44AddressPool(natAddr.VrfId, natAddr.FirstIp, natAddr.LastIp, natAddr.TwiceNat) +} + +// Delete removes IP address pool from VPP NAT44 address pools. +func (d *NAT44AddressPoolDescriptor) Delete(key string, natAddr *nat.Nat44AddressPool, metadata interface{}) error { + return d.natHandler.DelNat44AddressPool(natAddr.VrfId, natAddr.FirstIp, natAddr.LastIp, natAddr.TwiceNat) +} + +// Retrieve returns VPP IP address pools configured on VPP. +func (d *NAT44AddressPoolDescriptor) Retrieve(correlate []adapter.NAT44AddressPoolKVWithMetadata) ( + retrieved []adapter.NAT44AddressPoolKVWithMetadata, err error) { + if d.nat44GlobalDesc.UseDeprecatedAPI { + return nil, nil // NAT IP addresses already dumped by global descriptor (deprecated API is in use) + } + natPools, err := d.natHandler.Nat44AddressPoolsDump() + if err != nil { + return nil, err + } + for _, pool := range natPools { + retrieved = append(retrieved, adapter.NAT44AddressPoolKVWithMetadata{ + Key: nat.Nat44AddressPoolKey(pool.VrfId, pool.FirstIp, pool.LastIp), + Value: pool, + Origin: kvs.FromNB, + }) + } + return +} + +// Dependencies lists non-zero and non-all-ones VRF as the only dependency. +func (d *NAT44AddressPoolDescriptor) Dependencies(key string, natAddr *nat.Nat44AddressPool) []kvs.Dependency { + if natAddr.VrfId == 0 || natAddr.VrfId == ^uint32(0) { + return nil + } + return []kvs.Dependency{ + { + Label: addressVrfDep, + Key: l3.VrfTableKey(natAddr.VrfId, l3.VrfTable_IPV4), + }, + } +} diff --git a/plugins/vpp/natplugin/descriptor/nat44_global_address.go b/plugins/vpp/natplugin/descriptor/nat44_global_address.go index 2ddcdb07f7..aa9d80381d 100644 --- a/plugins/vpp/natplugin/descriptor/nat44_global_address.go +++ b/plugins/vpp/natplugin/descriptor/nat44_global_address.go @@ -89,7 +89,7 @@ func (d *NAT44GlobalAddressDescriptor) Validate(key string, natAddr *nat.Nat44Gl // Create adds IP address into the NAT44 address pool. func (d *NAT44GlobalAddressDescriptor) Create(key string, natAddr *nat.Nat44Global_Address) (metadata interface{}, err error) { - err = d.natHandler.AddNat44Address(natAddr.Address, natAddr.VrfId, natAddr.TwiceNat) + err = d.natHandler.AddNat44AddressPool(natAddr.VrfId, natAddr.Address, "", natAddr.TwiceNat) if err != nil { d.log.Error(err) return nil, err @@ -99,7 +99,7 @@ func (d *NAT44GlobalAddressDescriptor) Create(key string, natAddr *nat.Nat44Glob // Delete removes IP address from the NAT44 address pool. func (d *NAT44GlobalAddressDescriptor) Delete(key string, natAddr *nat.Nat44Global_Address, metadata interface{}) error { - err := d.natHandler.DelNat44Address(natAddr.Address, natAddr.VrfId, natAddr.TwiceNat) + err := d.natHandler.DelNat44AddressPool(natAddr.VrfId, natAddr.Address, "", natAddr.TwiceNat) if err != nil { d.log.Error(err) return err diff --git a/plugins/vpp/natplugin/descriptor/nat44_interface.go b/plugins/vpp/natplugin/descriptor/nat44_interface.go index a5953b4aeb..6bc2e42abb 100644 --- a/plugins/vpp/natplugin/descriptor/nat44_interface.go +++ b/plugins/vpp/natplugin/descriptor/nat44_interface.go @@ -75,51 +75,45 @@ func (d *NAT44InterfaceDescriptor) Create(key string, natIface *nat.Nat44Interfa if natIface.NatInside { err = d.natHandler.EnableNat44Interface(natIface.Name, true, natIface.OutputFeature) if err != nil { - d.log.Error(err) - return nil, err + return } } if natIface.NatOutside { err = d.natHandler.EnableNat44Interface(natIface.Name, false, natIface.OutputFeature) if err != nil { - d.log.Error(err) - return nil, err + return } } - return nil, nil + return } // Delete disables NAT44 on an interface. -func (d *NAT44InterfaceDescriptor) Delete(key string, natIface *nat.Nat44Interface, metadata interface{}) error { +func (d *NAT44InterfaceDescriptor) Delete(key string, natIface *nat.Nat44Interface, metadata interface{}) (err error) { if natIface.NatInside { - err := d.natHandler.DisableNat44Interface(natIface.Name, true, natIface.OutputFeature) + err = d.natHandler.DisableNat44Interface(natIface.Name, true, natIface.OutputFeature) if err != nil { - d.log.Error(err) - return err + return } } if natIface.NatOutside { - err := d.natHandler.DisableNat44Interface(natIface.Name, false, natIface.OutputFeature) + err = d.natHandler.DisableNat44Interface(natIface.Name, false, natIface.OutputFeature) if err != nil { - d.log.Error(err) - return err + return } } - return nil + return } // Retrieve returns the current NAT44 interface configuration. -func (d *NAT44InterfaceDescriptor) Retrieve(correlate []adapter.NAT44InterfaceKVWithMetadata) ([]adapter.NAT44InterfaceKVWithMetadata, error) { +func (d *NAT44InterfaceDescriptor) Retrieve(correlate []adapter.NAT44InterfaceKVWithMetadata) ( + retrieved []adapter.NAT44InterfaceKVWithMetadata, err error) { if d.nat44GlobalDesc.UseDeprecatedAPI { return nil, nil // NAT interfaces already dumped by global descriptor (deprecated API is in use) } - natIfs, err := d.natHandler.Nat44Nat44InterfacesDump() + natIfs, err := d.natHandler.Nat44InterfacesDump() if err != nil { - d.log.Error(err) return nil, err } - retrieved := make([]adapter.NAT44InterfaceKVWithMetadata, 0) - for _, natIf := range natIfs { retrieved = append(retrieved, adapter.NAT44InterfaceKVWithMetadata{ Key: nat.Nat44InterfaceKey(natIf.Name), @@ -127,7 +121,7 @@ func (d *NAT44InterfaceDescriptor) Retrieve(correlate []adapter.NAT44InterfaceKV Origin: kvs.FromNB, }) } - return retrieved, nil + return } // Dependencies lists the interface as the only dependency. diff --git a/plugins/vpp/natplugin/natplugin.go b/plugins/vpp/natplugin/natplugin.go index 1fc7cb123b..29673c5c77 100644 --- a/plugins/vpp/natplugin/natplugin.go +++ b/plugins/vpp/natplugin/natplugin.go @@ -75,6 +75,7 @@ func (p *NATPlugin) Init() (err error) { nat44GlobalAddrDescriptor := descriptor.NewNAT44GlobalAddressDescriptor(p.natHandler, p.Log) dnat44Descriptor := descriptor.NewDNAT44Descriptor(p.natHandler, p.Log) nat44IfaceDescriptor := descriptor.NewNAT44InterfaceDescriptor(nat44GlobalCtx, p.natHandler, p.Log) + nat44AddrPoolDescriptor := descriptor.NewNAT44AddressPoolDescriptor(nat44GlobalCtx, p.natHandler, p.Log) err = p.KVScheduler.RegisterKVDescriptor( nat44GlobalDescriptor, @@ -82,6 +83,7 @@ func (p *NATPlugin) Init() (err error) { nat44GlobalAddrDescriptor, // deprecated, kept for backward compatibility dnat44Descriptor, nat44IfaceDescriptor, + nat44AddrPoolDescriptor, ) if err != nil { return err diff --git a/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go index c41fe69dbf..2f8aa5f158 100644 --- a/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/nat_vppcalls.go @@ -34,10 +34,10 @@ type NatVppAPI interface { EnableNat44Interface(iface string, isInside, isOutput bool) error // DisableNat44Interface disables NAT feature for provided interface DisableNat44Interface(iface string, isInside, isOutput bool) error - // AddNat44Address adds new IPV4 address into the NAT pool. - AddNat44Address(address string, vrf uint32, twiceNat bool) error - // DelNat44Address removes existing IPv4 address from the NAT pool. - DelNat44Address(address string, vrf uint32, twiceNat bool) error + // AddNat44AddressPool adds new IPV4 address pool into the NAT pools. + AddNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error + // DelNat44AddressPool removes existing IPv4 address pool from the NAT pools. + DelNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error // SetVirtualReassemblyIPv4 configures NAT virtual reassembly for IPv4 packets. SetVirtualReassemblyIPv4(vrCfg *nat.VirtualReassembly) error // SetVirtualReassemblyIPv6 configures NAT virtual reassembly for IPv6 packets. @@ -59,8 +59,8 @@ type NatVppRead interface { Nat44GlobalConfigDump(dumpDeprecated bool) (*nat.Nat44Global, error) // DNat44Dump dumps all configured DNAT-44 configurations ordered by label. DNat44Dump() ([]*nat.DNat44, error) - // Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. - Nat44Nat44InterfacesDump() ([]*nat.Nat44Interface, error) + // Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. + Nat44InterfacesDump() ([]*nat.Nat44Interface, error) // Nat44AddressPoolsDump dumps all configured NAT44 address pools. Nat44AddressPoolsDump() ([]*nat.Nat44AddressPool, error) } diff --git a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go index 54d2d326e7..7903609cea 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go @@ -107,8 +107,8 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } -// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. -func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { +// Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { // dump NAT interfaces without output feature enabled req1 := &ba_nat.Nat44InterfaceDump{} @@ -166,7 +166,40 @@ func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface // Nat44AddressPoolsDump dumps all configured NAT44 address pools. func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { - return // TODO: implement me + var curPool *nat.Nat44AddressPool + var lastIP net.IP + + req := &ba_nat.Nat44AddressDump{} + reqContext := h.callsChannel.SendMultiRequest(req) + + for { + msg := &ba_nat.Nat44AddressDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 Address pool: %v", err) + } + if stop { + break + } + ip := net.IP(msg.IPAddress[:]) + isTwiceNat := uintToBool(msg.TwiceNat) + // merge subsequent IPs into a single pool + if curPool != nil && curPool.VrfId == msg.VrfID && curPool.TwiceNat == isTwiceNat && ip.Equal(incIP(lastIP)) { + // update current pool + curPool.LastIp = ip.String() + } else { + // start a new pool + pool := &nat.Nat44AddressPool{ + FirstIp: ip.String(), + VrfId: msg.VrfID, + TwiceNat: isTwiceNat, + } + curPool = pool + natPools = append(natPools, pool) + } + lastIP = ip + } + return } // nat44AddressDump returns NAT44 address pool configured in the VPP. @@ -606,3 +639,17 @@ func uintToBool(value uint8) bool { } return true } + +// incIP increments IP address and returns it. +// Based on: https://play.golang.org/p/m8TNTtygK0 +func incIP(ip net.IP) net.IP { + retIP := make(net.IP, len(ip)) + copy(retIP, ip) + for j := len(retIP) - 1; j >= 0; j-- { + retIP[j]++ + if retIP[j] > 0 { + break + } + } + return retIP +} diff --git a/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls.go index ef9239d658..fd1dcf3520 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls.go @@ -67,14 +67,14 @@ func (h *NatVppHandler) DisableNat44Interface(iface string, isInside, isOutput b return h.handleNat44Interface(iface, isInside, false) } -// AddNat44Address adds new IPv4 address into the NAT44 pool. -func (h *NatVppHandler) AddNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, true) +// AddNat44AddressPool adds new IPV4 address pool into the NAT pools. +func (h *NatVppHandler) AddNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, true) } -// DelNat44Address removes existing IPv4 address from the NAT44 pool. -func (h *NatVppHandler) DelNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, false) +// DelNat44AddressPool removes existing IPv4 address pool from the NAT pools. +func (h *NatVppHandler) DelNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, false) } // SetVirtualReassemblyIPv4 configures NAT virtual reassembly for IPv4 packets. @@ -163,17 +163,23 @@ func (h *NatVppHandler) handleNat44InterfaceOutputFeature(iface string, isInside return nil } -// Calls VPP binary API to add/remove address to/from the NAT44 pool. -func (h *NatVppHandler) handleNat44AddressPool(address string, vrf uint32, twiceNat, isAdd bool) error { - ipAddr := net.ParseIP(address).To4() - if ipAddr == nil { - return errors.Errorf("unable to parse address %s from the NAT pool", - address) +// Calls VPP binary API to add/remove addresses to/from the NAT44 pool. +func (h *NatVppHandler) handleNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat, isAdd bool) error { + firstAddr := net.ParseIP(firstIP).To4() + if firstAddr == nil { + return errors.Errorf("unable to parse address %s from the NAT pool", firstIP) + } + lastAddr := firstAddr + if lastIP != "" { + lastAddr = net.ParseIP(lastIP).To4() + if lastAddr == nil { + return errors.Errorf("unable to parse address %s from the NAT pool", lastIP) + } } req := &natba.Nat44AddDelAddressRange{ - FirstIPAddress: ipAddr, - LastIPAddress: ipAddr, + FirstIPAddress: firstAddr, + LastIPAddress: lastAddr, VrfID: vrf, TwiceNat: boolToUint(twiceNat), IsAdd: boolToUint(isAdd), diff --git a/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls_test.go index 12e906776b..7bc9239d52 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1904/nat_vppcalls_test.go @@ -293,7 +293,7 @@ func TestAddNat44Address(t *testing.T) { addr := net.ParseIP("10.0.0.1").To4() ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) @@ -314,7 +314,7 @@ func TestAddNat44AddressError(t *testing.T) { // Incorrect reply object ctx.MockVpp.MockReply(&binapi.Nat44AddDelIdentityMappingReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } @@ -328,7 +328,7 @@ func TestAddNat44AddressPoolRetval(t *testing.T) { ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{ Retval: 1, }) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } @@ -340,7 +340,7 @@ func TestDelNat44Address(t *testing.T) { addr := net.ParseIP("10.0.0.1").To4() ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{}) - err := natHandler.DelNat44Address(addr.String(), 0, false) + err := natHandler.DelNat44AddressPool(0, addr.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go index 5cf8a62ea6..2b203f3304 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go @@ -106,8 +106,8 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } -// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. -func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { +// Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { // dump NAT interfaces without output feature enabled req1 := &ba_nat.Nat44InterfaceDump{} @@ -167,7 +167,40 @@ func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface // Nat44AddressPoolsDump dumps all configured NAT44 address pools. func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { - return // TODO: implement me + var curPool *nat.Nat44AddressPool + var lastIP net.IP + + req := &ba_nat.Nat44AddressDump{} + reqContext := h.callsChannel.SendMultiRequest(req) + + for { + msg := &ba_nat.Nat44AddressDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 Address pool: %v", err) + } + if stop { + break + } + ip := net.IP(msg.IPAddress[:]) + isTwiceNat := getNat44Flags(msg.Flags).isTwiceNat + // merge subsequent IPs into a single pool + if curPool != nil && curPool.VrfId == msg.VrfID && curPool.TwiceNat == isTwiceNat && ip.Equal(incIP(lastIP)) { + // update current pool + curPool.LastIp = ip.String() + } else { + // start a new pool + pool := &nat.Nat44AddressPool{ + FirstIp: ip.String(), + VrfId: msg.VrfID, + TwiceNat: isTwiceNat, + } + curPool = pool + natPools = append(natPools, pool) + } + lastIP = ip + } + return } // nat44AddressDump returns NAT44 address pool configured in the VPP. @@ -632,3 +665,17 @@ func uintToBool(value uint8) bool { } return true } + +// incIP increments IP address and returns it. +// Based on: https://play.golang.org/p/m8TNTtygK0 +func incIP(ip net.IP) net.IP { + retIP := make(net.IP, len(ip)) + copy(retIP, ip) + for j := len(retIP) - 1; j >= 0; j-- { + retIP[j]++ + if retIP[j] > 0 { + break + } + } + return retIP +} diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go index c925c828ae..a3d9bb764f 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls_test.go @@ -122,6 +122,95 @@ func TestNat44GlobalConfigDump(t *testing.T) { Expect(globalCfg.VirtualReassembly.DropFragments).To(BeTrue()) } +func TestNat44InterfacesDump(t *testing.T) { + ctx, natHandler, swIfIndexes, _ := natTestSetup(t) + defer ctx.TeardownTestCtx() + + // non-output interfaces + ctx.MockVpp.MockReply( + &bin_api.Nat44InterfaceDetails{ + SwIfIndex: 1, + Flags: bin_api.NAT_IS_OUTSIDE, + }, + &bin_api.Nat44InterfaceDetails{ + SwIfIndex: 2, + Flags: bin_api.NAT_IS_INSIDE, + }) + ctx.MockVpp.MockReply(&vpe.ControlPingReply{}) + + // output interfaces + ctx.MockVpp.MockReply(&bin_api.Nat44InterfaceOutputFeatureDetails{ + SwIfIndex: 3, + Flags: bin_api.NAT_IS_INSIDE | bin_api.NAT_IS_OUTSIDE, + }) + ctx.MockVpp.MockReply(&vpe.ControlPingReply{}) + + swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) + swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) + swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) + + interfaces, err := natHandler.Nat44InterfacesDump() + Expect(err).To(Succeed()) + + Expect(interfaces).To(HaveLen(3)) + + Expect(interfaces[0].Name).To(Equal("if0")) + Expect(interfaces[0].NatInside).To(BeFalse()) + Expect(interfaces[0].NatOutside).To(BeTrue()) + Expect(interfaces[0].OutputFeature).To(BeFalse()) + + Expect(interfaces[1].Name).To(Equal("if1")) + Expect(interfaces[1].NatInside).To(BeTrue()) + Expect(interfaces[1].NatOutside).To(BeFalse()) + Expect(interfaces[1].OutputFeature).To(BeFalse()) + + Expect(interfaces[2].Name).To(Equal("if2")) + Expect(interfaces[2].NatInside).To(BeTrue()) + Expect(interfaces[2].NatOutside).To(BeTrue()) + Expect(interfaces[2].OutputFeature).To(BeTrue()) +} + +func TestNat44AddressPoolsDump(t *testing.T) { + ctx, natHandler, _, _ := natTestSetup(t) + defer ctx.TeardownTestCtx() + + // address pool + ctx.MockVpp.MockReply( + &bin_api.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.1"), + Flags: bin_api.NAT_IS_TWICE_NAT, + VrfID: 1, + }, + &bin_api.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.2"), + VrfID: 2, + }, + &bin_api.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.3"), + VrfID: 2, + }, + &bin_api.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.4"), + VrfID: 2, + }) + ctx.MockVpp.MockReply(&vpe.ControlPingReply{}) + + pools, err := natHandler.Nat44AddressPoolsDump() + Expect(err).To(Succeed()) + + Expect(pools).To(HaveLen(2)) + + Expect(pools[0].FirstIp).To(Equal("192.168.10.1")) + Expect(pools[0].LastIp).To(Equal("")) + Expect(pools[0].TwiceNat).To(BeTrue()) + Expect(pools[0].VrfId).To(BeEquivalentTo(1)) + + Expect(pools[1].FirstIp).To(Equal("192.168.10.2")) + Expect(pools[1].LastIp).To(Equal("192.168.10.4")) + Expect(pools[1].TwiceNat).To(BeFalse()) + Expect(pools[1].VrfId).To(BeEquivalentTo(2)) +} + func TestDNATDump(t *testing.T) { ctx, natHandler, swIfIndexes, dhcpIndexes := natTestSetup(t) defer ctx.TeardownTestCtx() diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls.go index f6219b0948..e9ca0bf24e 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls.go @@ -80,14 +80,14 @@ func (h *NatVppHandler) DisableNat44Interface(iface string, isInside, isOutput b return h.handleNat44Interface(iface, isInside, false) } -// AddNat44Address adds new IPv4 address into the NAT44 pool. -func (h *NatVppHandler) AddNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, true) +// AddNat44AddressPool adds new IPV4 address pool into the NAT pools. +func (h *NatVppHandler) AddNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, true) } -// DelNat44Address removes existing IPv4 address from the NAT44 pool. -func (h *NatVppHandler) DelNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, false) +// DelNat44AddressPool removes existing IPv4 address pool from the NAT pools. +func (h *NatVppHandler) DelNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, false) } // SetVirtualReassemblyIPv4 configures NAT virtual reassembly for IPv4 packets. @@ -176,16 +176,23 @@ func (h *NatVppHandler) handleNat44InterfaceOutputFeature(iface string, isInside return nil } -// Calls VPP binary API to add/remove address to/from the NAT44 pool. -func (h *NatVppHandler) handleNat44AddressPool(address string, vrf uint32, twiceNat, isAdd bool) error { - ipAddr, err := ipTo4Address(address) +// Calls VPP binary API to add/remove addresses to/from the NAT44 pool. +func (h *NatVppHandler) handleNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat, isAdd bool) error { + firstAddr, err := ipTo4Address(firstIP) if err != nil { - return errors.Errorf("unable to parse address %s from the NAT pool: %v", address, err) + return errors.Errorf("unable to parse address %s from the NAT pool: %v", firstIP, err) + } + lastAddr := firstAddr + if lastIP != "" { + lastAddr, err = ipTo4Address(lastIP) + if err != nil { + return errors.Errorf("unable to parse address %s from the NAT pool: %v", lastIP, err) + } } req := &natba.Nat44AddDelAddressRange{ - FirstIPAddress: ipAddr, - LastIPAddress: ipAddr, + FirstIPAddress: firstAddr, + LastIPAddress: lastAddr, VrfID: vrf, Flags: setNat44Flags(&nat44Flags{isTwiceNat: twiceNat}), IsAdd: isAdd, diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls_test.go index 97aa0d68c8..5712db7002 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/nat_vppcalls_test.go @@ -286,27 +286,41 @@ func TestDisableNat44InterfaceOutputAsOutside(t *testing.T) { Expect(msg.SwIfIndex).To(BeEquivalentTo(2)) } -func TestAddNat44Address(t *testing.T) { +func TestAddNat44AddressPool(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() - addr := net.ParseIP("10.0.0.1").To4() + addr1 := net.ParseIP("10.0.0.1").To4() + addr2 := net.ParseIP("10.0.0.10").To4() + // first IP only ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) - + err := natHandler.AddNat44AddressPool(0, addr1.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) msg, ok := ctx.MockChannel.Msg.(*binapi.Nat44AddDelAddressRange) Expect(ok).To(BeTrue()) Expect(msg.IsAdd).To(BeTrue()) - Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr.String())) - Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr.String())) + Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(msg.VrfID).To(BeEquivalentTo(0)) + Expect(msg.Flags).To(BeEquivalentTo(0)) + + // first IP + last IP + ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{}) + err = natHandler.AddNat44AddressPool(0, addr1.String(), addr2.String(), false) + Expect(err).ShouldNot(HaveOccurred()) + + msg, ok = ctx.MockChannel.Msg.(*binapi.Nat44AddDelAddressRange) + Expect(ok).To(BeTrue()) + Expect(msg.IsAdd).To(BeTrue()) + Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr2.String())) Expect(msg.VrfID).To(BeEquivalentTo(0)) Expect(msg.Flags).To(BeEquivalentTo(0)) } -func TestAddNat44AddressError(t *testing.T) { +func TestAddNat44AddressPoolError(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() @@ -314,7 +328,7 @@ func TestAddNat44AddressError(t *testing.T) { // Incorrect reply object ctx.MockVpp.MockReply(&binapi.Nat44AddDelIdentityMappingReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } @@ -328,19 +342,19 @@ func TestAddNat44AddressPoolRetval(t *testing.T) { ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{ Retval: 1, }) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } -func TestDelNat44Address(t *testing.T) { +func TestDelNat44AddressPool(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() addr := net.ParseIP("10.0.0.1").To4() ctx.MockVpp.MockReply(&binapi.Nat44AddDelAddressRangeReply{}) - err := natHandler.DelNat44Address(addr.String(), 0, false) + err := natHandler.DelNat44AddressPool(0, addr.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go index f8a1d701bc..b8c3a759ac 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go @@ -106,8 +106,8 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } -// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. -func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { +// Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { // dump NAT interfaces without output feature enabled req1 := &vpp_nat.Nat44InterfaceDump{} @@ -167,7 +167,40 @@ func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface // Nat44AddressPoolsDump dumps all configured NAT44 address pools. func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { - return // TODO: implement me + var curPool *nat.Nat44AddressPool + var lastIP net.IP + + req := &vpp_nat.Nat44AddressDump{} + reqContext := h.callsChannel.SendMultiRequest(req) + + for { + msg := &vpp_nat.Nat44AddressDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 Address pool: %v", err) + } + if stop { + break + } + ip := net.IP(msg.IPAddress[:]) + isTwiceNat := getNat44Flags(msg.Flags).isTwiceNat + // merge subsequent IPs into a single pool + if curPool != nil && curPool.VrfId == msg.VrfID && curPool.TwiceNat == isTwiceNat && ip.Equal(incIP(lastIP)) { + // update current pool + curPool.LastIp = ip.String() + } else { + // start a new pool + pool := &nat.Nat44AddressPool{ + FirstIp: ip.String(), + VrfId: msg.VrfID, + TwiceNat: isTwiceNat, + } + curPool = pool + natPools = append(natPools, pool) + } + lastIP = ip + } + return } // nat44AddressDump returns NAT44 address pool configured in the VPP. @@ -632,3 +665,17 @@ func uintToBool(value uint8) bool { } return true } + +// incIP increments IP address and returns it. +// Based on: https://play.golang.org/p/m8TNTtygK0 +func incIP(ip net.IP) net.IP { + retIP := make(net.IP, len(ip)) + copy(retIP, ip) + for j := len(retIP) - 1; j >= 0; j-- { + retIP[j]++ + if retIP[j] > 0 { + break + } + } + return retIP +} diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go index cfff91bc14..f4f92685b4 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls_test.go @@ -122,6 +122,95 @@ func TestNat44GlobalConfigDump(t *testing.T) { Expect(globalCfg.VirtualReassembly.DropFragments).To(BeTrue()) } +func TestNat44InterfacesDump(t *testing.T) { + ctx, natHandler, swIfIndexes, _ := natTestSetup(t) + defer ctx.TeardownTestCtx() + + // non-output interfaces + ctx.MockVpp.MockReply( + &vpp_nat.Nat44InterfaceDetails{ + SwIfIndex: 1, + Flags: vpp_nat.NAT_IS_OUTSIDE, + }, + &vpp_nat.Nat44InterfaceDetails{ + SwIfIndex: 2, + Flags: vpp_nat.NAT_IS_INSIDE, + }) + ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) + + // output interfaces + ctx.MockVpp.MockReply(&vpp_nat.Nat44InterfaceOutputFeatureDetails{ + SwIfIndex: 3, + Flags: vpp_nat.NAT_IS_INSIDE | vpp_nat.NAT_IS_OUTSIDE, + }) + ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) + + swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) + swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) + swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) + + interfaces, err := natHandler.Nat44InterfacesDump() + Expect(err).To(Succeed()) + + Expect(interfaces).To(HaveLen(3)) + + Expect(interfaces[0].Name).To(Equal("if0")) + Expect(interfaces[0].NatInside).To(BeFalse()) + Expect(interfaces[0].NatOutside).To(BeTrue()) + Expect(interfaces[0].OutputFeature).To(BeFalse()) + + Expect(interfaces[1].Name).To(Equal("if1")) + Expect(interfaces[1].NatInside).To(BeTrue()) + Expect(interfaces[1].NatOutside).To(BeFalse()) + Expect(interfaces[1].OutputFeature).To(BeFalse()) + + Expect(interfaces[2].Name).To(Equal("if2")) + Expect(interfaces[2].NatInside).To(BeTrue()) + Expect(interfaces[2].NatOutside).To(BeTrue()) + Expect(interfaces[2].OutputFeature).To(BeTrue()) +} + +func TestNat44AddressPoolsDump(t *testing.T) { + ctx, natHandler, _, _ := natTestSetup(t) + defer ctx.TeardownTestCtx() + + // address pool + ctx.MockVpp.MockReply( + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.1"), + Flags: vpp_nat.NAT_IS_TWICE_NAT, + VrfID: 1, + }, + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.2"), + VrfID: 2, + }, + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.3"), + VrfID: 2, + }, + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.4"), + VrfID: 2, + }) + ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) + + pools, err := natHandler.Nat44AddressPoolsDump() + Expect(err).To(Succeed()) + + Expect(pools).To(HaveLen(2)) + + Expect(pools[0].FirstIp).To(Equal("192.168.10.1")) + Expect(pools[0].LastIp).To(Equal("")) + Expect(pools[0].TwiceNat).To(BeTrue()) + Expect(pools[0].VrfId).To(BeEquivalentTo(1)) + + Expect(pools[1].FirstIp).To(Equal("192.168.10.2")) + Expect(pools[1].LastIp).To(Equal("192.168.10.4")) + Expect(pools[1].TwiceNat).To(BeFalse()) + Expect(pools[1].VrfId).To(BeEquivalentTo(2)) +} + func TestDNATDump(t *testing.T) { ctx, natHandler, swIfIndexes, dhcpIndexes := natTestSetup(t) defer ctx.TeardownTestCtx() diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls.go index f045dd249a..b233fca1b6 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls.go @@ -80,14 +80,14 @@ func (h *NatVppHandler) DisableNat44Interface(iface string, isInside, isOutput b return h.handleNat44Interface(iface, isInside, false) } -// AddNat44Address adds new IPv4 address into the NAT44 pool. -func (h *NatVppHandler) AddNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, true) +// AddNat44AddressPool adds new IPV4 address pool into the NAT pools. +func (h *NatVppHandler) AddNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, true) } -// DelNat44Address removes existing IPv4 address from the NAT44 pool. -func (h *NatVppHandler) DelNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, false) +// DelNat44AddressPool removes existing IPv4 address pool from the NAT pools. +func (h *NatVppHandler) DelNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, false) } // SetVirtualReassemblyIPv4 configures NAT virtual reassembly for IPv4 packets. @@ -176,16 +176,23 @@ func (h *NatVppHandler) handleNat44InterfaceOutputFeature(iface string, isInside return nil } -// Calls VPP binary API to add/remove address to/from the NAT44 pool. -func (h *NatVppHandler) handleNat44AddressPool(address string, vrf uint32, twiceNat, isAdd bool) error { - ipAddr, err := ipTo4Address(address) +// Calls VPP binary API to add/remove addresses to/from the NAT44 pool. +func (h *NatVppHandler) handleNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat, isAdd bool) error { + firstAddr, err := ipTo4Address(firstIP) if err != nil { - return errors.Errorf("unable to parse address %s from the NAT pool: %v", address, err) + return errors.Errorf("unable to parse address %s from the NAT pool: %v", firstIP, err) + } + lastAddr := firstAddr + if lastIP != "" { + lastAddr, err = ipTo4Address(lastIP) + if err != nil { + return errors.Errorf("unable to parse address %s from the NAT pool: %v", lastIP, err) + } } req := &vpp_nat.Nat44AddDelAddressRange{ - FirstIPAddress: ipAddr, - LastIPAddress: ipAddr, + FirstIPAddress: firstAddr, + LastIPAddress: lastAddr, VrfID: vrf, Flags: setNat44Flags(&nat44Flags{isTwiceNat: twiceNat}), IsAdd: isAdd, diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls_test.go index 47256c26df..4645e6df74 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/nat_vppcalls_test.go @@ -286,27 +286,41 @@ func TestDisableNat44InterfaceOutputAsOutside(t *testing.T) { Expect(msg.SwIfIndex).To(BeEquivalentTo(2)) } -func TestAddNat44Address(t *testing.T) { +func TestAddNat44AddressPool(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() - addr := net.ParseIP("10.0.0.1").To4() + addr1 := net.ParseIP("10.0.0.1").To4() + addr2 := net.ParseIP("10.0.0.10").To4() + // first IP only ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) - + err := natHandler.AddNat44AddressPool(0, addr1.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) msg, ok := ctx.MockChannel.Msg.(*vpp_nat.Nat44AddDelAddressRange) Expect(ok).To(BeTrue()) Expect(msg.IsAdd).To(BeTrue()) - Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr.String())) - Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr.String())) + Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(msg.VrfID).To(BeEquivalentTo(0)) + Expect(msg.Flags).To(BeEquivalentTo(0)) + + // first IP + last IP + ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{}) + err = natHandler.AddNat44AddressPool(0, addr1.String(), addr2.String(), false) + Expect(err).ShouldNot(HaveOccurred()) + + msg, ok = ctx.MockChannel.Msg.(*vpp_nat.Nat44AddDelAddressRange) + Expect(ok).To(BeTrue()) + Expect(msg.IsAdd).To(BeTrue()) + Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr2.String())) Expect(msg.VrfID).To(BeEquivalentTo(0)) Expect(msg.Flags).To(BeEquivalentTo(0)) } -func TestAddNat44AddressError(t *testing.T) { +func TestAddNat44AddressPoolError(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() @@ -314,7 +328,7 @@ func TestAddNat44AddressError(t *testing.T) { // Incorrect reply object ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelIdentityMappingReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } @@ -328,19 +342,19 @@ func TestAddNat44AddressPoolRetval(t *testing.T) { ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{ Retval: 1, }) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } -func TestDelNat44Address(t *testing.T) { +func TestDelNat44AddressPool(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() addr := net.ParseIP("10.0.0.1").To4() ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{}) - err := natHandler.DelNat44Address(addr.String(), 0, false) + err := natHandler.DelNat44AddressPool(0, addr.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go index 37be562303..2ffbac5cca 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go @@ -106,8 +106,8 @@ func (h *NatVppHandler) DNat44Dump() (dnats []*nat.DNat44, err error) { return dnats, nil } -// Nat44Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. -func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { +// Nat44InterfacesDump dumps NAT44 config of all NAT44-enabled interfaces. +func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err error) { // dump NAT interfaces without output feature enabled req1 := &vpp_nat.Nat44InterfaceDump{} @@ -167,7 +167,40 @@ func (h *NatVppHandler) Nat44Nat44InterfacesDump() (natIfs []*nat.Nat44Interface // Nat44AddressPoolsDump dumps all configured NAT44 address pools. func (h *NatVppHandler) Nat44AddressPoolsDump() (natPools []*nat.Nat44AddressPool, err error) { - return // TODO: implement me + var curPool *nat.Nat44AddressPool + var lastIP net.IP + + req := &vpp_nat.Nat44AddressDump{} + reqContext := h.callsChannel.SendMultiRequest(req) + + for { + msg := &vpp_nat.Nat44AddressDetails{} + stop, err := reqContext.ReceiveReply(msg) + if err != nil { + return nil, fmt.Errorf("failed to dump NAT44 Address pool: %v", err) + } + if stop { + break + } + ip := net.IP(msg.IPAddress[:]) + isTwiceNat := getNat44Flags(msg.Flags).isTwiceNat + // merge subsequent IPs into a single pool + if curPool != nil && curPool.VrfId == msg.VrfID && curPool.TwiceNat == isTwiceNat && ip.Equal(incIP(lastIP)) { + // update current pool + curPool.LastIp = ip.String() + } else { + // start a new pool + pool := &nat.Nat44AddressPool{ + FirstIp: ip.String(), + VrfId: msg.VrfID, + TwiceNat: isTwiceNat, + } + curPool = pool + natPools = append(natPools, pool) + } + lastIP = ip + } + return } // nat44AddressDump returns NAT44 address pool configured in the VPP. @@ -632,3 +665,17 @@ func uintToBool(value uint8) bool { } return true } + +// incIP increments IP address and returns it. +// Based on: https://play.golang.org/p/m8TNTtygK0 +func incIP(ip net.IP) net.IP { + retIP := make(net.IP, len(ip)) + copy(retIP, ip) + for j := len(retIP) - 1; j >= 0; j-- { + retIP[j]++ + if retIP[j] > 0 { + break + } + } + return retIP +} diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go index db1be1b372..91f00f6015 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls_test.go @@ -122,6 +122,95 @@ func TestNat44GlobalConfigDump(t *testing.T) { Expect(globalCfg.VirtualReassembly.DropFragments).To(BeTrue()) } +func TestNat44InterfacesDump(t *testing.T) { + ctx, natHandler, swIfIndexes, _ := natTestSetup(t) + defer ctx.TeardownTestCtx() + + // non-output interfaces + ctx.MockVpp.MockReply( + &vpp_nat.Nat44InterfaceDetails{ + SwIfIndex: 1, + Flags: vpp_nat.NAT_IS_OUTSIDE, + }, + &vpp_nat.Nat44InterfaceDetails{ + SwIfIndex: 2, + Flags: vpp_nat.NAT_IS_INSIDE, + }) + ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) + + // output interfaces + ctx.MockVpp.MockReply(&vpp_nat.Nat44InterfaceOutputFeatureDetails{ + SwIfIndex: 3, + Flags: vpp_nat.NAT_IS_INSIDE | vpp_nat.NAT_IS_OUTSIDE, + }) + ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) + + swIfIndexes.Put("if0", &ifaceidx.IfaceMetadata{SwIfIndex: 1}) + swIfIndexes.Put("if1", &ifaceidx.IfaceMetadata{SwIfIndex: 2}) + swIfIndexes.Put("if2", &ifaceidx.IfaceMetadata{SwIfIndex: 3}) + + interfaces, err := natHandler.Nat44InterfacesDump() + Expect(err).To(Succeed()) + + Expect(interfaces).To(HaveLen(3)) + + Expect(interfaces[0].Name).To(Equal("if0")) + Expect(interfaces[0].NatInside).To(BeFalse()) + Expect(interfaces[0].NatOutside).To(BeTrue()) + Expect(interfaces[0].OutputFeature).To(BeFalse()) + + Expect(interfaces[1].Name).To(Equal("if1")) + Expect(interfaces[1].NatInside).To(BeTrue()) + Expect(interfaces[1].NatOutside).To(BeFalse()) + Expect(interfaces[1].OutputFeature).To(BeFalse()) + + Expect(interfaces[2].Name).To(Equal("if2")) + Expect(interfaces[2].NatInside).To(BeTrue()) + Expect(interfaces[2].NatOutside).To(BeTrue()) + Expect(interfaces[2].OutputFeature).To(BeTrue()) +} + +func TestNat44AddressPoolsDump(t *testing.T) { + ctx, natHandler, _, _ := natTestSetup(t) + defer ctx.TeardownTestCtx() + + // address pool + ctx.MockVpp.MockReply( + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.1"), + Flags: vpp_nat.NAT_IS_TWICE_NAT, + VrfID: 1, + }, + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.2"), + VrfID: 2, + }, + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.3"), + VrfID: 2, + }, + &vpp_nat.Nat44AddressDetails{ + IPAddress: ipTo4Address("192.168.10.4"), + VrfID: 2, + }) + ctx.MockVpp.MockReply(&vpp_vpe.ControlPingReply{}) + + pools, err := natHandler.Nat44AddressPoolsDump() + Expect(err).To(Succeed()) + + Expect(pools).To(HaveLen(2)) + + Expect(pools[0].FirstIp).To(Equal("192.168.10.1")) + Expect(pools[0].LastIp).To(Equal("")) + Expect(pools[0].TwiceNat).To(BeTrue()) + Expect(pools[0].VrfId).To(BeEquivalentTo(1)) + + Expect(pools[1].FirstIp).To(Equal("192.168.10.2")) + Expect(pools[1].LastIp).To(Equal("192.168.10.4")) + Expect(pools[1].TwiceNat).To(BeFalse()) + Expect(pools[1].VrfId).To(BeEquivalentTo(2)) +} + func TestDNATDump(t *testing.T) { ctx, natHandler, swIfIndexes, dhcpIndexes := natTestSetup(t) defer ctx.TeardownTestCtx() diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls.go index 9e5325cfea..e308e127d9 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls.go @@ -80,14 +80,14 @@ func (h *NatVppHandler) DisableNat44Interface(iface string, isInside, isOutput b return h.handleNat44Interface(iface, isInside, false) } -// AddNat44Address adds new IPv4 address into the NAT44 pool. -func (h *NatVppHandler) AddNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, true) +// AddNat44AddressPool adds new IPV4 address pool into the NAT pools. +func (h *NatVppHandler) AddNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, true) } -// DelNat44Address removes existing IPv4 address from the NAT44 pool. -func (h *NatVppHandler) DelNat44Address(address string, vrf uint32, twiceNat bool) error { - return h.handleNat44AddressPool(address, vrf, twiceNat, false) +// DelNat44AddressPool removes existing IPv4 address pool from the NAT pools. +func (h *NatVppHandler) DelNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat bool) error { + return h.handleNat44AddressPool(vrf, firstIP, lastIP, twiceNat, false) } // SetVirtualReassemblyIPv4 configures NAT virtual reassembly for IPv4 packets. @@ -176,16 +176,23 @@ func (h *NatVppHandler) handleNat44InterfaceOutputFeature(iface string, isInside return nil } -// Calls VPP binary API to add/remove address to/from the NAT44 pool. -func (h *NatVppHandler) handleNat44AddressPool(address string, vrf uint32, twiceNat, isAdd bool) error { - ipAddr, err := ipTo4Address(address) +// Calls VPP binary API to add/remove addresses to/from the NAT44 pool. +func (h *NatVppHandler) handleNat44AddressPool(vrf uint32, firstIP, lastIP string, twiceNat, isAdd bool) error { + firstAddr, err := ipTo4Address(firstIP) if err != nil { - return errors.Errorf("unable to parse address %s from the NAT pool: %v", address, err) + return errors.Errorf("unable to parse address %s from the NAT pool: %v", firstIP, err) + } + lastAddr := firstAddr + if lastIP != "" { + lastAddr, err = ipTo4Address(lastIP) + if err != nil { + return errors.Errorf("unable to parse address %s from the NAT pool: %v", lastIP, err) + } } req := &vpp_nat.Nat44AddDelAddressRange{ - FirstIPAddress: ipAddr, - LastIPAddress: ipAddr, + FirstIPAddress: firstAddr, + LastIPAddress: lastAddr, VrfID: vrf, Flags: setNat44Flags(&nat44Flags{isTwiceNat: twiceNat}), IsAdd: isAdd, diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls_test.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls_test.go index fa41f328ca..8250b67d55 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls_test.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/nat_vppcalls_test.go @@ -286,27 +286,41 @@ func TestDisableNat44InterfaceOutputAsOutside(t *testing.T) { Expect(msg.SwIfIndex).To(BeEquivalentTo(2)) } -func TestAddNat44Address(t *testing.T) { +func TestAddNat44AddressPool(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() - addr := net.ParseIP("10.0.0.1").To4() + addr1 := net.ParseIP("10.0.0.1").To4() + addr2 := net.ParseIP("10.0.0.10").To4() + // first IP only ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) - + err := natHandler.AddNat44AddressPool(0, addr1.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) msg, ok := ctx.MockChannel.Msg.(*vpp_nat.Nat44AddDelAddressRange) Expect(ok).To(BeTrue()) Expect(msg.IsAdd).To(BeTrue()) - Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr.String())) - Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr.String())) + Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(msg.VrfID).To(BeEquivalentTo(0)) + Expect(msg.Flags).To(BeEquivalentTo(0)) + + // first IP + last IP + ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{}) + err = natHandler.AddNat44AddressPool(0, addr1.String(), addr2.String(), false) + Expect(err).ShouldNot(HaveOccurred()) + + msg, ok = ctx.MockChannel.Msg.(*vpp_nat.Nat44AddDelAddressRange) + Expect(ok).To(BeTrue()) + Expect(msg.IsAdd).To(BeTrue()) + Expect(addressTo4IP(msg.FirstIPAddress)).To(BeEquivalentTo(addr1.String())) + Expect(addressTo4IP(msg.LastIPAddress)).To(BeEquivalentTo(addr2.String())) Expect(msg.VrfID).To(BeEquivalentTo(0)) Expect(msg.Flags).To(BeEquivalentTo(0)) } -func TestAddNat44AddressError(t *testing.T) { +func TestAddNat44AddressPoolError(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() @@ -314,7 +328,7 @@ func TestAddNat44AddressError(t *testing.T) { // Incorrect reply object ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelIdentityMappingReply{}) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } @@ -328,19 +342,19 @@ func TestAddNat44AddressPoolRetval(t *testing.T) { ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{ Retval: 1, }) - err := natHandler.AddNat44Address(addr.String(), 0, false) + err := natHandler.AddNat44AddressPool(0, addr.String(), "", false) Expect(err).Should(HaveOccurred()) } -func TestDelNat44Address(t *testing.T) { +func TestDelNat44AddressPool(t *testing.T) { ctx, natHandler, _, _ := natTestSetup(t) defer ctx.TeardownTestCtx() addr := net.ParseIP("10.0.0.1").To4() ctx.MockVpp.MockReply(&vpp_nat.Nat44AddDelAddressRangeReply{}) - err := natHandler.DelNat44Address(addr.String(), 0, false) + err := natHandler.DelNat44AddressPool(0, addr.String(), "", false) Expect(err).ShouldNot(HaveOccurred()) diff --git a/proto/ligato/vpp/nat/models.go b/proto/ligato/vpp/nat/models.go index 9bdd08491a..138163c805 100644 --- a/proto/ligato/vpp/nat/models.go +++ b/proto/ligato/vpp/nat/models.go @@ -29,21 +29,28 @@ var ( Type: "nat44-global", Version: "v2", }) + ModelDNat44 = models.Register(&DNat44{}, models.Spec{ Module: ModuleName, Type: "dnat44", Version: "v2", }, models.WithNameTemplate("{{.Label}}")) + ModelNat44Interface = models.Register(&Nat44Interface{}, models.Spec{ Module: ModuleName, - Type: "nat44-interfaces", + Type: "nat44-interface", Version: "v2", }, models.WithNameTemplate("{{.Name}}")) + ModelNat44AddressPool = models.Register(&Nat44AddressPool{}, models.Spec{ Module: ModuleName, - Type: "nat44-pools", + Type: "nat44-pool", Version: "v2", - }, models.WithNameTemplate("{{.Label}}")) + }, models.WithNameTemplate( + "vrf/{{.VrfId}}"+ + "/address/{{.FirstIp}}"+ + "{{if and .LastIp (ne .FirstIp .LastIp)}}-{{.LastIp}}{{end}}", + )) ) // GlobalNAT44Key returns key for Nat44Global. @@ -69,9 +76,11 @@ func Nat44InterfaceKey(name string) string { // Nat44AddressPoolKey returns the key used in NB DB to store the configuration of the // given NAT44 address pool. -func Nat44AddressPoolKey(label string) string { +func Nat44AddressPoolKey(vrf uint32, firstIP, lastIP string) string { return models.Key(&Nat44AddressPool{ - Label: label, + VrfId: vrf, + FirstIp: firstIP, + LastIp: lastIP, }) } diff --git a/proto/ligato/vpp/nat/nat.pb.go b/proto/ligato/vpp/nat/nat.pb.go index f27d4c2569..1ce45d0ebc 100644 --- a/proto/ligato/vpp/nat/nat.pb.go +++ b/proto/ligato/vpp/nat/nat.pb.go @@ -593,11 +593,10 @@ func (m *Nat44Interface) GetOutputFeature() bool { // Address Pools used for NAT44. type Nat44AddressPool struct { - Label string `protobuf:"bytes,1,opt,name=label,proto3" json:"label,omitempty"` - VrfId uint32 `protobuf:"varint,2,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` - FirstIp string `protobuf:"bytes,3,opt,name=first_ip,json=firstIp,proto3" json:"first_ip,omitempty"` - LastIp string `protobuf:"bytes,4,opt,name=last_ip,json=lastIp,proto3" json:"last_ip,omitempty"` - TwiceNat bool `protobuf:"varint,5,opt,name=twice_nat,json=twiceNat,proto3" json:"twice_nat,omitempty"` + VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + FirstIp string `protobuf:"bytes,2,opt,name=first_ip,json=firstIp,proto3" json:"first_ip,omitempty"` + LastIp string `protobuf:"bytes,3,opt,name=last_ip,json=lastIp,proto3" json:"last_ip,omitempty"` + TwiceNat bool `protobuf:"varint,4,opt,name=twice_nat,json=twiceNat,proto3" json:"twice_nat,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -628,13 +627,6 @@ func (m *Nat44AddressPool) XXX_DiscardUnknown() { var xxx_messageInfo_Nat44AddressPool proto.InternalMessageInfo -func (m *Nat44AddressPool) GetLabel() string { - if m != nil { - return m.Label - } - return "" -} - func (m *Nat44AddressPool) GetVrfId() uint32 { if m != nil { return m.VrfId @@ -745,62 +737,61 @@ func init() { func init() { proto.RegisterFile("ligato/vpp/nat/nat.proto", fileDescriptor_6c5496f531b4b7d3) } var fileDescriptor_6c5496f531b4b7d3 = []byte{ - // 904 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xdd, 0x6e, 0xe3, 0x44, - 0x14, 0x5e, 0x27, 0x69, 0xec, 0x1c, 0x37, 0xd9, 0x74, 0x04, 0xc2, 0x1b, 0x58, 0x1a, 0xb2, 0xec, - 0xaa, 0x48, 0x6c, 0x22, 0xba, 0x2b, 0x84, 0xb4, 0x57, 0xed, 0xb6, 0x5d, 0x19, 0xb5, 0xc5, 0x72, - 0x17, 0x90, 0xb8, 0xb1, 0x26, 0xf1, 0x38, 0x1a, 0xc9, 0xf1, 0x8c, 0x3c, 0x93, 0x6c, 0x2b, 0xf1, - 0x06, 0xdc, 0xf0, 0x10, 0x3c, 0x03, 0x17, 0x3c, 0x03, 0x6f, 0xc0, 0xcb, 0xa0, 0xf9, 0x71, 0xe2, - 0x86, 0x76, 0xb5, 0x12, 0x17, 0x96, 0x3c, 0xdf, 0x39, 0xf3, 0xf9, 0x9c, 0x6f, 0xce, 0x7c, 0x86, - 0x20, 0xa7, 0x73, 0x2c, 0xd9, 0x64, 0xc5, 0xf9, 0xa4, 0xc0, 0x52, 0x3d, 0x63, 0x5e, 0x32, 0xc9, - 0x50, 0xcf, 0x44, 0xc6, 0x2b, 0xce, 0xc7, 0x05, 0x96, 0xa3, 0x7f, 0x9a, 0xe0, 0x5f, 0x62, 0xf9, - 0xf2, 0xe5, 0x9b, 0x9c, 0x4d, 0x71, 0x8e, 0x3e, 0x07, 0xc8, 0x58, 0xf9, 0x0e, 0x97, 0x29, 0x2d, - 0xe6, 0x81, 0x33, 0x74, 0x0e, 0xbc, 0xb8, 0x86, 0xa0, 0x08, 0x7a, 0x05, 0x96, 0x09, 0x2d, 0x24, - 0x29, 0x33, 0x3c, 0x23, 0x22, 0x68, 0x0c, 0x9b, 0x07, 0xfe, 0xe1, 0xd3, 0xf1, 0x6d, 0xe2, 0x71, - 0x8d, 0x74, 0x1c, 0x56, 0xd9, 0xc7, 0x8d, 0xc0, 0x89, 0xbb, 0x05, 0x96, 0x6b, 0x44, 0xa0, 0xef, - 0x61, 0x17, 0xa7, 0x69, 0x49, 0x84, 0x48, 0x38, 0x63, 0x79, 0xd0, 0xd4, 0x7c, 0x4f, 0xde, 0xc7, - 0x77, 0x64, 0xf2, 0x35, 0x9b, 0x6f, 0x37, 0x47, 0x8c, 0xe5, 0x28, 0x02, 0xb4, 0xa2, 0xa5, 0x5c, - 0xe2, 0x3c, 0x29, 0x09, 0x16, 0x82, 0x2c, 0xa6, 0xf9, 0x4d, 0xd0, 0x1a, 0x3a, 0x07, 0xfe, 0xe1, - 0x17, 0xdb, 0x8c, 0x3f, 0x99, 0xcc, 0x78, 0x9d, 0x18, 0xef, 0xad, 0xb6, 0xa1, 0xc1, 0x0c, 0x3a, - 0xeb, 0x5a, 0x11, 0x82, 0x56, 0x81, 0x17, 0x44, 0xcb, 0xd2, 0x89, 0xf5, 0x3b, 0xfa, 0x14, 0x3a, - 0x54, 0x24, 0xb4, 0x10, 0x34, 0x25, 0x41, 0x43, 0xeb, 0xe5, 0x51, 0x11, 0xea, 0x35, 0x7a, 0x0a, - 0x3d, 0xb6, 0x94, 0x7c, 0x29, 0x93, 0x8c, 0x60, 0xb9, 0x2c, 0x49, 0xd0, 0xd4, 0x19, 0x5d, 0x83, - 0x9e, 0x19, 0x70, 0xf0, 0x33, 0xb8, 0xb6, 0x25, 0x14, 0x80, 0x6b, 0x1b, 0xb2, 0x5f, 0xa9, 0x96, - 0xe8, 0x63, 0x68, 0xaf, 0xca, 0x2c, 0xa1, 0xa9, 0xfe, 0x4a, 0x37, 0xde, 0x59, 0x95, 0x59, 0x98, - 0xaa, 0xef, 0xcb, 0x77, 0x74, 0x46, 0x92, 0x02, 0x4b, 0xcb, 0xee, 0x69, 0xe0, 0x12, 0xcb, 0xd1, - 0xdf, 0x2e, 0xb4, 0x4f, 0xb4, 0x72, 0xe8, 0x23, 0xd8, 0xc9, 0xf1, 0x94, 0xe4, 0x96, 0xd6, 0x2c, - 0xd0, 0x29, 0xf8, 0x42, 0x26, 0x0b, 0xcc, 0x39, 0x2d, 0xe6, 0xd5, 0x59, 0x7e, 0xb9, 0xad, 0x94, - 0xa1, 0x18, 0x5f, 0x49, 0x2c, 0xe9, 0xec, 0xc2, 0x24, 0xc7, 0x20, 0xa4, 0x7d, 0x15, 0xe8, 0x0d, - 0xf8, 0x34, 0xdd, 0xd0, 0x98, 0x23, 0x7c, 0x76, 0x0f, 0x4d, 0x98, 0x92, 0x42, 0x52, 0x79, 0xb3, - 0x26, 0xa2, 0x69, 0x45, 0x34, 0xf8, 0xab, 0x05, 0xdd, 0x5b, 0x9f, 0x41, 0xcf, 0x01, 0x91, 0x6b, - 0x49, 0xca, 0x02, 0xe7, 0x9b, 0xa9, 0xb3, 0x4d, 0xec, 0x55, 0x91, 0xcd, 0x11, 0xed, 0x83, 0xbf, - 0x49, 0xe7, 0x5a, 0xaa, 0x4e, 0x0c, 0xeb, 0x3c, 0x8e, 0x9e, 0x40, 0x77, 0x9d, 0xc0, 0x59, 0x69, - 0x34, 0xeb, 0xc6, 0xbb, 0x15, 0x18, 0xb1, 0x52, 0xa2, 0x10, 0x3a, 0x39, 0x9b, 0x69, 0x0a, 0x11, - 0xb4, 0x74, 0x37, 0x5f, 0x7f, 0x88, 0x28, 0xe3, 0x73, 0xb5, 0x2b, 0x8c, 0x62, 0x4f, 0x6f, 0x0f, - 0xb9, 0x40, 0xaf, 0xc0, 0xd3, 0x37, 0x6f, 0xc6, 0xf2, 0x60, 0x67, 0xe8, 0x1c, 0xf4, 0x0e, 0xf7, - 0xef, 0x61, 0x8a, 0x6c, 0x5a, 0xbc, 0xde, 0x80, 0x2e, 0xeb, 0x87, 0xdb, 0xd6, 0xbb, 0xbf, 0xf9, - 0xa0, 0x3a, 0xde, 0xda, 0x09, 0xb8, 0x60, 0x29, 0xd9, 0xcc, 0x03, 0xfa, 0x0a, 0xfa, 0x82, 0x08, - 0x41, 0x59, 0x91, 0xe0, 0x2c, 0xa3, 0x05, 0x95, 0x37, 0x81, 0xab, 0xfb, 0x7f, 0x68, 0xf1, 0x23, - 0x0b, 0x0f, 0x7e, 0x05, 0xd7, 0x36, 0x53, 0x9b, 0x3c, 0xa7, 0x3e, 0x79, 0x8f, 0xc0, 0xab, 0x44, - 0xb2, 0x3a, 0xbb, 0xb6, 0x6b, 0xf4, 0x18, 0xc0, 0x84, 0x6a, 0x0a, 0x1b, 0x45, 0xb5, 0xbc, 0x43, - 0xf0, 0x79, 0xc9, 0xa6, 0x78, 0x4a, 0x73, 0x55, 0x41, 0x4b, 0xc7, 0xeb, 0xd0, 0xe8, 0x05, 0xec, - 0xd6, 0x5b, 0x40, 0xbb, 0xe0, 0x9d, 0x84, 0x57, 0x47, 0xc7, 0xe7, 0xa7, 0x27, 0xfd, 0x07, 0xc8, - 0x07, 0xf7, 0xf4, 0xd2, 0x2c, 0x1c, 0xe4, 0x41, 0xeb, 0xea, 0xf4, 0xfc, 0xac, 0xdf, 0x18, 0xfc, - 0xe9, 0xc0, 0xc3, 0xad, 0xe1, 0xba, 0xaf, 0xf6, 0xcf, 0xa0, 0xb3, 0x19, 0x26, 0x53, 0xfc, 0x06, - 0x50, 0xe5, 0x53, 0x9e, 0x54, 0xf7, 0xb0, 0x69, 0xc3, 0xbc, 0xba, 0xa3, 0x08, 0x5a, 0xba, 0x2f, - 0x53, 0xb7, 0x7e, 0xff, 0x5f, 0xc7, 0x3c, 0x7a, 0x06, 0x5e, 0x85, 0x22, 0x17, 0x9a, 0x6f, 0x5f, - 0x47, 0xfd, 0x07, 0xea, 0xe5, 0xc7, 0x93, 0xc8, 0x34, 0x18, 0xbe, 0xbe, 0x88, 0xfa, 0x8d, 0xd1, - 0x6f, 0x0e, 0xf4, 0x34, 0xc9, 0xfb, 0x2d, 0xe9, 0x31, 0x80, 0xf1, 0xe8, 0x9a, 0x27, 0x75, 0xb4, - 0xe9, 0x6a, 0x53, 0xda, 0x07, 0x5f, 0x85, 0xd9, 0x52, 0xea, 0xb8, 0xf1, 0x0c, 0xb5, 0xe3, 0x07, - 0x83, 0xdc, 0xe1, 0x5a, 0xad, 0x3b, 0x5c, 0x6b, 0xf4, 0xbb, 0x03, 0x7d, 0x5d, 0xcd, 0x51, 0xcd, - 0x81, 0xef, 0xb6, 0x99, 0x7b, 0xbc, 0xeb, 0x11, 0x78, 0x19, 0x2d, 0x85, 0x54, 0x13, 0x64, 0x54, - 0x76, 0xf5, 0x3a, 0xe4, 0xe8, 0x13, 0x70, 0x73, 0x6c, 0x22, 0x2d, 0x1d, 0x69, 0xab, 0x65, 0xc8, - 0x6f, 0xfb, 0xdd, 0xce, 0x96, 0xdf, 0xfd, 0xe1, 0xc0, 0xde, 0x7f, 0x6c, 0x5d, 0x79, 0xaa, 0xa4, - 0x0b, 0xc2, 0x96, 0xd2, 0x0e, 0x41, 0xb5, 0x54, 0xf7, 0x61, 0x81, 0xaf, 0x37, 0xff, 0x0a, 0xaa, - 0xff, 0x67, 0xfa, 0x3e, 0x2c, 0xf0, 0x75, 0x5c, 0x83, 0x95, 0x6f, 0xa8, 0xd4, 0xac, 0xc4, 0xf3, - 0x05, 0x29, 0xa4, 0xa8, 0x7c, 0x63, 0x81, 0xaf, 0xcf, 0x2a, 0x4c, 0x29, 0x97, 0x96, 0x8c, 0xd7, - 0xb2, 0xac, 0x72, 0x0a, 0x5d, 0xa7, 0x1d, 0x7f, 0xf7, 0xcb, 0xb7, 0x73, 0x56, 0x8d, 0x07, 0xd5, - 0xbf, 0xe9, 0xe7, 0x78, 0x4e, 0x0a, 0x39, 0x59, 0x1d, 0x4e, 0xf4, 0x54, 0x4c, 0x6e, 0xff, 0xc0, - 0x5f, 0xad, 0x38, 0x57, 0x0d, 0x4f, 0xdb, 0x3a, 0xfa, 0xe2, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, - 0x9f, 0xc8, 0x2b, 0x82, 0xe1, 0x07, 0x00, 0x00, + // 892 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xd1, 0x6e, 0xdb, 0x36, + 0x14, 0xad, 0x6c, 0xc7, 0x92, 0xaf, 0x62, 0xd7, 0x21, 0x36, 0x4c, 0xf3, 0xd6, 0xc5, 0x73, 0xd7, + 0x22, 0x03, 0x56, 0x1b, 0x4b, 0x8b, 0x61, 0x40, 0x9f, 0x92, 0x26, 0x29, 0x34, 0x24, 0x99, 0xa0, + 0x74, 0x1b, 0xb0, 0x17, 0x81, 0xb6, 0x28, 0x83, 0x80, 0x2c, 0x12, 0x24, 0xed, 0x26, 0xc3, 0xfe, + 0x60, 0xbf, 0xb1, 0x6f, 0xd8, 0xc3, 0xbe, 0x61, 0x7f, 0xb0, 0x9f, 0x19, 0x44, 0x52, 0xb6, 0xe2, + 0x35, 0x45, 0x80, 0x3e, 0x18, 0x10, 0xcf, 0xbd, 0x3c, 0xbc, 0xf7, 0xf0, 0xfa, 0x10, 0x82, 0x9c, + 0xce, 0xb1, 0x62, 0x93, 0x15, 0xe7, 0x93, 0x02, 0xab, 0xf2, 0x37, 0xe6, 0x82, 0x29, 0x86, 0x7a, + 0x26, 0x32, 0x5e, 0x71, 0x3e, 0x2e, 0xb0, 0x1a, 0xfd, 0xdb, 0x04, 0xff, 0x12, 0xab, 0x17, 0x2f, + 0x5e, 0xe7, 0x6c, 0x8a, 0x73, 0xf4, 0x05, 0x40, 0xc6, 0xc4, 0x5b, 0x2c, 0x52, 0x5a, 0xcc, 0x03, + 0x67, 0xe8, 0x1c, 0x78, 0x71, 0x0d, 0x41, 0x11, 0xf4, 0x0a, 0xac, 0x12, 0x5a, 0x28, 0x22, 0x32, + 0x3c, 0x23, 0x32, 0x68, 0x0c, 0x9b, 0x07, 0xfe, 0xe1, 0x93, 0xf1, 0x6d, 0xe2, 0x71, 0x8d, 0x74, + 0x1c, 0x56, 0xd9, 0xc7, 0x8d, 0xc0, 0x89, 0xbb, 0x05, 0x56, 0x6b, 0x44, 0xa2, 0x1f, 0x60, 0x17, + 0xa7, 0xa9, 0x20, 0x52, 0x26, 0x9c, 0xb1, 0x3c, 0x68, 0x6a, 0xbe, 0xc7, 0xef, 0xe3, 0x3b, 0x32, + 0xf9, 0x9a, 0xcd, 0xb7, 0x9b, 0x23, 0xc6, 0x72, 0x14, 0x01, 0x5a, 0x51, 0xa1, 0x96, 0x38, 0x4f, + 0x04, 0xc1, 0x52, 0x92, 0xc5, 0x34, 0xbf, 0x09, 0x5a, 0x43, 0xe7, 0xc0, 0x3f, 0xfc, 0x72, 0x9b, + 0xf1, 0x67, 0x93, 0x19, 0xaf, 0x13, 0xe3, 0xbd, 0xd5, 0x36, 0x34, 0x98, 0x41, 0x67, 0x5d, 0x2b, + 0x42, 0xd0, 0x2a, 0xf0, 0x82, 0x68, 0x59, 0x3a, 0xb1, 0xfe, 0x46, 0x9f, 0x41, 0x87, 0xca, 0x84, + 0x16, 0x92, 0xa6, 0x24, 0x68, 0x68, 0xbd, 0x3c, 0x2a, 0x43, 0xbd, 0x46, 0x4f, 0xa0, 0xc7, 0x96, + 0x8a, 0x2f, 0x55, 0x92, 0x11, 0xac, 0x96, 0x82, 0x04, 0x4d, 0x9d, 0xd1, 0x35, 0xe8, 0x99, 0x01, + 0x07, 0xbf, 0x80, 0x6b, 0x5b, 0x42, 0x01, 0xb8, 0xb6, 0x21, 0x7b, 0x4a, 0xb5, 0x44, 0x1f, 0x43, + 0x7b, 0x25, 0xb2, 0x84, 0xa6, 0xfa, 0x94, 0x6e, 0xbc, 0xb3, 0x12, 0x59, 0x98, 0x96, 0xe7, 0xab, + 0xb7, 0x74, 0x46, 0x92, 0x02, 0x2b, 0xcb, 0xee, 0x69, 0xe0, 0x12, 0xab, 0xd1, 0x3f, 0x2e, 0xb4, + 0x4f, 0xb4, 0x72, 0xe8, 0x23, 0xd8, 0xc9, 0xf1, 0x94, 0xe4, 0x96, 0xd6, 0x2c, 0xd0, 0x29, 0xf8, + 0x52, 0x25, 0x0b, 0xcc, 0x39, 0x2d, 0xe6, 0xd5, 0x5d, 0x7e, 0xb5, 0xad, 0x94, 0xa1, 0x18, 0x5f, + 0x29, 0xac, 0xe8, 0xec, 0xc2, 0x24, 0xc7, 0x20, 0x95, 0xfd, 0x94, 0xe8, 0x35, 0xf8, 0x34, 0xdd, + 0xd0, 0x98, 0x2b, 0x7c, 0x7a, 0x07, 0x4d, 0x98, 0x92, 0x42, 0x51, 0x75, 0xb3, 0x26, 0xa2, 0x69, + 0x45, 0x34, 0xf8, 0xbb, 0x05, 0xdd, 0x5b, 0xc7, 0xa0, 0x67, 0x80, 0xc8, 0xb5, 0x22, 0xa2, 0xc0, + 0xf9, 0x66, 0xea, 0x6c, 0x13, 0x7b, 0x55, 0x64, 0x73, 0x45, 0xfb, 0xe0, 0x6f, 0xd2, 0xb9, 0x96, + 0xaa, 0x13, 0xc3, 0x3a, 0x8f, 0xa3, 0xc7, 0xd0, 0x5d, 0x27, 0x70, 0x26, 0x8c, 0x66, 0xdd, 0x78, + 0xb7, 0x02, 0x23, 0x26, 0x14, 0x0a, 0xa1, 0x93, 0xb3, 0x99, 0xa6, 0x90, 0x41, 0x4b, 0x77, 0xf3, + 0xcd, 0x7d, 0x44, 0x19, 0x9f, 0x97, 0xbb, 0xc2, 0x28, 0xf6, 0xf4, 0xf6, 0x90, 0x4b, 0xf4, 0x12, + 0x3c, 0xfd, 0xcf, 0x9b, 0xb1, 0x3c, 0xd8, 0x19, 0x3a, 0x07, 0xbd, 0xc3, 0xfd, 0x3b, 0x98, 0x22, + 0x9b, 0x16, 0xaf, 0x37, 0xa0, 0xcb, 0xfa, 0xe5, 0xb6, 0xf5, 0xee, 0x6f, 0xef, 0x55, 0xc7, 0x1b, + 0x3b, 0x01, 0x17, 0x2c, 0x25, 0x9b, 0x79, 0x40, 0x5f, 0x43, 0x5f, 0x12, 0x29, 0x29, 0x2b, 0x12, + 0x9c, 0x65, 0xb4, 0xa0, 0xea, 0x26, 0x70, 0x75, 0xff, 0x0f, 0x2d, 0x7e, 0x64, 0xe1, 0xc1, 0xef, + 0xe0, 0xda, 0x66, 0x6a, 0x93, 0xe7, 0xd4, 0x27, 0xef, 0x53, 0xf0, 0x2a, 0x91, 0xac, 0xce, 0xae, + 0xed, 0x1a, 0x3d, 0x02, 0x30, 0xa1, 0x9a, 0xc2, 0x46, 0x51, 0x2d, 0xef, 0x10, 0x7c, 0x2e, 0xd8, + 0x14, 0x4f, 0x69, 0x5e, 0x56, 0xd0, 0xd2, 0xf1, 0x3a, 0x34, 0x7a, 0x0e, 0xbb, 0xf5, 0x16, 0xd0, + 0x2e, 0x78, 0x27, 0xe1, 0xd5, 0xd1, 0xf1, 0xf9, 0xe9, 0x49, 0xff, 0x01, 0xf2, 0xc1, 0x3d, 0xbd, + 0x34, 0x0b, 0x07, 0x79, 0xd0, 0xba, 0x3a, 0x3d, 0x3f, 0xeb, 0x37, 0x06, 0x7f, 0x39, 0xf0, 0x70, + 0x6b, 0xb8, 0xee, 0xaa, 0xfd, 0x73, 0xe8, 0x6c, 0x86, 0xc9, 0x14, 0xbf, 0x01, 0xca, 0xf2, 0x29, + 0x4f, 0xaa, 0xff, 0x61, 0xd3, 0x86, 0x79, 0xf5, 0x1f, 0x45, 0xd0, 0xd2, 0x7d, 0x99, 0xba, 0xf5, + 0xf7, 0x07, 0x5d, 0xf3, 0xe8, 0x29, 0x78, 0x15, 0x8a, 0x5c, 0x68, 0xbe, 0x79, 0x15, 0xf5, 0x1f, + 0x94, 0x1f, 0x3f, 0x9d, 0x44, 0xa6, 0xc1, 0xf0, 0xd5, 0x45, 0xd4, 0x6f, 0x8c, 0xfe, 0x70, 0xa0, + 0xa7, 0x49, 0xde, 0x6f, 0x49, 0x8f, 0x00, 0x8c, 0x47, 0xd7, 0x3c, 0xa9, 0xa3, 0x4d, 0x57, 0x9b, + 0xd2, 0x3e, 0xf8, 0x65, 0x98, 0x2d, 0x95, 0x8e, 0x1b, 0xcf, 0x28, 0x77, 0xfc, 0x68, 0x90, 0x77, + 0xb8, 0x56, 0xeb, 0x1d, 0xae, 0x35, 0xfa, 0x0d, 0xfa, 0xba, 0x98, 0xa3, 0x9a, 0x01, 0xdf, 0x3d, + 0x2a, 0x19, 0x15, 0x52, 0xd5, 0x46, 0x45, 0xaf, 0x43, 0x8e, 0x3e, 0x01, 0x37, 0xc7, 0x26, 0x62, + 0x84, 0x6e, 0x97, 0xcb, 0x90, 0xdf, 0x36, 0xb6, 0xd6, 0x96, 0xb1, 0xfd, 0xe9, 0xc0, 0xde, 0xff, + 0xfc, 0xbb, 0x34, 0x4f, 0x45, 0x17, 0x84, 0x2d, 0x95, 0x3d, 0xbe, 0x5a, 0x96, 0x83, 0xbf, 0xc0, + 0xd7, 0x9b, 0x47, 0x81, 0xea, 0x87, 0x4b, 0x0f, 0xfe, 0x02, 0x5f, 0xc7, 0x35, 0xb8, 0x34, 0x88, + 0x32, 0x35, 0x13, 0x78, 0xbe, 0x20, 0x85, 0x92, 0x95, 0x41, 0x2c, 0xf0, 0xf5, 0x59, 0x85, 0x95, + 0x12, 0xa5, 0x82, 0xf1, 0x5a, 0x96, 0x95, 0xa8, 0x44, 0xd7, 0x69, 0xc7, 0xdf, 0xff, 0xfa, 0xdd, + 0x9c, 0x55, 0x73, 0x40, 0xf5, 0x7b, 0xfc, 0x0c, 0xcf, 0x49, 0xa1, 0x26, 0xab, 0xc3, 0x89, 0xbe, + 0xfe, 0xc9, 0xed, 0x97, 0xfa, 0xe5, 0x8a, 0xf3, 0xb2, 0xe1, 0x69, 0x5b, 0x47, 0x9f, 0xff, 0x17, + 0x00, 0x00, 0xff, 0xff, 0x34, 0x05, 0xdd, 0xb5, 0xca, 0x07, 0x00, 0x00, } diff --git a/proto/ligato/vpp/nat/nat.proto b/proto/ligato/vpp/nat/nat.proto index caf8bbbf94..c5a5fa0af6 100644 --- a/proto/ligato/vpp/nat/nat.proto +++ b/proto/ligato/vpp/nat/nat.proto @@ -85,14 +85,12 @@ message Nat44Interface { /* Address Pools used for NAT44. */ message Nat44AddressPool { - string label = 1; /* Unique identifier for the NAT44 pool. */ - uint32 vrf_id = 2; /* VRF id of tenant, 0xFFFFFFFF means independent of VRF. - Non-zero (and not all-ones) VRF has to be explicitly created - (see api/models/vpp/l3/vrf.proto). - */ - string first_ip = 3; /* First IP address of the pool. */ - string last_ip = 4; /* Last IP address of the pool. Should be higher than first_ip or empty. */ - bool twice_nat = 5; /* Enable/disable twice NAT. */ + uint32 vrf_id = 1; /* VRF id of tenant, 0xFFFFFFFF means independent of VRF. + Non-zero (and not all-ones) VRF has to be explicitly created + (see api/models/vpp/l3/vrf.proto). */ + string first_ip = 2; /* First IP address of the pool. */ + string last_ip = 3; /* Last IP address of the pool. Should be higher than first_ip or empty. */ + bool twice_nat = 4; /* Enable/disable twice NAT. */ } /* NAT virtual reassembly */ From 423b526e7c7bf6452d5c11942bf9dbd3e26f19fd Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 19 Dec 2019 17:33:04 +0100 Subject: [PATCH 4/9] Fix clientv2 NA key isues Signed-off-by: Rastislav Szabo --- clientv2/vpp/dbadapter/data_change_db.go | 4 ++-- clientv2/vpp/dbadapter/data_resync_db.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/clientv2/vpp/dbadapter/data_change_db.go b/clientv2/vpp/dbadapter/data_change_db.go index 200a52bb07..33ad0e27fa 100644 --- a/clientv2/vpp/dbadapter/data_change_db.go +++ b/clientv2/vpp/dbadapter/data_change_db.go @@ -169,13 +169,13 @@ func (dsl *PutDSL) DNAT44(nat44 *nat.DNat44) vppclient.PutDSL { // NAT44Interface adds a request to create or update NAT44 interface configuration. func (dsl *PutDSL) NAT44Interface(natIf *nat.Nat44Interface) vppclient.PutDSL { - dsl.parent.txn.Put(models.Key(&nat.Nat44Interface{}), natIf) + dsl.parent.txn.Put(models.Key(natIf), natIf) return dsl } // NAT44AddressPool adds a request to create or update NAT44 address pool. func (dsl *PutDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) vppclient.PutDSL { - dsl.parent.txn.Put(models.Key(&nat.Nat44AddressPool{}), pool) + dsl.parent.txn.Put(models.Key(pool), pool) return dsl } diff --git a/clientv2/vpp/dbadapter/data_resync_db.go b/clientv2/vpp/dbadapter/data_resync_db.go index bd1d924d40..ad930f9a94 100644 --- a/clientv2/vpp/dbadapter/data_resync_db.go +++ b/clientv2/vpp/dbadapter/data_resync_db.go @@ -186,7 +186,7 @@ func (dsl *DataResyncDSL) DNAT44(nat44 *nat.DNat44) vppclient.DataResyncDSL { // NAT44Interface adds NAT44 interface configuration to the RESYNC request. func (dsl *DataResyncDSL) NAT44Interface(natIf *nat.Nat44Interface) vppclient.DataResyncDSL { - key := models.Key(&nat.Nat44Interface{}) + key := models.Key(natIf) dsl.txn.Put(key, natIf) dsl.txnKeys = append(dsl.txnKeys, key) @@ -195,7 +195,7 @@ func (dsl *DataResyncDSL) NAT44Interface(natIf *nat.Nat44Interface) vppclient.Da // NAT44AddressPool adds NAT44 address pool configuration to the RESYNC request. func (dsl *DataResyncDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) vppclient.DataResyncDSL { - key := models.Key(&nat.Nat44AddressPool{}) + key := models.Key(pool) dsl.txn.Put(key, pool) dsl.txnKeys = append(dsl.txnKeys, key) From 2294f3a17ce3057edc09fad31e86b4e248f346c7 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 19 Dec 2019 18:38:34 +0100 Subject: [PATCH 5/9] Refacor NAT proto comments Signed-off-by: Rastislav Szabo --- proto/ligato/vpp/nat/nat.pb.go | 141 +++++++++++++++++++--------- proto/ligato/vpp/nat/nat.proto | 162 +++++++++++++++++++++------------ 2 files changed, 201 insertions(+), 102 deletions(-) diff --git a/proto/ligato/vpp/nat/nat.pb.go b/proto/ligato/vpp/nat/nat.pb.go index 1ce45d0ebc..6da39bb0e7 100644 --- a/proto/ligato/vpp/nat/nat.pb.go +++ b/proto/ligato/vpp/nat/nat.pb.go @@ -20,11 +20,13 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package +// Available protocols. type DNat44_Protocol int32 const ( - DNat44_TCP DNat44_Protocol = 0 - DNat44_UDP DNat44_Protocol = 1 + DNat44_TCP DNat44_Protocol = 0 + DNat44_UDP DNat44_Protocol = 1 + // ICMP is not permitted for load balanced entries. DNat44_ICMP DNat44_Protocol = 2 ) @@ -48,6 +50,7 @@ func (DNat44_Protocol) EnumDescriptor() ([]byte, []int) { return fileDescriptor_6c5496f531b4b7d3, []int{1, 0} } +// Available twice-NAT modes. type DNat44_StaticMapping_TwiceNatMode int32 const ( @@ -76,14 +79,19 @@ func (DNat44_StaticMapping_TwiceNatMode) EnumDescriptor() ([]byte, []int) { return fileDescriptor_6c5496f531b4b7d3, []int{1, 0, 0} } +// Nat44Global defines global NAT44 configuration. type Nat44Global struct { - Forwarding bool `protobuf:"varint,1,opt,name=forwarding,proto3" json:"forwarding,omitempty"` - NatInterfaces []*Nat44Global_Interface `protobuf:"bytes,2,rep,name=nat_interfaces,json=natInterfaces,proto3" json:"nat_interfaces,omitempty"` // Deprecated: Do not use. - AddressPool []*Nat44Global_Address `protobuf:"bytes,3,rep,name=address_pool,json=addressPool,proto3" json:"address_pool,omitempty"` // Deprecated: Do not use. - VirtualReassembly *VirtualReassembly `protobuf:"bytes,4,opt,name=virtual_reassembly,json=virtualReassembly,proto3" json:"virtual_reassembly,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // Enable/disable forwarding. + Forwarding bool `protobuf:"varint,1,opt,name=forwarding,proto3" json:"forwarding,omitempty"` + // List of NAT-enabled interfaces. Deprecated - use separate Nat44Interface entries instead. + NatInterfaces []*Nat44Global_Interface `protobuf:"bytes,2,rep,name=nat_interfaces,json=natInterfaces,proto3" json:"nat_interfaces,omitempty"` // Deprecated: Do not use. + // Address pool used for source IP NAT. Deprecated - use separate Nat44AddressPool entries instead. + AddressPool []*Nat44Global_Address `protobuf:"bytes,3,rep,name=address_pool,json=addressPool,proto3" json:"address_pool,omitempty"` // Deprecated: Do not use. + // Virtual reassembly for IPv4. + VirtualReassembly *VirtualReassembly `protobuf:"bytes,4,opt,name=virtual_reassembly,json=virtualReassembly,proto3" json:"virtual_reassembly,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Nat44Global) Reset() { *m = Nat44Global{} } @@ -141,9 +149,13 @@ func (m *Nat44Global) GetVirtualReassembly() *VirtualReassembly { return nil } +// Interface defines a network interface enabled for NAT. type Nat44Global_Interface struct { - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - IsInside bool `protobuf:"varint,2,opt,name=is_inside,json=isInside,proto3" json:"is_inside,omitempty"` + // Interface name (logical). + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Distinguish between inside/outside interface. + IsInside bool `protobuf:"varint,2,opt,name=is_inside,json=isInside,proto3" json:"is_inside,omitempty"` + // Enable/disable output feature. OutputFeature bool `protobuf:"varint,3,opt,name=output_feature,json=outputFeature,proto3" json:"output_feature,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -196,9 +208,14 @@ func (m *Nat44Global_Interface) GetOutputFeature() bool { return false } +// Address defines an address to be used for source IP NAT. type Nat44Global_Address struct { - Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` - VrfId uint32 `protobuf:"varint,2,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + // IPv4 address. + Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` + // VRF id of tenant, 0xFFFFFFFF means independent of VRF. + // Non-zero (and not all-ones) VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + VrfId uint32 `protobuf:"varint,2,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + // Enable/disable twice NAT. TwiceNat bool `protobuf:"varint,3,opt,name=twice_nat,json=twiceNat,proto3" json:"twice_nat,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -251,9 +268,13 @@ func (m *Nat44Global_Address) GetTwiceNat() bool { return false } +// DNat44 defines destination NAT44 configuration. type DNat44 struct { - Label string `protobuf:"bytes,1,opt,name=label,proto3" json:"label,omitempty"` - StMappings []*DNat44_StaticMapping `protobuf:"bytes,2,rep,name=st_mappings,json=stMappings,proto3" json:"st_mappings,omitempty"` + // Unique identifier for the DNAT configuration. + Label string `protobuf:"bytes,1,opt,name=label,proto3" json:"label,omitempty"` + // A list of static mappings in DNAT. + StMappings []*DNat44_StaticMapping `protobuf:"bytes,2,rep,name=st_mappings,json=stMappings,proto3" json:"st_mappings,omitempty"` + // A list of identity mappings in DNAT. IdMappings []*DNat44_IdentityMapping `protobuf:"bytes,3,rep,name=id_mappings,json=idMappings,proto3" json:"id_mappings,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -306,17 +327,25 @@ func (m *DNat44) GetIdMappings() []*DNat44_IdentityMapping { return nil } +// StaticMapping defines a list of static mappings in DNAT. type DNat44_StaticMapping struct { - ExternalInterface string `protobuf:"bytes,1,opt,name=external_interface,json=externalInterface,proto3" json:"external_interface,omitempty"` - ExternalIp string `protobuf:"bytes,2,opt,name=external_ip,json=externalIp,proto3" json:"external_ip,omitempty"` - ExternalPort uint32 `protobuf:"varint,3,opt,name=external_port,json=externalPort,proto3" json:"external_port,omitempty"` - LocalIps []*DNat44_StaticMapping_LocalIP `protobuf:"bytes,4,rep,name=local_ips,json=localIps,proto3" json:"local_ips,omitempty"` - Protocol DNat44_Protocol `protobuf:"varint,5,opt,name=protocol,proto3,enum=ligato.vpp.nat.DNat44_Protocol" json:"protocol,omitempty"` - TwiceNat DNat44_StaticMapping_TwiceNatMode `protobuf:"varint,6,opt,name=twice_nat,json=twiceNat,proto3,enum=ligato.vpp.nat.DNat44_StaticMapping_TwiceNatMode" json:"twice_nat,omitempty"` - SessionAffinity uint32 `protobuf:"varint,7,opt,name=session_affinity,json=sessionAffinity,proto3" json:"session_affinity,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + // Interface to use external IP from; preferred over external_ip. + ExternalInterface string `protobuf:"bytes,1,opt,name=external_interface,json=externalInterface,proto3" json:"external_interface,omitempty"` + // External address. + ExternalIp string `protobuf:"bytes,2,opt,name=external_ip,json=externalIp,proto3" json:"external_ip,omitempty"` + // Port (do not set for address mapping). + ExternalPort uint32 `protobuf:"varint,3,opt,name=external_port,json=externalPort,proto3" json:"external_port,omitempty"` + // List of local IP addresses. If there is more than one entry, load-balancing is enabled. + LocalIps []*DNat44_StaticMapping_LocalIP `protobuf:"bytes,4,rep,name=local_ips,json=localIps,proto3" json:"local_ips,omitempty"` + // Protocol used for static mapping. + Protocol DNat44_Protocol `protobuf:"varint,5,opt,name=protocol,proto3,enum=ligato.vpp.nat.DNat44_Protocol" json:"protocol,omitempty"` + // Enable/disable (self-)twice NAT. + TwiceNat DNat44_StaticMapping_TwiceNatMode `protobuf:"varint,6,opt,name=twice_nat,json=twiceNat,proto3,enum=ligato.vpp.nat.DNat44_StaticMapping_TwiceNatMode" json:"twice_nat,omitempty"` + // Session affinity. 0 means disabled, otherwise client IP affinity sticky time in seconds. + SessionAffinity uint32 `protobuf:"varint,7,opt,name=session_affinity,json=sessionAffinity,proto3" json:"session_affinity,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *DNat44_StaticMapping) Reset() { *m = DNat44_StaticMapping{} } @@ -393,10 +422,15 @@ func (m *DNat44_StaticMapping) GetSessionAffinity() uint32 { return 0 } +// LocalIP defines a local IP addresses. type DNat44_StaticMapping_LocalIP struct { - VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` - LocalIp string `protobuf:"bytes,2,opt,name=local_ip,json=localIp,proto3" json:"local_ip,omitempty"` - LocalPort uint32 `protobuf:"varint,3,opt,name=local_port,json=localPort,proto3" json:"local_port,omitempty"` + // VRF (table) ID. Non-zero VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + // Local IP address). + LocalIp string `protobuf:"bytes,2,opt,name=local_ip,json=localIp,proto3" json:"local_ip,omitempty"` + // Port (do not set for address mapping). + LocalPort uint32 `protobuf:"varint,3,opt,name=local_port,json=localPort,proto3" json:"local_port,omitempty"` + // Probability level for load-balancing mode. Probability uint32 `protobuf:"varint,4,opt,name=probability,proto3" json:"probability,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -456,11 +490,17 @@ func (m *DNat44_StaticMapping_LocalIP) GetProbability() uint32 { return 0 } +// IdentityMapping defines an identity mapping in DNAT. type DNat44_IdentityMapping struct { - VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` - Interface string `protobuf:"bytes,2,opt,name=interface,proto3" json:"interface,omitempty"` - IpAddress string `protobuf:"bytes,3,opt,name=ip_address,json=ipAddress,proto3" json:"ip_address,omitempty"` - Port uint32 `protobuf:"varint,4,opt,name=port,proto3" json:"port,omitempty"` + // VRF (table) ID. Non-zero VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + // Name of the interface to use address from; preferred over ip_address. + Interface string `protobuf:"bytes,2,opt,name=interface,proto3" json:"interface,omitempty"` + // IP address. + IpAddress string `protobuf:"bytes,3,opt,name=ip_address,json=ipAddress,proto3" json:"ip_address,omitempty"` + // Port (do not set for address mapping). + Port uint32 `protobuf:"varint,4,opt,name=port,proto3" json:"port,omitempty"` + // Protocol used for identity mapping. Protocol DNat44_Protocol `protobuf:"varint,5,opt,name=protocol,proto3,enum=ligato.vpp.nat.DNat44_Protocol" json:"protocol,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -527,11 +567,15 @@ func (m *DNat44_IdentityMapping) GetProtocol() DNat44_Protocol { return DNat44_TCP } -// Local network interfaces enabled for NAT44. +// Nat44Interface defines a local network interfaces enabled for NAT44. type Nat44Interface struct { - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - NatInside bool `protobuf:"varint,2,opt,name=nat_inside,json=natInside,proto3" json:"nat_inside,omitempty"` - NatOutside bool `protobuf:"varint,3,opt,name=nat_outside,json=natOutside,proto3" json:"nat_outside,omitempty"` + // Interface name (logical). + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Enable/disable NAT on inside. + NatInside bool `protobuf:"varint,2,opt,name=nat_inside,json=natInside,proto3" json:"nat_inside,omitempty"` + // Enable/disable NAT on outside. + NatOutside bool `protobuf:"varint,3,opt,name=nat_outside,json=natOutside,proto3" json:"nat_outside,omitempty"` + // Enable/disable output feature. OutputFeature bool `protobuf:"varint,4,opt,name=output_feature,json=outputFeature,proto3" json:"output_feature,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -591,11 +635,16 @@ func (m *Nat44Interface) GetOutputFeature() bool { return false } -// Address Pools used for NAT44. +// Nat44AddressPool defines an address pool used for NAT44. type Nat44AddressPool struct { - VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` - FirstIp string `protobuf:"bytes,2,opt,name=first_ip,json=firstIp,proto3" json:"first_ip,omitempty"` - LastIp string `protobuf:"bytes,3,opt,name=last_ip,json=lastIp,proto3" json:"last_ip,omitempty"` + // VRF id of tenant, 0xFFFFFFFF means independent of VRF. + // Non-zero (and not all-ones) VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + VrfId uint32 `protobuf:"varint,1,opt,name=vrf_id,json=vrfId,proto3" json:"vrf_id,omitempty"` + // First IP address of the pool. + FirstIp string `protobuf:"bytes,2,opt,name=first_ip,json=firstIp,proto3" json:"first_ip,omitempty"` + // Last IP address of the pool. Should be higher than first_ip or empty. + LastIp string `protobuf:"bytes,3,opt,name=last_ip,json=lastIp,proto3" json:"last_ip,omitempty"` + // Enable/disable twice NAT. TwiceNat bool `protobuf:"varint,4,opt,name=twice_nat,json=twiceNat,proto3" json:"twice_nat,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` @@ -655,11 +704,15 @@ func (m *Nat44AddressPool) GetTwiceNat() bool { return false } -// NAT virtual reassembly +// VirtualReassembly defines NAT virtual reassembly settings. type VirtualReassembly struct { - Timeout uint32 `protobuf:"varint,1,opt,name=timeout,proto3" json:"timeout,omitempty"` - MaxReassemblies uint32 `protobuf:"varint,2,opt,name=max_reassemblies,json=maxReassemblies,proto3" json:"max_reassemblies,omitempty"` - MaxFragments uint32 `protobuf:"varint,3,opt,name=max_fragments,json=maxFragments,proto3" json:"max_fragments,omitempty"` + // Reassembly timeout. + Timeout uint32 `protobuf:"varint,1,opt,name=timeout,proto3" json:"timeout,omitempty"` + // Maximum number of concurrent reassemblies. + MaxReassemblies uint32 `protobuf:"varint,2,opt,name=max_reassemblies,json=maxReassemblies,proto3" json:"max_reassemblies,omitempty"` + // Maximum number of fragments per reassembly. + MaxFragments uint32 `protobuf:"varint,3,opt,name=max_fragments,json=maxFragments,proto3" json:"max_fragments,omitempty"` + // If set to true fragments are dropped, translated otherwise. DropFragments bool `protobuf:"varint,4,opt,name=drop_fragments,json=dropFragments,proto3" json:"drop_fragments,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` diff --git a/proto/ligato/vpp/nat/nat.proto b/proto/ligato/vpp/nat/nat.proto index c5a5fa0af6..fe81d0b9e5 100644 --- a/proto/ligato/vpp/nat/nat.proto +++ b/proto/ligato/vpp/nat/nat.proto @@ -4,99 +4,145 @@ package ligato.vpp.nat; option go_package = "go.ligato.io/vpp-agent/v2/proto/ligato/vpp/nat;vpp_nat"; +// Nat44Global defines global NAT44 configuration. message Nat44Global { - bool forwarding = 1; /* Enable/disable forwarding. */ - - message Interface { /* Local network interfaces enabled for NAT44. */ - string name = 1; /* (logical) Interface name. */ - bool is_inside = 2; /* Distinguish between inside/outside interface. */ - bool output_feature = 3; /* Enable/disable output feature. */ + // Enable/disable forwarding. + bool forwarding = 1; + + // Interface defines a network interface enabled for NAT. + message Interface { + // Interface name (logical). + string name = 1; + // Distinguish between inside/outside interface. + bool is_inside = 2; + // Enable/disable output feature. + bool output_feature = 3; } - repeated Interface nat_interfaces = 2 [deprecated=true]; /* Use separate Nat44Interface entries instead. */ + // List of NAT-enabled interfaces. Deprecated - use separate Nat44Interface entries instead. + repeated Interface nat_interfaces = 2 [deprecated=true]; + // Address defines an address to be used for source IP NAT. message Address { - string address = 1; /* IPv4 address. */ - uint32 vrf_id = 2; /* VRF id of tenant, 0xFFFFFFFF means independent of VRF. - Non-zero (and not all-ones) VRF has to be explicitly created - (see api/models/vpp/l3/vrf.proto). - */ - bool twice_nat = 3; /* Enable/disable twice NAT. */ + // IPv4 address. + string address = 1; + // VRF id of tenant, 0xFFFFFFFF means independent of VRF. + // Non-zero (and not all-ones) VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + uint32 vrf_id = 2; + // Enable/disable twice NAT. + bool twice_nat = 3; } - repeated Address address_pool = 3 [deprecated=true]; /* Use separate Nat44AddressPool entries instead. */ + // Address pool used for source IP NAT. Deprecated - use separate Nat44AddressPool entries instead. + repeated Address address_pool = 3 [deprecated=true]; - VirtualReassembly virtual_reassembly = 4; /* Virtual reassembly for IPv4 */ + // Virtual reassembly for IPv4. + VirtualReassembly virtual_reassembly = 4; } +// DNat44 defines destination NAT44 configuration. message DNat44 { - string label = 1; /* Unique identifier for the DNAT configuration. */ + // Unique identifier for the DNAT configuration. + string label = 1; - enum Protocol { /* Available protocols. */ + // Available protocols. + enum Protocol { TCP = 0; UDP = 1; - ICMP = 2; /* ICMP is not permitted for load balanced entries. */ + // ICMP is not permitted for load balanced entries. + ICMP = 2; }; - message StaticMapping { /* A list of static mappings in DNAT. */ - string external_interface = 1; /* Interface to use external IP from; preferred over external_ip. */ - string external_ip = 2; /* External address. */ - uint32 external_port = 3; /* Port (do not set for address mapping). */ + // StaticMapping defines a list of static mappings in DNAT. + message StaticMapping { + // Interface to use external IP from; preferred over external_ip. + string external_interface = 1; + // External address. + string external_ip = 2; + // Port (do not set for address mapping). + uint32 external_port = 3; + // LocalIP defines a local IP addresses. message LocalIP { - uint32 vrf_id = 1; /* VRF (table) ID. Non-zero VRF has to be explicitly created - (see api/models/vpp/l3/vrf.proto) */ - string local_ip = 2; /* Local IP address). */ - uint32 local_port = 3; /* port (do not set for address mapping). */ - uint32 probability = 4; /* Probability mode. */ + // VRF (table) ID. Non-zero VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + uint32 vrf_id = 1; + // Local IP address). + string local_ip = 2; + // Port (do not set for address mapping). + uint32 local_port = 3; + // Probability level for load-balancing mode. + uint32 probability = 4; } - repeated LocalIP local_ips = 4; /* List of local IP addresses. If there is more than one entry, - Load ballancer is enabled. */ - Protocol protocol = 5; /* Protocol used for static mapping. */ + // List of local IP addresses. If there is more than one entry, load-balancing is enabled. + repeated LocalIP local_ips = 4; + + // Protocol used for static mapping. + Protocol protocol = 5; - enum TwiceNatMode { /* Available twice-NAT modes */ + // Available twice-NAT modes. + enum TwiceNatMode { DISABLED = 0; ENABLED = 1; SELF = 2; }; - TwiceNatMode twice_nat = 6; /* Enable/disable (self-)twice NAT. */ - uint32 session_affinity = 7; /* Session affinity if 0 disabled, otherwise client - IP affinity sticky time in seconds */ + // Enable/disable (self-)twice NAT. + TwiceNatMode twice_nat = 6; + + // Session affinity. 0 means disabled, otherwise client IP affinity sticky time in seconds. + uint32 session_affinity = 7; } + // A list of static mappings in DNAT. repeated StaticMapping st_mappings = 2; - message IdentityMapping { /* A list of identity mappings in DNAT. */ - uint32 vrf_id = 1; /* VRF (table) ID. Non-zero VRF has to be explicitly created - (see api/models/vpp/l3/vrf.proto) */ - string interface = 2; /* Name of the interface to use address from; preferred over ip_address. */ - string ip_address = 3; /* IP address. */ - uint32 port = 4; /* Port (do not set for address mapping). */ - Protocol protocol = 5; /* Protocol used for identity mapping. */ + // IdentityMapping defines an identity mapping in DNAT. + message IdentityMapping { + // VRF (table) ID. Non-zero VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + uint32 vrf_id = 1; + // Name of the interface to use address from; preferred over ip_address. + string interface = 2; + // IP address. + string ip_address = 3; + // Port (do not set for address mapping). + uint32 port = 4; + // Protocol used for identity mapping. + Protocol protocol = 5; } + // A list of identity mappings in DNAT. repeated IdentityMapping id_mappings = 3; } -/* Local network interfaces enabled for NAT44. */ +// Nat44Interface defines a local network interfaces enabled for NAT44. message Nat44Interface { - string name = 1; /* (logical) Interface name. */ - bool nat_inside = 2; /* Enable/disable NAT on inside. */ - bool nat_outside = 3; /* Enable/disable NAT on outside. */ - bool output_feature = 4; /* Enable/disable output feature. */ + // Interface name (logical). + string name = 1; + // Enable/disable NAT on inside. + bool nat_inside = 2; + // Enable/disable NAT on outside. + bool nat_outside = 3; + // Enable/disable output feature. + bool output_feature = 4; } -/* Address Pools used for NAT44. */ +// Nat44AddressPool defines an address pool used for NAT44. message Nat44AddressPool { - uint32 vrf_id = 1; /* VRF id of tenant, 0xFFFFFFFF means independent of VRF. - Non-zero (and not all-ones) VRF has to be explicitly created - (see api/models/vpp/l3/vrf.proto). */ - string first_ip = 2; /* First IP address of the pool. */ - string last_ip = 3; /* Last IP address of the pool. Should be higher than first_ip or empty. */ - bool twice_nat = 4; /* Enable/disable twice NAT. */ + // VRF id of tenant, 0xFFFFFFFF means independent of VRF. + // Non-zero (and not all-ones) VRF has to be explicitly created (see api/models/vpp/l3/vrf.proto). + uint32 vrf_id = 1; + // First IP address of the pool. + string first_ip = 2; + // Last IP address of the pool. Should be higher than first_ip or empty. + string last_ip = 3; + // Enable/disable twice NAT. + bool twice_nat = 4; } -/* NAT virtual reassembly */ +// VirtualReassembly defines NAT virtual reassembly settings. message VirtualReassembly { - uint32 timeout = 1; /* Reassembly timeout */ - uint32 max_reassemblies = 2; /* Maximum number of concurrent reassemblies */ - uint32 max_fragments = 3; /* Maximum number of fragments per reassembly */ - bool drop_fragments = 4; /* If set to true fragments are dropped, translated otherwise*/ + // Reassembly timeout. + uint32 timeout = 1; + // Maximum number of concurrent reassemblies. + uint32 max_reassemblies = 2; + // Maximum number of fragments per reassembly. + uint32 max_fragments = 3; + // If set to true fragments are dropped, translated otherwise. + bool drop_fragments = 4; } From 5903611b1e71ae005067bc00eb39ffe3adfe07e8 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 19 Dec 2019 20:04:40 +0100 Subject: [PATCH 6/9] Fix missing clientv2 APIs & nat44 addr descriptor retrive dependency Signed-off-by: Rastislav Szabo --- clientv2/linux/data_change_api.go | 8 +++++++ clientv2/linux/data_resync_api.go | 4 ++++ clientv2/linux/dbadapter/data_change_db.go | 24 +++++++++++++++++++ clientv2/linux/dbadapter/data_resync_db.go | 18 ++++++++++++++ clientv2/vpp/data_change_api.go | 4 ++++ clientv2/vpp/dbadapter/data_change_db.go | 12 ++++++++++ .../descriptor/nat44_address_pool.go | 2 ++ 7 files changed, 72 insertions(+) diff --git a/clientv2/linux/data_change_api.go b/clientv2/linux/data_change_api.go index 866eda0a88..08490bd381 100644 --- a/clientv2/linux/data_change_api.go +++ b/clientv2/linux/data_change_api.go @@ -109,6 +109,10 @@ type PutDSL interface { NAT44Global(nat *nat.Nat44Global) PutDSL // DNAT44 adds a request to create or update DNAT44 configuration DNAT44(dnat *nat.DNat44) PutDSL + // NAT44Interface adds a request to create or update NAT44 interface configuration. + NAT44Interface(natIf *nat.Nat44Interface) PutDSL + // NAT44AddressPool adds a request to create or update NAT44 address pool. + NAT44AddressPool(pool *nat.Nat44AddressPool) PutDSL // IPSecSA adds request to create a new Security Association IPSecSA(sa *ipsec.SecurityAssociation) PutDSL // IPSecSPD adds request to create a new Security Policy Database @@ -186,6 +190,10 @@ type DeleteDSL interface { NAT44Global() DeleteDSL // DNAT44 adds a request to delete an existing DNAT-44 configuration DNAT44(label string) DeleteDSL + // NAT44Interface adds a request to delete NAT44 interface configuration. + NAT44Interface(natIf *nat.Nat44Interface) DeleteDSL + // NAT44AddressPool adds a request to delete NAT44 address pool. + NAT44AddressPool(pool *nat.Nat44AddressPool) DeleteDSL // IPSecSA adds request to delete a Security Association IPSecSA(saIndex string) DeleteDSL // IPSecSPD adds request to delete a Security Policy Database diff --git a/clientv2/linux/data_resync_api.go b/clientv2/linux/data_resync_api.go index 2b1cf150c6..106117aacb 100644 --- a/clientv2/linux/data_resync_api.go +++ b/clientv2/linux/data_resync_api.go @@ -89,6 +89,10 @@ type DataResyncDSL interface { NAT44Global(nat *nat.Nat44Global) DataResyncDSL // DNAT44 adds DNAT44 configuration to the RESYNC request DNAT44(dnat *nat.DNat44) DataResyncDSL + // NAT44Interface adds NAT44 interface configuration to the RESYNC request. + NAT44Interface(natIf *nat.Nat44Interface) DataResyncDSL + // NAT44AddressPool adds NAT44 address pool configuration to the RESYNC request. + NAT44AddressPool(pool *nat.Nat44AddressPool) DataResyncDSL // IPSecSA adds request to RESYNC a new Security Association IPSecSA(sa *ipsec.SecurityAssociation) DataResyncDSL // IPSecSPD adds request to RESYNC a new Security Policy Database diff --git a/clientv2/linux/dbadapter/data_change_db.go b/clientv2/linux/dbadapter/data_change_db.go index cff86db4fc..b65a64e225 100644 --- a/clientv2/linux/dbadapter/data_change_db.go +++ b/clientv2/linux/dbadapter/data_change_db.go @@ -227,6 +227,18 @@ func (dsl *PutDSL) DNAT44(nat44 *nat.DNat44) linuxclient.PutDSL { return dsl } +// NAT44Interface adds a request to create or update NAT44 interface configuration. +func (dsl *PutDSL) NAT44Interface(natIf *nat.Nat44Interface) linuxclient.PutDSL { + dsl.parent.txn.Put(models.Key(natIf), natIf) + return dsl +} + +// NAT44AddressPool adds a request to create or update NAT44 address pool. +func (dsl *PutDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) linuxclient.PutDSL { + dsl.parent.txn.Put(models.Key(pool), pool) + return dsl +} + // IPSecSA adds request to create a new Security Association func (dsl *PutDSL) IPSecSA(sa *ipsec.SecurityAssociation) linuxclient.PutDSL { dsl.vppPut.IPSecSA(sa) @@ -416,6 +428,18 @@ func (dsl *DeleteDSL) DNAT44(label string) linuxclient.DeleteDSL { return dsl } +// NAT44Interface adds a request to delete NAT44 interface configuration. +func (dsl *DeleteDSL) NAT44Interface(natIf *nat.Nat44Interface) linuxclient.DeleteDSL { + dsl.parent.txn.Delete(models.Key(natIf)) + return dsl +} + +// NAT44AddressPool adds a request to create or update NAT44 address pool. +func (dsl *DeleteDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) linuxclient.DeleteDSL { + dsl.parent.txn.Delete(models.Key(pool)) + return dsl +} + // IPSecSA adds request to delete a Security Association func (dsl *DeleteDSL) IPSecSA(saIndex string) linuxclient.DeleteDSL { dsl.vppDelete.IPSecSA(saIndex) diff --git a/clientv2/linux/dbadapter/data_resync_db.go b/clientv2/linux/dbadapter/data_resync_db.go index 23393f2594..e7a5833003 100644 --- a/clientv2/linux/dbadapter/data_resync_db.go +++ b/clientv2/linux/dbadapter/data_resync_db.go @@ -215,6 +215,24 @@ func (dsl *DataResyncDSL) DNAT44(nat44 *nat.DNat44) linuxclient.DataResyncDSL { return dsl } +// NAT44Interface adds NAT44 interface configuration to the RESYNC request. +func (dsl *DataResyncDSL) NAT44Interface(natIf *nat.Nat44Interface) linuxclient.DataResyncDSL { + key := models.Key(natIf) + dsl.txn.Put(key, natIf) + dsl.txnKeys = append(dsl.txnKeys, key) + + return dsl +} + +// NAT44AddressPool adds NAT44 address pool configuration to the RESYNC request. +func (dsl *DataResyncDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) linuxclient.DataResyncDSL { + key := models.Key(pool) + dsl.txn.Put(key, pool) + dsl.txnKeys = append(dsl.txnKeys, key) + + return dsl +} + // IPSecSA adds request to RESYNC a new Security Association func (dsl *DataResyncDSL) IPSecSA(sa *ipsec.SecurityAssociation) linuxclient.DataResyncDSL { dsl.vppDataResync.IPSecSA(sa) diff --git a/clientv2/vpp/data_change_api.go b/clientv2/vpp/data_change_api.go index 3a3524b3c8..831fb50000 100644 --- a/clientv2/vpp/data_change_api.go +++ b/clientv2/vpp/data_change_api.go @@ -140,6 +140,10 @@ type DeleteDSL interface { NAT44Global() DeleteDSL // DNAT44 adds a request to delete an existing DNAT44 configuration DNAT44(label string) DeleteDSL + // NAT44Interface adds a request to delete NAT44 interface configuration. + NAT44Interface(natIf *nat.Nat44Interface) DeleteDSL + // NAT44AddressPool adds a request to delete NAT44 address pool. + NAT44AddressPool(pool *nat.Nat44AddressPool) DeleteDSL // IPSecSA adds request to delete a Security Association IPSecSA(saIndex string) DeleteDSL // IPSecSPD adds request to delete a Security Policy Database diff --git a/clientv2/vpp/dbadapter/data_change_db.go b/clientv2/vpp/dbadapter/data_change_db.go index 33ad0e27fa..41d5e4dfa2 100644 --- a/clientv2/vpp/dbadapter/data_change_db.go +++ b/clientv2/vpp/dbadapter/data_change_db.go @@ -311,6 +311,18 @@ func (dsl *DeleteDSL) DNAT44(label string) vppclient.DeleteDSL { return dsl } +// NAT44Interface adds a request to delete NAT44 interface configuration. +func (dsl *DeleteDSL) NAT44Interface(natIf *nat.Nat44Interface) vppclient.DeleteDSL { + dsl.parent.txn.Delete(models.Key(natIf)) + return dsl +} + +// NAT44AddressPool adds a request to create or update NAT44 address pool. +func (dsl *DeleteDSL) NAT44AddressPool(pool *nat.Nat44AddressPool) vppclient.DeleteDSL { + dsl.parent.txn.Delete(models.Key(pool)) + return dsl +} + // IPSecSA adds request to create a new Security Association func (dsl *DeleteDSL) IPSecSA(saIndex string) vppclient.DeleteDSL { dsl.parent.txn.Delete(ipsec.SAKey(saIndex)) diff --git a/plugins/vpp/natplugin/descriptor/nat44_address_pool.go b/plugins/vpp/natplugin/descriptor/nat44_address_pool.go index e5b82618f6..f1ab90a267 100644 --- a/plugins/vpp/natplugin/descriptor/nat44_address_pool.go +++ b/plugins/vpp/natplugin/descriptor/nat44_address_pool.go @@ -67,6 +67,8 @@ func NewNAT44AddressPoolDescriptor(nat44GlobalDesc *NAT44GlobalDescriptor, Delete: ctx.Delete, Retrieve: ctx.Retrieve, Dependencies: ctx.Dependencies, + // retrieve global NAT config first (required for deprecated global NAT interface & address API) + RetrieveDependencies: []string{NAT44GlobalDescriptorName}, } return adapter.NewNAT44AddressPoolDescriptor(typedDescr) } From 48f742dc945ca82565270b5068f982f649c02fa6 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 19 Dec 2019 22:04:14 +0100 Subject: [PATCH 7/9] Update end to end tests Signed-off-by: Rastislav Szabo --- tests/e2e/050_nat_test.go | 270 +++++++++++++++++++++++++++++++++----- 1 file changed, 236 insertions(+), 34 deletions(-) diff --git a/tests/e2e/050_nat_test.go b/tests/e2e/050_nat_test.go index 4e63d5172a..7e7c6ff92d 100644 --- a/tests/e2e/050_nat_test.go +++ b/tests/e2e/050_nat_test.go @@ -52,8 +52,8 @@ func TestSourceNAT(t *testing.T) { // nat sNatAddr1 = vppTap1IP - sNatAddr2 = "80.80.80.30" - sNatAddr3 = "80.80.80.40" + sNatAddr2 = "80.80.80.21" + sNatAddr3 = "80.80.80.22" netMask = "/24" ms1Name = "microservice1" @@ -125,26 +125,17 @@ func TestSourceNAT(t *testing.T) { GwAddr: vppTap2IP, } - sourceNat := &vpp_nat.Nat44Global{ + natGlobal := &vpp_nat.Nat44Global{ Forwarding: true, - NatInterfaces: []*vpp_nat.Nat44Global_Interface{ - { - Name: vppTap1Name, - IsInside: false, - OutputFeature: true, - }, - }, - AddressPool: []*vpp_nat.Nat44Global_Address{ - { - Address: sNatAddr1, - }, - { - Address: sNatAddr2, - }, - { - Address: sNatAddr3, - }, - }, + } + natInterface := &vpp_nat.Nat44Interface{ + Name: vppTap1Name, + NatOutside: true, + OutputFeature: true, + } + natPool := &vpp_nat.Nat44AddressPool{ + FirstIp: sNatAddr1, + LastIp: sNatAddr3, } nat44Addresses := func() (string, error) { @@ -173,7 +164,9 @@ func TestSourceNAT(t *testing.T) { vppTap2, linuxTap2, ms2DefaultRoute, - sourceNat, + natGlobal, + natInterface, + natPool, ).Send(context.Background()) Expect(err).ToNot(HaveOccurred(), "Transaction creating public and private networks failed") @@ -192,7 +185,9 @@ func TestSourceNAT(t *testing.T) { // remove S-NAT configuration req = ctx.grpcClient.ChangeRequest() err = req.Delete( - sourceNat, + natGlobal, + natInterface, + natPool, ).Send(context.Background()) Expect(err).ToNot(HaveOccurred(), "Transaction removing S-NAT failed") @@ -207,7 +202,9 @@ func TestSourceNAT(t *testing.T) { // get back the S-NAT configuration req = ctx.grpcClient.ChangeRequest() err = req.Update( - sourceNat, + natGlobal, + natInterface, + natPool, ).Send(context.Background()) Expect(err).ToNot(HaveOccurred(), "Transaction creating S-NAT failed") @@ -337,16 +334,14 @@ func TestNATStaticMappings(t *testing.T) { natGlobal := &vpp_nat.Nat44Global{ Forwarding: true, - NatInterfaces: []*vpp_nat.Nat44Global_Interface{ - { - Name: vppTap1Name, - IsInside: false, - }, - { - Name: vppTap2Name, - IsInside: true, - }, - }, + } + natInterface1 := &vpp_nat.Nat44Interface{ + Name: vppTap1Name, + NatOutside: true, + } + natInterface2 := &vpp_nat.Nat44Interface{ + Name: vppTap2Name, + NatInside: true, } tcpSvc := &vpp_nat.DNat44{ @@ -436,6 +431,8 @@ func TestNATStaticMappings(t *testing.T) { ms2DefaultRoute, svcExtIPsProxyArp, natGlobal, + natInterface1, + natInterface2, tcpSvc, udpSvc, ).Send(context.Background()) Expect(err).ToNot(HaveOccurred(), "Transaction creating public and private networks failed") @@ -493,3 +490,208 @@ func TestNATStaticMappings(t *testing.T) { Expect(connectUDP()).Should(Succeed()) Expect(ctx.agentInSync()).To(BeTrue(), "Agent is not in-sync") } + +// Simulate public and private networks using two microservices and test +// source-NAT in-between. Uses deprecated API for NatInterfaces and AddressPool in Nat44Global. +func TestSourceNATDeprecatedAPI(t *testing.T) { + ctx := setupE2E(t) + defer ctx.teardownE2E() + + const ( + // public network + vppTap1Name = "vpp-tap1" + vppTap1IP = "80.80.80.20" + linuxTap1Name = "linux-tap1" + linuxTap1Hostname = "tap" + linuxTap1IP = "80.80.80.10" + + // private network + vppTap2Name = "vpp-tap2" + vppTap2IP = "192.168.1.1" + linuxTap2Name = "linux-tap2" + linuxTap2Hostname = "tap" + linuxTap2IP = "192.168.1.2" + + // nat + sNatAddr1 = vppTap1IP + sNatAddr2 = "80.80.80.30" + sNatAddr3 = "80.80.80.40" + + netMask = "/24" + ms1Name = "microservice1" + ms2Name = "microservice2" + ) + + vppTap1 := &vpp_interfaces.Interface{ + Name: vppTap1Name, + Type: vpp_interfaces.Interface_TAP, + Enabled: true, + IpAddresses: []string{vppTap1IP + netMask}, + Link: &vpp_interfaces.Interface_Tap{ + Tap: &vpp_interfaces.TapLink{ + Version: 2, + ToMicroservice: msNamePrefix + ms1Name, + }, + }, + } + linuxTap1 := &linux_interfaces.Interface{ + Name: linuxTap1Name, + Type: linux_interfaces.Interface_TAP_TO_VPP, + Enabled: true, + IpAddresses: []string{linuxTap1IP + netMask}, + HostIfName: linuxTap1Hostname, + Link: &linux_interfaces.Interface_Tap{ + Tap: &linux_interfaces.TapLink{ + VppTapIfName: vppTap1Name, + }, + }, + Namespace: &linux_namespace.NetNamespace{ + Type: linux_namespace.NetNamespace_MICROSERVICE, + Reference: msNamePrefix + ms1Name, + }, + } + + vppTap2 := &vpp_interfaces.Interface{ + Name: vppTap2Name, + Type: vpp_interfaces.Interface_TAP, + Enabled: true, + IpAddresses: []string{vppTap2IP + netMask}, + Link: &vpp_interfaces.Interface_Tap{ + Tap: &vpp_interfaces.TapLink{ + Version: 2, + ToMicroservice: msNamePrefix + ms2Name, + }, + }, + } + linuxTap2 := &linux_interfaces.Interface{ + Name: linuxTap2Name, + Type: linux_interfaces.Interface_TAP_TO_VPP, + Enabled: true, + IpAddresses: []string{linuxTap2IP + netMask}, + HostIfName: linuxTap2Hostname, + Link: &linux_interfaces.Interface_Tap{ + Tap: &linux_interfaces.TapLink{ + VppTapIfName: vppTap2Name, + }, + }, + Namespace: &linux_namespace.NetNamespace{ + Type: linux_namespace.NetNamespace_MICROSERVICE, + Reference: msNamePrefix + ms2Name, + }, + } + + ms2DefaultRoute := &linux_l3.Route{ + OutgoingInterface: linuxTap2Name, + Scope: linux_l3.Route_GLOBAL, + DstNetwork: "0.0.0.0/0", + GwAddr: vppTap2IP, + } + + sourceNat := &vpp_nat.Nat44Global{ + Forwarding: true, + NatInterfaces: []*vpp_nat.Nat44Global_Interface{ + { + Name: vppTap1Name, + IsInside: false, + OutputFeature: true, + }, + }, + AddressPool: []*vpp_nat.Nat44Global_Address{ + { + Address: sNatAddr1, + }, + { + Address: sNatAddr2, + }, + { + Address: sNatAddr3, + }, + }, + } + + nat44Addresses := func() (string, error) { + return ctx.execVppctl("show", "nat44", "addresses") + } + connectTCP := func() error { + return ctx.testConnection(ms2Name, ms1Name, linuxTap1IP, linuxTap1IP, + 8000, 8000, false, tapv2InputNode) + } + connectUDP := func() error { + return ctx.testConnection(ms2Name, ms1Name, linuxTap1IP, linuxTap1IP, + 8000, 8000, true, tapv2InputNode) + } + ping := func() error { + return ctx.pingFromMs(ms2Name, linuxTap1IP) + } + + ctx.startMicroservice(ms1Name) + ctx.startMicroservice(ms2Name) + Expect(nat44Addresses()).ShouldNot(SatisfyAny( + ContainSubstring(sNatAddr1), ContainSubstring(sNatAddr2), ContainSubstring(sNatAddr3))) + req := ctx.grpcClient.ChangeRequest() + err := req.Update( + vppTap1, + linuxTap1, + vppTap2, + linuxTap2, + ms2DefaultRoute, + sourceNat, + ).Send(context.Background()) + Expect(err).ToNot(HaveOccurred(), "Transaction creating public and private networks failed") + + Eventually(ctx.getValueStateClb(vppTap1)).Should(Equal(kvscheduler.ValueState_CONFIGURED), + "TAP attached to a newly started microservice1 should be eventually configured") + Eventually(ctx.getValueStateClb(vppTap2)).Should(Equal(kvscheduler.ValueState_CONFIGURED), + "TAP attached to a newly started microservice2 should be eventually configured") + + Expect(nat44Addresses()).Should(SatisfyAll( + ContainSubstring(sNatAddr1), ContainSubstring(sNatAddr2), ContainSubstring(sNatAddr3))) + Expect(ping()).Should(Succeed()) + Expect(connectTCP()).Should(Succeed()) + Expect(connectUDP()).Should(Succeed()) + Expect(ctx.agentInSync()).To(BeTrue(), "Agent is not in-sync") + + // remove S-NAT configuration + req = ctx.grpcClient.ChangeRequest() + err = req.Delete( + sourceNat, + ).Send(context.Background()) + Expect(err).ToNot(HaveOccurred(), "Transaction removing S-NAT failed") + + // check configuration + Expect(nat44Addresses()).ShouldNot(SatisfyAny( + ContainSubstring(sNatAddr1), ContainSubstring(sNatAddr2), ContainSubstring(sNatAddr3))) + Expect(ping()).ShouldNot(Succeed()) + Expect(connectTCP()).ShouldNot(Succeed()) + Expect(connectUDP()).ShouldNot(Succeed()) + Expect(ctx.agentInSync()).To(BeTrue(), "Agent is not in-sync") + + // get back the S-NAT configuration + req = ctx.grpcClient.ChangeRequest() + err = req.Update( + sourceNat, + ).Send(context.Background()) + Expect(err).ToNot(HaveOccurred(), "Transaction creating S-NAT failed") + + Expect(nat44Addresses()).Should(SatisfyAll( + ContainSubstring(sNatAddr1), ContainSubstring(sNatAddr2), ContainSubstring(sNatAddr3))) + Expect(ping()).Should(Succeed()) + Expect(connectTCP()).Should(Succeed()) + Expect(connectUDP()).Should(Succeed()) + Expect(ctx.agentInSync()).To(BeTrue(), "Agent is not in-sync") + + // restart microservice with S-NAT attached + ctx.stopMicroservice(ms1Name) + Eventually(ctx.getValueStateClb(vppTap1)).Should(Equal(kvscheduler.ValueState_PENDING), + "Without microservice, the associated VPP-TAP should be pending") + ctx.startMicroservice(ms1Name) + Eventually(ctx.getValueStateClb(vppTap1)).Should(Equal(kvscheduler.ValueState_CONFIGURED), + "VPP-TAP attached to a re-started microservice1 should be eventually configured") + + Expect(nat44Addresses()).Should(SatisfyAll( + ContainSubstring(sNatAddr1), ContainSubstring(sNatAddr2), ContainSubstring(sNatAddr3))) + Expect(ping()).Should(Succeed()) + Expect(connectTCP()).Should(Succeed()) + Expect(connectUDP()).Should(Succeed()) + Expect(ctx.agentInSync()).To(BeTrue(), "Agent is not in-sync") +} From 12e2e067ca7b54a9f6d9b201cbaf18edf5fd1946 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Thu, 19 Dec 2019 23:18:03 +0100 Subject: [PATCH 8/9] Workaround Nat44InterfaceOutputFeatureDetails issue Signed-off-by: Rastislav Szabo --- plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go | 3 +++ plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go | 3 +++ plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go | 3 +++ .../vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go | 3 +++ 4 files changed, 12 insertions(+) diff --git a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go index 7903609cea..2237fb350b 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1904/dump_nat_vppcalls.go @@ -159,6 +159,9 @@ func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err NatOutside: msg.IsInside == 0 || msg.IsInside == 2, OutputFeature: true, } + if !natIf.NatInside && !natIf.NatOutside { + natIf.NatOutside = true + } natIfs = append(natIfs, natIf) } return diff --git a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go index 2b203f3304..d7bcd169e6 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp1908/dump_nat_vppcalls.go @@ -160,6 +160,9 @@ func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err NatOutside: flags.isOutside, OutputFeature: true, } + if !natIf.NatInside && !natIf.NatOutside { + natIf.NatOutside = true + } natIfs = append(natIfs, natIf) } return diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go index b8c3a759ac..f87b4fe443 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001/dump_nat_vppcalls.go @@ -160,6 +160,9 @@ func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err NatOutside: flags.isOutside, OutputFeature: true, } + if !natIf.NatInside && !natIf.NatOutside { + natIf.NatOutside = true + } natIfs = append(natIfs, natIf) } return diff --git a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go index 2ffbac5cca..148cbdf9a7 100644 --- a/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go +++ b/plugins/vpp/natplugin/vppcalls/vpp2001_324/dump_nat_vppcalls.go @@ -160,6 +160,9 @@ func (h *NatVppHandler) Nat44InterfacesDump() (natIfs []*nat.Nat44Interface, err NatOutside: flags.isOutside, OutputFeature: true, } + if !natIf.NatInside && !natIf.NatOutside { + natIf.NatOutside = true + } natIfs = append(natIfs, natIf) } return From 434fe1872d3297601d482c67f924d73135ba7495 Mon Sep 17 00:00:00 2001 From: Rastislav Szabo Date: Fri, 20 Dec 2019 00:18:26 +0100 Subject: [PATCH 9/9] Update NAT examples test-e2e Signed-off-by: Rastislav Szabo --- examples/kvscheduler/nat/main.go | 79 +++++++++-------- examples/localclient_vpp/nat/main.go | 124 +++++++++++++++------------ 2 files changed, 108 insertions(+), 95 deletions(-) diff --git a/examples/kvscheduler/nat/main.go b/examples/kvscheduler/nat/main.go index c31169072c..9e07fc013f 100644 --- a/examples/kvscheduler/nat/main.go +++ b/examples/kvscheduler/nat/main.go @@ -153,6 +153,12 @@ func testLocalClientWithScheduler() { VppInterface(server1VPPTap). VppInterface(server2VPPTap). NAT44Global(natGlobal). + NAT44Interface(natInterfaceTapHost). + NAT44Interface(natInterfaceTapClient). + NAT44Interface(natInterfaceTapServer1). + NAT44Interface(natInterfaceTapServer2). + NAT44AddressPool(natPool1). + NAT44AddressPool(natPool2). DNAT44(tcpServiceDNAT). DNAT44(udpServiceDNAT). DNAT44(idDNAT). @@ -257,7 +263,7 @@ const ( emptyDNATLabel = "empty-dnat" natPoolAddr1 = hostNetPrefix + "100" - natPoolAddr2 = hostNetPrefix + "200" + natPoolAddr2 = hostNetPrefix + "101" natPoolAddr3 = hostNetPrefix + "250" ) @@ -460,45 +466,38 @@ var ( MaxFragments: 10, DropFragments: true, }, - NatInterfaces: []*vpp_nat.Nat44Global_Interface{ - { - Name: vppTapHostLogicalName, - IsInside: false, - OutputFeature: true, - }, - { - Name: vppTapClientLogicalName, - IsInside: false, - OutputFeature: false, - }, - { - Name: vppTapClientLogicalName, - IsInside: true, // just to test in & out together - OutputFeature: false, - }, - { - Name: vppTapServer1LogicalName, - IsInside: true, - OutputFeature: false, - }, - { - Name: vppTapServer2LogicalName, - IsInside: true, - OutputFeature: false, - }, - }, - AddressPool: []*vpp_nat.Nat44Global_Address{ - { - Address: natPoolAddr1, - }, - { - Address: natPoolAddr2, - }, - { - Address: natPoolAddr3, - TwiceNat: true, - }, - }, + } + + /* NAT interfaces */ + + natInterfaceTapHost = &vpp_nat.Nat44Interface{ + Name: vppTapHostLogicalName, + NatOutside: true, + OutputFeature: true, + } + natInterfaceTapClient = &vpp_nat.Nat44Interface{ + Name: vppTapClientLogicalName, + NatInside: true, // just to test in & out together + NatOutside: true, + } + natInterfaceTapServer1 = &vpp_nat.Nat44Interface{ + Name: vppTapServer1LogicalName, + NatInside: true, + } + natInterfaceTapServer2 = &vpp_nat.Nat44Interface{ + Name: vppTapServer2LogicalName, + NatInside: true, + } + + /* NAT pools */ + + natPool1 = &vpp_nat.Nat44AddressPool{ + FirstIp: natPoolAddr1, + LastIp: natPoolAddr2, + } + natPool2 = &vpp_nat.Nat44AddressPool{ + FirstIp: natPoolAddr3, + TwiceNat: true, } /* TCP service */ diff --git a/examples/localclient_vpp/nat/main.go b/examples/localclient_vpp/nat/main.go index ac8d2efde0..bde3795d80 100644 --- a/examples/localclient_vpp/nat/main.go +++ b/examples/localclient_vpp/nat/main.go @@ -35,15 +35,14 @@ var ( timeout = flag.Int("timeout", 20, "Timeout between applying of global and DNAT configuration in seconds") ) -/* Confgiuration */ +/* Configuration */ -// Global NAT is a one-time configuration (single key in the etcd, but it can be modified or removed as ususally). -// Configured items are 'global' for the whole NAT44 environment. Data consists of: -// - NAT forwarding setup -// - Enabled interfaces (including output feature) -// - Enabled address pools +// Basic NAT configuration consists of 3 parts: +// - Global NAT: NAT settings which are 'global' for the whole NAT44 environment, e.g. NAT forwarding setup +// - NAT-enabled interfaces (including output feature): each interface is configured individually +// - NAT address pools: each address pool can be configured individually -/* Result of test NAT global data */ +/* Result of the test NAT config */ /* vpp# sh nat44 interfaces NAT44 interfaces: @@ -53,32 +52,32 @@ NAT44 interfaces: vpp# sh nat44 addresses NAT44 pool addresses: -192.168.0.1 +10.10.0.1 tenant VRF: 0 0 busy udp ports 0 busy tcp ports 0 busy icmp ports -175.124.0.1 +10.10.0.2 tenant VRF: 0 0 busy udp ports 0 busy tcp ports 0 busy icmp ports -175.124.0.2 +175.124.0.1 tenant VRF: 0 0 busy udp ports 0 busy tcp ports 0 busy icmp ports -175.124.0.3 +175.124.0.2 tenant VRF: 0 0 busy udp ports 0 busy tcp ports 0 busy icmp ports -10.10.0.1 +175.124.0.3 tenant VRF: 0 0 busy udp ports 0 busy tcp ports 0 busy icmp ports -10.10.0.2 +192.168.0.1 tenant VRF: 0 0 busy udp ports 0 busy tcp ports @@ -170,7 +169,7 @@ func (p *NatExamplePlugin) Init() error { // AfterInit initializes example plugin. func (p *NatExamplePlugin) AfterInit() error { // Apply initial VPP configuration. - p.putGlobalConfig() + p.putBasicNATConfig() // Schedule reconfiguration. var ctx context.Context @@ -195,19 +194,25 @@ func (p *NatExamplePlugin) String() string { return PluginName } -// Configure NAT44 Global config -func (p *NatExamplePlugin) putGlobalConfig() { - p.Log.Infof("Applying NAT44 global configuration") +// Configure NAT44 config +func (p *NatExamplePlugin) putBasicNATConfig() { + p.Log.Infof("Applying NAT44 configuration") err := localclient.DataResyncRequest(PluginName). Interface(interface1()). Interface(interface2()). Interface(interface3()). NAT44Global(globalNat()). + NAT44Interface(natInterface1()). + NAT44Interface(natInterface2()). + NAT44Interface(natInterface3()). + NAT44AddressPool(natPool1()). + NAT44AddressPool(natPool2()). + NAT44AddressPool(natPool3()). Send().ReceiveReply() if err != nil { - p.Log.Errorf("NAT44 global configuration failed: %v", err) + p.Log.Errorf("NAT44 configuration failed: %v", err) } else { - p.Log.Info("NAT44 global configuration successful") + p.Log.Info("NAT44 configuration successful") } } @@ -297,42 +302,51 @@ func interface3() *vpp_intf.Interface { func globalNat() *nat.Nat44Global { return &nat.Nat44Global{ Forwarding: false, - NatInterfaces: []*nat.Nat44Global_Interface{ - { - Name: "memif1", - IsInside: false, - OutputFeature: false, - }, - { - Name: "memif2", - IsInside: false, - OutputFeature: true, - }, - { - Name: "memif3", - IsInside: true, - OutputFeature: false, - }, - }, - AddressPool: []*nat.Nat44Global_Address{ - { - VrfId: 0, - Address: "192.168.0.1", - TwiceNat: false, - }, - { - VrfId: 0, - Address: "175.124.0.1", - //LastSrcAddress: "175.124.0.3", - TwiceNat: false, - }, - { - VrfId: 0, - Address: "10.10.0.1", - //LastSrcAddress: "10.10.0.2", - TwiceNat: false, - }, - }, + } +} + +func natInterface1() *nat.Nat44Interface { + return &nat.Nat44Interface{ + Name: "memif1", + NatOutside: true, + } +} + +func natInterface2() *nat.Nat44Interface { + return &nat.Nat44Interface{ + Name: "memif2", + NatOutside: true, + OutputFeature: true, + } +} + +func natInterface3() *nat.Nat44Interface { + return &nat.Nat44Interface{ + Name: "memif3", + NatInside: true, + } +} + +func natPool1() *nat.Nat44AddressPool { + return &nat.Nat44AddressPool{ + VrfId: 0, + FirstIp: "192.168.0.1", + } +} + +func natPool2() *nat.Nat44AddressPool { + return &nat.Nat44AddressPool{ + VrfId: 0, + FirstIp: "175.124.0.1", + LastIp: "175.124.0.3", + } +} + +func natPool3() *nat.Nat44AddressPool { + return &nat.Nat44AddressPool{ + VrfId: 0, + FirstIp: "10.10.0.1", + LastIp: "10.10.0.2", } }