option version = "5.2.0";
import "vnet/ip/ip_types.api";
import "vnet/interface_types.api";
+import "plugins/nat/nat_types.api";
/**
* @file nat.api
* Common NAT plugin APIs
*/
-enum nat_config_flags : u8
-{
- NAT_IS_NONE = 0x00,
- NAT_IS_TWICE_NAT = 0x01,
- NAT_IS_SELF_TWICE_NAT = 0x02,
- NAT_IS_OUT2IN_ONLY = 0x04,
- NAT_IS_ADDR_ONLY = 0x08,
- NAT_IS_OUTSIDE = 0x10,
- NAT_IS_INSIDE = 0x20,
- NAT_IS_STATIC = 0x40,
- NAT_IS_EXT_HOST_VALID = 0x80,
-};
-
/** \brief Control ping from client to api server request
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
*/
define nat_show_config
{
+ option deprecated;
u32 client_index;
u32 context;
};
-/** \brief Show NAT plugin startup config reply
+/** \brief DEPRECATED: Show NAT plugin startup config reply
@param context - sender context, to match reply w/ request
@param retval - return code for the request
@param static_mapping_only - if true dynamic translations disabled
u32 translation_buckets;
u32 translation_memory_size;
u32 user_buckets;
- u32 user_memory_size;
+ u64 user_memory_size;
+ u32 max_translations_per_user;
+ u32 outside_vrf_id;
+ u32 inside_vrf_id;
+ u32 nat64_bib_buckets;
+ u64 nat64_bib_memory_size;
+ u32 nat64_st_buckets;
+ u64 nat64_st_memory_size;
+};
+
+/** \brief Show NAT plugin startup config
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+define nat_show_config_2
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Show NAT plugin startup config reply
+ @param context - sender context, to match reply w/ request
+ @param retval - return code for the request
+ @param static_mapping_only - if true dynamic translations disabled
+ @param static_mapping_connection_tracking - if true create session data
+ @param deterministic - if true deterministic mapping
+ @param endpoint_dependent - if true endpoint-dependent mode
+ @param out2in_dpo - if true out2in dpo mode
+ @param dslite_ce - if true DS-Lite is CE/B4 element, if false AFTR elemet
+ @param translation_buckets - number of translation hash buckets
+ @param translation_memory_size - translation hash memory size
+ @param user_buckets - number of user hash buckets
+ @param user_memory_size - user hash memory size
+ @param max_translations_per_user - maximum number of translations per user
+ @param outside_vrf_id - outside VRF id
+ @param inside_vrf_id - default inside VRF id
+ @param nat64_bib_buckets - number of NAT64 BIB hash buckets
+ @param nat64_bib_memory_size - memory size of NAT64 BIB hash
+ @param nat64_st_buckets - number of NAT64 session table hash buckets
+ @param nat64_st_memory_size - memory size of NAT64 session table hash
+ @param max_translations_per_thread - max translations per worker thread
+ @param max_users_per_thread - max users per worker thread
+*/
+define nat_show_config_2_reply
+{
+ u32 context;
+ i32 retval;
+ bool static_mapping_only;
+ bool static_mapping_connection_tracking;
+ bool deterministic;
+ bool endpoint_dependent;
+ bool out2in_dpo;
+ bool dslite_ce;
+ u32 translation_buckets;
+ u64 translation_memory_size;
+ u32 user_buckets;
+ u64 user_memory_size;
u32 max_translations_per_user;
u32 outside_vrf_id;
u32 inside_vrf_id;
u32 nat64_bib_buckets;
- u32 nat64_bib_memory_size;
+ u64 nat64_bib_memory_size;
u32 nat64_st_buckets;
- u32 nat64_st_memory_size;
+ u64 nat64_st_memory_size;
+ u32 max_translations_per_thread;
+ u32 max_users_per_thread;
};
enum nat_log_level : u8
NAT_LOG_DEBUG = 0x05,
};
+/** \brief Run nat44 garbage collection
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+*/
+autoreply define nat44_session_cleanup {
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief NAT44 set session limit
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param session_limit - session limit
+ @param vrf_id - vrf id
+*/
+autoreply define nat44_set_session_limit {
+ u32 client_index;
+ u32 context;
+ u32 session_limit;
+ u32 vrf_id;
+};
+
/** \brief Set NAT logging level
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
* NAT44 APIs
*/
+/** \brief Del NAT44 user
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param ip_address - IPv4 address
+ @param fib_index - FIB index
+*/
+autoreply define nat44_del_user {
+ u32 client_index;
+ u32 context;
+ vl_api_ip4_address_t ip_address;
+ u32 fib_index;
+};
+
/** \brief Add/del NAT44 address range
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
bool enabled;
};
-
-/*
- * Deterministic NAT (CGN) APIs
- */
-
-/** \brief Add/delete NAT deterministic mapping
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - true if add, false if delete
- @param in_addr - inside IPv4 address
- @param in_plen - inside IPv4 address prefix length
- @param out_addr - outside IPv4 address
- @param out_plen - outside IPv4 address prefix length
-*/
-autoreply define nat_det_add_del_map {
- u32 client_index;
- u32 context;
- bool is_add;
- vl_api_ip4_address_t in_addr;
- u8 in_plen;
- vl_api_ip4_address_t out_addr;
- u8 out_plen;
-};
-
-/** \brief Get outside address and port range from inside address
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param in_addr - inside IP address
-*/
-define nat_det_forward {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t in_addr;
-};
-
-/** \brief Get outside address and port range from inside address
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param out_port_lo - outside port range start
- @param out_port_hi - outside port range end
- @param out_addr - outside IPv4 address
-*/
-define nat_det_forward_reply {
- u32 context;
- i32 retval;
- u16 out_port_lo;
- u16 out_port_hi;
- vl_api_ip4_address_t out_addr;
-};
-
-/** \brief Get inside address from outside address and port
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param out_port - outside port
- @param out_addr - outside IPv4 address
-*/
-define nat_det_reverse {
- u32 client_index;
- u32 context;
- u16 out_port;
- vl_api_ip4_address_t out_addr;
-};
-
-/** \brief Get inside address from outside address and port reply
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param in_addr - inside IP address
-*/
-define nat_det_reverse_reply {
- u32 context;
- i32 retval;
- vl_api_ip4_address_t in_addr;
-};
-
-/** \brief Dump NAT deterministic mappings
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat_det_map_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief NAT users response
- @param context - sender context, to match reply w/ request
- @param in_addr - inside IPv4 address
- @param in_plen - inside IPv4 address prefix length
- @param out_addr - outside IPv4 address
- @param out_plen - outside IPv4 address prefix length
- @param sharing_ratio - outside to inside address sharing ratio
- @param ports_per_host - number of ports available to a host
- @param ses_num - number of sessions belonging to this mapping
-*/
-define nat_det_map_details {
- u32 context;
- vl_api_ip4_address_t in_addr;
- u8 in_plen;
- vl_api_ip4_address_t out_addr;
- u8 out_plen;
- u32 sharing_ratio;
- u16 ports_per_host;
- u32 ses_num;
-};
-
-/** \brief Close deterministic NAT session by outside address and port
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param out_addr - outside IPv4 address
- @param out_port - outside port
- @param ext_addr - external host IPv4 address
- @param ext_port - external host port
-*/
-autoreply define nat_det_close_session_out {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t out_addr;
- u16 out_port;
- vl_api_ip4_address_t ext_addr;
- u16 ext_port;
-};
-
-/** \brief Close deterministic NAT session by inside address and port
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param in_addr - inside IP address
- @param in_port - inside port
- @param ext_addr - external host IP address
- @param ext_port - external host port
-*/
-autoreply define nat_det_close_session_in {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t in_addr;
- u16 in_port;
- vl_api_ip4_address_t ext_addr;
- u16 ext_port;
-};
-
-/** \brief Dump determinstic NAT sessions
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param user_addr - address of an inside user whose sessions to dump
-*/
-define nat_det_session_dump {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t user_addr;
-};
-
-/** \brief Deterministic NAT sessions reply
- @param context - sender context, to match reply w/ request
- @param in_port - inside port
- @param ext_addr - external host IPv4 address
- @param ext_port - external host port
- @param out_port - outside NAT port
- @param state - session state
- @param expire - session expiration timestamp
-*/
-define nat_det_session_details {
- u32 context;
- u16 in_port;
- vl_api_ip4_address_t ext_addr;
- u16 ext_port;
- u16 out_port;
- u8 state;
- u32 expire;
-};
-
/*
* NAT64 APIs
*/
bool is_add;
vl_api_interface_index_t sw_if_index;
};
-
-/*
- * DS-Lite APIs
- */
-
-/** \brief Add/delete address range to DS-Lite pool
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param start_addr - start IPv4 address of the range
- @param end_addr - end IPv4 address of the range
- @param is_add - true if add, false if delete
-*/
-autoreply define dslite_add_del_pool_addr_range {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t start_addr;
- vl_api_ip4_address_t end_addr;
- bool is_add;
-};
-
-/** \brief Dump DS-Lite addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define dslite_address_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief DS-Lite address details response
- @param context - sender context, to match reply w/ request
- @param ip_address - IPv4 address
-*/
-define dslite_address_details {
- u32 context;
- vl_api_ip4_address_t ip_address;
-};
-
-/** \brief Set AFTR IPv6 and IPv4 addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param ip4_addr - IPv4 address
- @param ip6_addr - IPv6 address
-*/
-autoreply define dslite_set_aftr_addr {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t ip4_addr;
- vl_api_ip6_address_t ip6_addr;
-};
-
-/** \brief Get AFTR IPv6 and IPv4 addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define dslite_get_aftr_addr {
- u32 client_index;
- u32 context;
-};
-
-/** \brief Response to get AFTR IPv6 and IPv4 addresses
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param ip4_addr - IPv4 address
- @param ip6_addr - IPv6 address
-*/
-define dslite_get_aftr_addr_reply {
- u32 context;
- i32 retval;
- vl_api_ip4_address_t ip4_addr;
- vl_api_ip6_address_t ip6_addr;
-};
-
-/** \brief Set B4 IPv6 and IPv4 addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param ip4_addr - IPv4 address
- @param ip6_addr - IPv6 address
-*/
-autoreply define dslite_set_b4_addr {
- u32 client_index;
- u32 context;
- vl_api_ip4_address_t ip4_addr;
- vl_api_ip6_address_t ip6_addr;
-};
-
-/** \brief Get B4 IPv6 and IPv4 addresses
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define dslite_get_b4_addr {
- u32 client_index;
- u32 context;
-};
-
-/** \brief Response to get B4 IPv6 and IPv4 addresses
- @param context - sender context, to match reply w/ request
- @param retval - return code
- @param ip4_addr - IPv4 address
- @param ip6_addr - IPv6 address
-*/
-define dslite_get_b4_addr_reply {
- u32 context;
- i32 retval;
- vl_api_ip4_address_t ip4_addr;
- vl_api_ip6_address_t ip6_addr;
-};
-
-/*
- * NAT66 APIs
- */
-/** \brief Enable/disable NAT66 feature on the interface
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - true if add, false if delete
- @param flags - flag NAT_IS_INSIDE if interface is inside or
- interface is outside,
- @param sw_if_index - software index of the interface
-*/
-autoreply define nat66_add_del_interface {
- u32 client_index;
- u32 context;
- bool is_add;
- vl_api_nat_config_flags_t flags;
- vl_api_interface_index_t sw_if_index;
-};
-
-/** \brief Dump interfaces with NAT66 feature
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat66_interface_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief NAT66 interface details response
- @param context - sender context, to match reply w/ request
- @param flags - flag NAT_IS_INSIDE if interface is inside or
- interface is outside,
- @param sw_if_index - software index of the interface
-*/
-define nat66_interface_details {
- u32 context;
- vl_api_nat_config_flags_t flags;
- vl_api_interface_index_t sw_if_index;
-};
-
-/** \brief Add/delete 1:1 NAT66
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - true if add, false if delete
- @param local_ip_address - local IPv6 address
- @param external_ip_address - external IPv6 address
- @param vrf_id - VRF id of tenant
-*/
-autoreply define nat66_add_del_static_mapping {
- u32 client_index;
- u32 context;
- bool is_add;
- vl_api_ip6_address_t local_ip_address;
- vl_api_ip6_address_t external_ip_address;
- u32 vrf_id;
-};
-
-/** \brief Dump NAT66 static mappings
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
-*/
-define nat66_static_mapping_dump {
- u32 client_index;
- u32 context;
-};
-
-/** \brief NAT66 static mapping details response
- @param context - sender context, to match reply w/ request
- @param local_ip_address - local IPv6 address
- @param external_ip_address - external IPv6 address
- @param vrf_id - VRF id of tenant
- @param total_bytes - count of bytes sent through static mapping
- @param total_pkts - count of pakets sent through static mapping
-*/
-define nat66_static_mapping_details {
- u32 context;
- vl_api_ip6_address_t local_ip_address;
- vl_api_ip6_address_t external_ip_address;
- u32 vrf_id;
- u64 total_bytes;
- u64 total_pkts;
-};