lb_sm.external_addr,
lb_sm.external_port,
lb_sm.protocol,
- vrf_id=lb_sm.vrf_id,
twice_nat=lb_sm.twice_nat,
self_twice_nat=lb_sm.self_twice_nat,
out2in_only=lb_sm.out2in_only,
self.vapi.nat_set_reass()
self.vapi.nat_set_reass(is_ip6=1)
+ self.verify_no_nat44_user()
def nat44_add_static_mapping(self, local_ip, external_ip='0.0.0.0',
local_port=0, external_port=0, vrf_id=0,
# postNAPTDestinationTransportPort
self.assertEqual(struct.pack("!H", dst_port), record[228])
+ def verify_no_nat44_user(self):
+ """ Verify that there is no NAT44 user """
+ users = self.vapi.nat44_user_dump()
+ self.assertEqual(len(users), 0)
+
class TestNAT44(MethodHolder):
""" NAT44 Test Cases """
self.verify_capture_out(capture, same_port=True, packet_num=1)
self.assert_equal(capture[0][IP].proto, IP_PROTOS.icmp)
- def _test_forwarding(self):
+ def test_forwarding(self):
""" NAT44 forwarding test """
self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index)
external_ip=alias_ip)
try:
- # in2out - static mapping match
+ # static mapping match
pkts = self.create_stream_out(self.pg1)
self.pg1.add_stream(pkts)
capture = self.pg1.get_capture(len(pkts))
self.verify_capture_out(capture, same_port=True)
- # in2out - no static mapping match
+ # no static mapping match
host0 = self.pg0.remote_hosts[0]
self.pg0.remote_hosts[0] = self.pg0.remote_hosts[1]
finally:
self.pg0.remote_hosts[0] = host0
- user = self.pg0.remote_hosts[1]
- sessions = self.vapi.nat44_user_session_dump(user.ip4n, 0)
- self.assertEqual(len(sessions), 3)
- self.assertTrue(sessions[0].ext_host_valid)
- self.vapi.nat44_del_session(
- sessions[0].inside_ip_address,
- sessions[0].inside_port,
- sessions[0].protocol,
- ext_host_address=sessions[0].ext_host_address,
- ext_host_port=sessions[0].ext_host_port)
- sessions = self.vapi.nat44_user_session_dump(user.ip4n, 0)
- self.assertEqual(len(sessions), 2)
-
finally:
self.vapi.nat44_forwarding_enable_disable(0)
self.vapi.nat44_add_del_static_mapping(local_ip=real_ip,
sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0)
self.assertEqual(nsessions - len(sessions), 2)
+ self.vapi.nat44_del_session(sessions[0].inside_ip_address,
+ sessions[0].inside_port,
+ sessions[0].protocol)
+
+ self.verify_no_nat44_user()
+
def test_set_get_reass(self):
""" NAT44 set/get virtual fragmentation reassembly """
reas_cfg1 = self.vapi.nat_get_reass()
locals = [{'addr': server1.ip4n,
'port': local_port,
- 'probability': 70},
+ 'probability': 70,
+ 'vrf_id': 0},
{'addr': server2.ip4n,
'port': local_port,
- 'probability': 30}]
+ 'probability': 30,
+ 'vrf_id': 0}]
self.nat44_add_address(self.nat_addr)
self.vapi.nat44_add_del_lb_static_mapping(external_addr_n,
locals = [{'addr': server1.ip4n,
'port': local_port,
- 'probability': 90},
+ 'probability': 90,
+ 'vrf_id': 0},
{'addr': server2.ip4n,
'port': local_port,
- 'probability': 10}]
+ 'probability': 10,
+ 'vrf_id': 0}]
self.nat44_add_address(self.nat_addr)
self.vapi.nat44_add_del_lb_static_mapping(external_addr_n,
locals = [{'addr': server1.ip4n,
'port': local_port,
- 'probability': 70},
+ 'probability': 70,
+ 'vrf_id': 0},
{'addr': server2.ip4n,
'port': local_port,
- 'probability': 30}]
+ 'probability': 30,
+ 'vrf_id': 0}]
self.vapi.nat44_forwarding_enable_disable(1)
self.vapi.nat44_add_del_lb_static_mapping(external_addr_n,
else:
locals = [{'addr': server1.ip4n,
'port': port_in1,
- 'probability': 50},
+ 'probability': 50,
+ 'vrf_id': 0},
{'addr': server2.ip4n,
'port': port_in2,
- 'probability': 50}]
+ 'probability': 50,
+ 'vrf_id': 0}]
out_addr_n = socket.inet_pton(socket.AF_INET, self.nat_addr)
self.vapi.nat44_add_del_lb_static_mapping(out_addr_n,
port_out,
self.nat_addr_n)
self.vapi.nat64_add_del_interface(self.pg0.sw_if_index)
self.vapi.nat64_add_del_interface(self.pg1.sw_if_index, is_inside=0)
- self.vapi.nat64_set_timeouts(icmp=5)
+ self.vapi.nat64_set_timeouts(icmp=5, tcp_trans=5, tcp_est=5)
pkts = self.create_stream_in_ip6(self.pg0, self.pg1)
self.pg0.add_stream(pkts)
sleep(15)
- # ICMP session after timeout
+ # ICMP and TCP session after timeout
ses_num_after_timeout = self.nat64_get_ses_num()
- self.assertNotEqual(ses_num_before_timeout, ses_num_after_timeout)
+ self.assertEqual(ses_num_before_timeout - ses_num_after_timeout, 2)
def test_icmp_error(self):
""" NAT64 ICMP Error message translation """
Code Review / vpp.git / blobdiff