NAT44: nat44_add_del_lb_static_mapping enhancements (VPP-1514)

[vpp.git] / src / plugins / nat / nat44_cli.c

diff --git a/src/plugins/nat/nat44_cli.c b/src/plugins/nat/nat44_cli.c
index 17a3827..9aaa849 100644 (file)
--- a/src/plugins/nat/nat44_cli.c
+++ b/src/plugins/nat/nat44_cli.c
@@ -291,6 +291,56 @@ nat44_show_alloc_addr_and_port_alg_command_fn (vlib_main_t * vm,
   return 0;
 }
 
+static clib_error_t *
+nat_set_mss_clamping_command_fn (vlib_main_t * vm, unformat_input_t * input,
+                                vlib_cli_command_t * cmd)
+{
+  unformat_input_t _line_input, *line_input = &_line_input;
+  snat_main_t *sm = &snat_main;
+  clib_error_t *error = 0;
+  u32 mss;
+
+  /* Get a line of input. */
+  if (!unformat_user (input, unformat_line_input, line_input))
+    return 0;
+
+  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat (line_input, "disable"))
+       sm->mss_clamping = 0;
+      else if (unformat (line_input, "%d", &mss))
+       {
+         sm->mss_clamping = (u16) mss;
+         sm->mss_value_net = clib_host_to_net_u16 (sm->mss_clamping);
+       }
+      else
+       {
+         error = clib_error_return (0, "unknown input '%U'",
+                                    format_unformat_error, line_input);
+         goto done;
+       }
+    }
+
+done:
+  unformat_free (line_input);
+
+  return error;
+}
+
+static clib_error_t *
+nat_show_mss_clamping_command_fn (vlib_main_t * vm, unformat_input_t * input,
+                                 vlib_cli_command_t * cmd)
+{
+  snat_main_t *sm = &snat_main;
+
+  if (sm->mss_clamping)
+    vlib_cli_output (vm, "mss-clamping %d", sm->mss_clamping);
+  else
+    vlib_cli_output (vm, "mss-clamping disabled");
+
+  return 0;
+}
+
 static clib_error_t *
 add_address_command_fn (vlib_main_t * vm,
                        unformat_input_t * input, vlib_cli_command_t * cmd)
@@ -668,7 +718,7 @@ add_static_mapping_command_fn (vlib_main_t * vm,
 
   rv = snat_add_static_mapping (l_addr, e_addr, (u16) l_port, (u16) e_port,
                                vrf_id, addr_only, sw_if_index, proto, is_add,
-                               twice_nat, out2in_only, 0);
+                               twice_nat, out2in_only, 0, 0);
 
   switch (rv)
     {
@@ -677,7 +727,7 @@ add_static_mapping_command_fn (vlib_main_t * vm,
       goto done;
     case VNET_API_ERROR_NO_SUCH_ENTRY:
       if (is_add)
-       error = clib_error_return (0, "External addres must be allocated.");
+       error = clib_error_return (0, "External address must be allocated.");
       else
        error = clib_error_return (0, "Mapping not exist.");
       goto done;
@@ -752,7 +802,7 @@ add_identity_mapping_command_fn (vlib_main_t * vm,
 
   rv = snat_add_static_mapping (addr, addr, (u16) port, (u16) port,
                                vrf_id, addr_only, sw_if_index, proto, is_add,
-                               0, 0, 0);
+                               0, 0, 0, 1);
 
   switch (rv)
     {
@@ -761,7 +811,7 @@ add_identity_mapping_command_fn (vlib_main_t * vm,
       goto done;
     case VNET_API_ERROR_NO_SUCH_ENTRY:
       if (is_add)
-       error = clib_error_return (0, "External addres must be allocated.");
+       error = clib_error_return (0, "External address must be allocated.");
       else
        error = clib_error_return (0, "Mapping not exist.");
       goto done;
@@ -811,7 +861,7 @@ add_lb_static_mapping_command_fn (vlib_main_t * vm,
       if (unformat (line_input, "local %U:%u probability %u",
                    unformat_ip4_address, &l_addr, &l_port, &probability))
        {
-         memset (&local, 0, sizeof (local));
+         clib_memset (&local, 0, sizeof (local));
          local.addr = l_addr;
          local.port = (u16) l_port;
          local.probability = (u8) probability;
@@ -821,7 +871,7 @@ add_lb_static_mapping_command_fn (vlib_main_t * vm,
                         unformat_ip4_address, &l_addr, &l_port, &vrf_id,
                         &probability))
        {
-         memset (&local, 0, sizeof (local));
+         clib_memset (&local, 0, sizeof (local));
          local.addr = l_addr;
          local.port = (u16) l_port;
          local.probability = (u8) probability;
@@ -875,7 +925,7 @@ add_lb_static_mapping_command_fn (vlib_main_t * vm,
       goto done;
     case VNET_API_ERROR_NO_SUCH_ENTRY:
       if (is_add)
-       error = clib_error_return (0, "External addres must be allocated.");
+       error = clib_error_return (0, "External address must be allocated.");
       else
        error = clib_error_return (0, "Mapping not exist.");
       goto done;
@@ -897,6 +947,98 @@ done:
   return error;
 }
 
+static clib_error_t *
+add_lb_backend_command_fn (vlib_main_t * vm,
+                          unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+  unformat_input_t _line_input, *line_input = &_line_input;
+  snat_main_t *sm = &snat_main;
+  clib_error_t *error = 0;
+  ip4_address_t l_addr, e_addr;
+  u32 l_port = 0, e_port = 0, vrf_id = 0, probability = 0;
+  int is_add = 1;
+  int rv;
+  snat_protocol_t proto;
+  u8 proto_set = 0;
+
+  if (sm->deterministic)
+    return clib_error_return (0, UNSUPPORTED_IN_DET_MODE_STR);
+
+  /* Get a line of input. */
+  if (!unformat_user (input, unformat_line_input, line_input))
+    return 0;
+
+  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat (line_input, "local %U:%u probability %u",
+                   unformat_ip4_address, &l_addr, &l_port, &probability))
+       ;
+      else if (unformat (line_input, "local %U:%u vrf %u probability %u",
+                        unformat_ip4_address, &l_addr, &l_port, &vrf_id,
+                        &probability))
+       ;
+      else if (unformat (line_input, "external %U:%u", unformat_ip4_address,
+                        &e_addr, &e_port))
+       ;
+      else if (unformat (line_input, "protocol %U", unformat_snat_protocol,
+                        &proto))
+       proto_set = 1;
+      else if (unformat (line_input, "del"))
+       is_add = 0;
+      else
+       {
+         error = clib_error_return (0, "unknown input: '%U'",
+                                    format_unformat_error, line_input);
+         goto done;
+       }
+    }
+
+  if (!l_port || !e_port)
+    {
+      error = clib_error_return (0, "local or external must be set");
+      goto done;
+    }
+
+  if (!proto_set)
+    {
+      error = clib_error_return (0, "missing protocol");
+      goto done;
+    }
+
+  rv =
+    nat44_lb_static_mapping_add_del_local (e_addr, (u16) e_port, l_addr,
+                                          l_port, proto, vrf_id, probability,
+                                          is_add);
+
+  switch (rv)
+    {
+    case VNET_API_ERROR_INVALID_VALUE:
+      error = clib_error_return (0, "External is not load-balancing static "
+                                "mapping.");
+      goto done;
+    case VNET_API_ERROR_NO_SUCH_ENTRY:
+      error = clib_error_return (0, "Mapping or back-end not exist.");
+      goto done;
+    case VNET_API_ERROR_VALUE_EXIST:
+      error = clib_error_return (0, "Back-end already exist.");
+      goto done;
+    case VNET_API_ERROR_FEATURE_DISABLED:
+      error =
+       clib_error_return (0, "Available only for endpoint-dependent mode.");
+      goto done;
+    case VNET_API_ERROR_UNSPECIFIED:
+      error = clib_error_return (0, "At least two back-ends must remain");
+      goto done;
+    default:
+      break;
+    }
+
+done:
+  unformat_free (line_input);
+
+  return error;
+}
+
 static clib_error_t *
 nat44_show_static_mappings_command_fn (vlib_main_t * vm,
                                       unformat_input_t * input,
@@ -1702,6 +1844,32 @@ VLIB_CLI_COMMAND (nat44_show_alloc_addr_and_port_alg_command, static) = {
     .function = nat44_show_alloc_addr_and_port_alg_command_fn,
 };
 
+/*?
+ * @cliexpar
+ * @cliexstart{nat mss-clamping}
+ * Set TCP MSS rewriting configuration
+ * To enable TCP MSS rewriting use:
+ *  vpp# nat mss-clamping 1452
+ * To disbale TCP MSS rewriting use:
+ *  vpp# nat mss-clamping disable
+?*/
+VLIB_CLI_COMMAND (nat_set_mss_clamping_command, static) = {
+    .path = "nat mss-clamping",
+    .short_help = "nat mss-clamping <mss-value>|disable",
+    .function = nat_set_mss_clamping_command_fn,
+};
+
+/*?
+ * @cliexpar
+ * @cliexstart{nat mss-clamping}
+ * Show TCP MSS rewriting configuration
+?*/
+VLIB_CLI_COMMAND (nat_show_mss_clamping_command, static) = {
+    .path = "show nat mss-clamping",
+    .short_help = "show nat mss-clamping",
+    .function = nat_show_mss_clamping_command_fn,
+};
+
 /*?
  * @cliexpar
  * @cliexstart{show nat44 hash tables}
@@ -1858,6 +2026,24 @@ VLIB_CLI_COMMAND (add_lb_static_mapping_command, static) = {
     "[affinity <timeout-seconds>] [del]",
 };
 
+/*?
+ * @cliexpar
+ * @cliexstart{nat44 add load-balancing static mapping}
+ * Modify service load balancing using NAT44
+ * To add new back-end server 10.100.10.30:8080 for service load balancing
+ * static mapping with external IP address 1.2.3.4 and TCP port 80 use:
+ *  vpp# nat44 add load-balancing back-end protocol tcp external 1.2.3.4:80 local 10.100.10.30:8080 probability 25
+ * @cliexend
+?*/
+VLIB_CLI_COMMAND (add_lb_backend_command, static) = {
+  .path = "nat44 add load-balancing back-end",
+  .function = add_lb_backend_command_fn,
+  .short_help =
+    "nat44 add load-balancing back-end protocol tcp|udp "
+    "external <addr>:<port> local <addr>:<port> [vrf <table-id>] "
+    "probability <n> [del]",
+};
+
 /*?
  * @cliexpar
  * @cliexstart{show nat44 static mappings}