u32 n_left_from, * from, * to_next;
nat44_classify_next_t next_index;
snat_main_t *sm = &snat_main;
+ snat_static_mapping_t *m;
from = vlib_frame_vector_args (frame);
n_left_from = frame->n_vectors;
kv0.key = m_key0.as_u64;
if (!clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv0, &value0))
{
- next0 = NAT44_CLASSIFY_NEXT_OUT2IN;
+ m = pool_elt_at_index (sm->static_mappings, value0.value);
+ if (m->local_addr.as_u32 != m->external_addr.as_u32)
+ next0 = NAT44_CLASSIFY_NEXT_OUT2IN;
goto enqueue0;
}
udp_header_t * udp0 = ip4_next_header (ip0);
m_key0.protocol = ip_proto_to_snat_proto (ip0->protocol);
kv0.key = m_key0.as_u64;
if (!clib_bihash_search_8_8 (&sm->static_mapping_by_external, &kv0, &value0))
- next0 = NAT44_CLASSIFY_NEXT_OUT2IN;
+ {
+ m = pool_elt_at_index (sm->static_mappings, value0.value);
+ if (m->local_addr.as_u32 != m->external_addr.as_u32)
+ next0 = NAT44_CLASSIFY_NEXT_OUT2IN;
+ }
}
enqueue0:
sw_if_index, 0, 0, 0);
vnet_feature_enable_disable ("ip4-unicast", feature_name,
sw_if_index, 1, 0, 0);
+ if (!is_inside)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 1, 0, 0);
}
else
{
vnet_feature_enable_disable ("ip4-unicast", feature_name,
sw_if_index, 0, 0, 0);
pool_put (sm->interfaces, i);
+ if (is_inside)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 0, 0, 0);
}
}
else
sw_if_index, 0, 0, 0);
vnet_feature_enable_disable ("ip4-unicast", feature_name,
sw_if_index, 1, 0, 0);
+ if (!is_inside)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 0, 0, 0);
goto set_flags;
}
i->flags = 0;
vnet_feature_enable_disable ("ip4-unicast", feature_name, sw_if_index, 1, 0, 0);
+ if (is_inside && !sm->out2in_dpo)
+ vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
+ sw_if_index, 1, 0, 0);
+
set_flags:
if (is_inside)
- i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
+ {
+ i->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
+ return 0;
+ }
else
i->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE;
/* Add/delete external addresses to FIB */
fib:
- if (is_inside && !sm->out2in_dpo)
- {
- vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
- sw_if_index, !is_del, 0, 0);
- return 0;
- }
-
vec_foreach (ap, sm->addresses)
snat_add_del_addr_to_fib(&ap->addr, 32, sw_if_index, !is_del);
pool_foreach (m, sm->static_mappings,
({
- if (!(m->addr_only))
+ if (!(m->addr_only) || (m->local_addr.as_u32 == m->external_addr.as_u32))
continue;
snat_add_del_addr_to_fib(&m->external_addr, 32, sw_if_index, !is_del);
nat44_lb_addr_port_t *local;
if (m->addr_only)
- s = format (s, "local %U external %U vrf %d %s",
+ s = format (s, "local %U external %U vrf %d %s %s",
format_ip4_address, &m->local_addr,
format_ip4_address, &m->external_addr,
m->vrf_id,
m->twice_nat == TWICE_NAT ? "twice-nat" :
- m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : "");
+ m->twice_nat == TWICE_NAT_SELF ? "self-twice-nat" : "",
+ m->out2in_only ? "out2in-only" : "");
else
{
if (vec_len (m->locals))
Code Review / vpp.git / blobdiff