X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=test%2Ftest_nat.py;h=f7364747efdae6bae26815b665cad40013baf9e3;hb=refs%2Fchanges%2F40%2F19940%2F2;hp=c88981b48b458c6f6a566d1611dbdfeea54e91fe;hpb=dd1e3e780cd480e3f29fc34df48e605ded1acb2c;p=vpp.git diff --git a/test/test_nat.py b/test/test_nat.py index c88981b48b4..f7364747efd 100644 --- a/test/test_nat.py +++ b/test/test_nat.py @@ -23,7 +23,6 @@ from util import ip4_range from vpp_papi import mac_pton from syslog_rfc5424_parser import SyslogMessage, ParseError from syslog_rfc5424_parser.constants import SyslogFacility, SyslogSeverity -from vpp_papi_provider import SYSLOG_SEVERITY from io import BytesIO from vpp_papi import VppEnum from scapy.all import bind_layers, Packet, ByteEnumField, ShortField, \ @@ -75,6 +74,10 @@ class MethodHolder(VppTestCase): def config_flags(self): return VppEnum.vl_api_nat_config_flags_t + @property + def SYSLOG_SEVERITY(self): + return VppEnum.vl_api_syslog_severity_t + def clear_nat44(self): """ Clear NAT44 configuration. @@ -106,90 +109,95 @@ class MethodHolder(VppTestCase): if self.pg7.has_ip4_config: self.pg7.unconfig_ip4() - self.vapi.nat44_forwarding_enable_disable(0) + self.vapi.nat44_forwarding_enable_disable(enable=0) interfaces = self.vapi.nat44_interface_addr_dump() for intf in interfaces: - self.vapi.nat44_add_del_interface_addr(intf.sw_if_index, - flags=intf.flags, - is_add=0) + self.vapi.nat44_add_del_interface_addr( + is_add=0, + sw_if_index=intf.sw_if_index, + flags=intf.flags) - self.vapi.nat_ipfix_enable_disable(enable=0, + self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, src_port=self.ipfix_src_port, - domain_id=self.ipfix_domain_id) + enable=0) self.ipfix_src_port = 4739 self.ipfix_domain_id = 1 - self.vapi.syslog_set_filter(SYSLOG_SEVERITY.EMERG) + self.vapi.syslog_set_filter( + self.SYSLOG_SEVERITY.SYSLOG_API_SEVERITY_EMERG) - self.vapi.nat_ha_set_listener('0.0.0.0', 0) - self.vapi.nat_ha_set_failover('0.0.0.0', 0) + self.vapi.nat_ha_set_listener(ip_address='0.0.0.0', port=0, + path_mtu=512) + self.vapi.nat_ha_set_failover(ip_address='0.0.0.0', port=0, + session_refresh_interval=10) interfaces = self.vapi.nat44_interface_dump() for intf in interfaces: if intf.flags & self.config_flags.NAT_IS_INSIDE and \ - intf.flags & self.config_flags.NAT_IS_OUTSIDE: - self.vapi.nat44_interface_add_del_feature(intf.sw_if_index, - is_add=0) - self.vapi.nat44_interface_add_del_feature(intf.sw_if_index, - is_add=0, - flags=intf.flags) + intf.flags & self.config_flags.NAT_IS_OUTSIDE: + self.vapi.nat44_interface_add_del_feature( + sw_if_index=intf.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=intf.sw_if_index, + flags=intf.flags) interfaces = self.vapi.nat44_interface_output_feature_dump() for intf in interfaces: - self.vapi.nat44_interface_add_del_output_feature(intf.sw_if_index, - is_add=0, - flags=intf.flags) + self.vapi.nat44_interface_add_del_output_feature( + is_add=0, + flags=intf.flags, + sw_if_index=intf.sw_if_index) static_mappings = self.vapi.nat44_static_mapping_dump() for sm in static_mappings: self.vapi.nat44_add_del_static_mapping( - sm.local_ip_address, - sm.external_ip_address, - sm.external_sw_if_index, - sm.local_port, - sm.external_port, - sm.vrf_id, - sm.protocol, is_add=0, - flags=sm.flags, - tag=sm.tag) + local_ip_address=sm.local_ip_address, + external_ip_address=sm.external_ip_address, + external_sw_if_index=sm.external_sw_if_index, + local_port=sm.local_port, + external_port=sm.external_port, + vrf_id=sm.vrf_id, + protocol=sm.protocol, + flags=sm.flags, tag=sm.tag) lb_static_mappings = self.vapi.nat44_lb_static_mapping_dump() for lb_sm in lb_static_mappings: self.vapi.nat44_add_del_lb_static_mapping( - lb_sm.external_addr, - lb_sm.external_port, - lb_sm.protocol, - tag=lb_sm.tag, is_add=0, - local_num=0, - locals=[], - flags=lb_sm.flags) + flags=lb_sm.flags, + external_addr=lb_sm.external_addr, + external_port=lb_sm.external_port, + protocol=lb_sm.protocol, + local_num=0, locals=[], + tag=lb_sm.tag) identity_mappings = self.vapi.nat44_identity_mapping_dump() for id_m in identity_mappings: self.vapi.nat44_add_del_identity_mapping( - flags=id_m.flags, - ip=id_m.ip_address, - port=id_m.port, + ip_address=id_m.ip_address, sw_if_index=id_m.sw_if_index, + port=id_m.port, + flags=id_m.flags, vrf_id=id_m.vrf_id, - protocol=id_m.protocol, - is_add=0) + protocol=id_m.protocol) addresses = self.vapi.nat44_address_dump() for addr in addresses: - self.vapi.nat44_add_del_address_range(addr.ip_address, - addr.ip_address, - is_add=0, - flags=addr.flags) - - self.vapi.nat_set_reass() - self.vapi.nat_set_reass(is_ip6=1) + self.vapi.nat44_add_del_address_range( + first_ip_address=addr.ip_address, + last_ip_address=addr.ip_address, + vrf_id=0xFFFFFFFF, flags=addr.flags) + + self.vapi.nat_set_reass(timeout=2, max_reass=1024, max_frag=5, + drop_frag=0) + self.vapi.nat_set_reass(timeout=2, max_reass=1024, max_frag=5, + drop_frag=0, is_ip6=1) self.verify_no_nat44_user() - self.vapi.nat_set_timeouts() + self.vapi.nat_set_timeouts(udp=300, tcp_established=7440, + tcp_transitory=240, icmp=60) self.vapi.nat_set_addr_and_port_alloc_alg() - self.vapi.nat_set_mss_clamping() + self.vapi.nat_set_mss_clamping(enable=0, mss_value=1500) def nat44_add_static_mapping(self, local_ip, external_ip='0.0.0.0', local_port=0, external_port=0, vrf_id=0, @@ -214,16 +222,15 @@ class MethodHolder(VppTestCase): flags |= self.config_flags.NAT_IS_ADDR_ONLY self.vapi.nat44_add_del_static_mapping( - local_ip, - external_ip, - external_sw_if_index, - local_port, - external_port, - vrf_id, - proto, - is_add, - flags, - tag) + is_add=is_add, + local_ip_address=local_ip, + external_ip_address=external_ip, + external_sw_if_index=external_sw_if_index, + local_port=local_port, + external_port=external_port, + vrf_id=vrf_id, protocol=proto, + flags=flags, + tag=tag) def nat44_add_address(self, ip, is_add=1, vrf_id=0xFFFFFFFF, twice_nat=0): """ @@ -234,8 +241,10 @@ class MethodHolder(VppTestCase): :param twice_nat: twice NAT address for external hosts """ flags = self.config_flags.NAT_IS_TWICE_NAT if twice_nat else 0 - self.vapi.nat44_add_del_address_range(ip, ip, is_add, + self.vapi.nat44_add_del_address_range(first_ip_address=ip, + last_ip_address=ip, vrf_id=vrf_id, + is_add=is_add, flags=flags) def create_stream_in(self, in_if, out_if, dst_ip=None, ttl=64): @@ -874,7 +883,8 @@ class MethodHolder(VppTestCase): record[225]) # ingressVRFID self.assertEqual(struct.pack("!I", 0), record[234]) - # protocolIdentifier/sourceTransportPort/postNAPTSourceTransportPort + # protocolIdentifier/sourceTransportPort + # /postNAPTSourceTransportPort if IP_PROTOS.icmp == scapy.compat.orb(record[4]): self.assertEqual(struct.pack("!H", self.icmp_id_in), record[7]) self.assertEqual(struct.pack("!H", self.icmp_id_out), @@ -1559,18 +1569,21 @@ class TestNAT44(MethodHolder): """ NAT44 dynamic translation test """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # in2out - tcpn = self.statistics.get_counter( + tcpn = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/TCP packets') - udpn = self.statistics.get_counter( + udpn = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/UDP packets') - icmpn = self.statistics.get_counter( + icmpn = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/ICMP packets') - totaln = self.statistics.get_counter( + totaln = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/good in2out packets processed') pkts = self.create_stream_in(self.pg0, self.pg1) @@ -1580,24 +1593,25 @@ class TestNAT44(MethodHolder): capture = self.pg1.get_capture(len(pkts)) self.verify_capture_out(capture) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/TCP packets') self.assertEqual(err - tcpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/UDP packets') self.assertEqual(err - udpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/ICMP packets') self.assertEqual(err - icmpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-in2out-slowpath/good in2out packets processed') self.assertEqual(err - totaln, 3) # out2in - tcpn = self.statistics.get_counter('/err/nat44-out2in/TCP packets') - udpn = self.statistics.get_counter('/err/nat44-out2in/UDP packets') - icmpn = self.statistics.get_counter('/err/nat44-out2in/ICMP packets') - totaln = self.statistics.get_counter( + tcpn = self.statistics.get_err_counter('/err/nat44-out2in/TCP packets') + udpn = self.statistics.get_err_counter('/err/nat44-out2in/UDP packets') + icmpn = self.statistics.get_err_counter( + '/err/nat44-out2in/ICMP packets') + totaln = self.statistics.get_err_counter( '/err/nat44-out2in/good out2in packets processed') pkts = self.create_stream_out(self.pg1) @@ -1607,13 +1621,13 @@ class TestNAT44(MethodHolder): capture = self.pg0.get_capture(len(pkts)) self.verify_capture_in(capture, self.pg0) - err = self.statistics.get_counter('/err/nat44-out2in/TCP packets') + err = self.statistics.get_err_counter('/err/nat44-out2in/TCP packets') self.assertEqual(err - tcpn, 1) - err = self.statistics.get_counter('/err/nat44-out2in/UDP packets') + err = self.statistics.get_err_counter('/err/nat44-out2in/UDP packets') self.assertEqual(err - udpn, 1) - err = self.statistics.get_counter('/err/nat44-out2in/ICMP packets') + err = self.statistics.get_err_counter('/err/nat44-out2in/ICMP packets') self.assertEqual(err - icmpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-out2in/good out2in packets processed') self.assertEqual(err - totaln, 3) @@ -1627,9 +1641,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # Client side - generate traffic pkts = self.create_stream_in(self.pg0, self.pg1, ttl=1) @@ -1646,9 +1663,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # Client side - create sessions pkts = self.create_stream_in(self.pg0, self.pg1) @@ -1674,9 +1694,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # Client side - generate traffic pkts = self.create_stream_in(self.pg0, self.pg1, ttl=2) @@ -1702,9 +1725,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # Client side - create sessions pkts = self.create_stream_in(self.pg0, self.pg1) @@ -1738,9 +1764,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IP(src=self.pg1.remote_ip4, dst=self.pg1.local_ip4) / @@ -1766,9 +1795,12 @@ class TestNAT44(MethodHolder): self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # out2in pkt = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / @@ -1796,16 +1828,21 @@ class TestNAT44(MethodHolder): """ NAT44 forwarding test """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat44_forwarding_enable_disable(enable=1) real_ip = self.pg0.remote_ip4n alias_ip = self.nat_addr flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_static_mapping(local_ip=real_ip, - external_ip=alias_ip, + self.vapi.nat44_add_del_static_mapping(is_add=1, + local_ip_address=real_ip, + external_ip_address=alias_ip, + external_sw_if_index=0xFFFFFFFF, flags=flags) try: @@ -1850,11 +1887,14 @@ class TestNAT44(MethodHolder): self.pg0.remote_hosts[0] = host0 finally: - self.vapi.nat44_forwarding_enable_disable(0) + self.vapi.nat44_forwarding_enable_disable(enable=0) flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_static_mapping(local_ip=real_ip, - external_ip=alias_ip, - is_add=0, flags=flags) + self.vapi.nat44_add_del_static_mapping( + is_add=0, + local_ip_address=real_ip, + external_ip_address=alias_ip, + external_sw_if_index=0xFFFFFFFF, + flags=flags) def test_static_in(self): """ 1:1 NAT initialized from inside network """ @@ -1866,9 +1906,12 @@ class TestNAT44(MethodHolder): self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) sm = self.vapi.nat44_static_mapping_dump() self.assertEqual(len(sm), 1) self.assertEqual((sm[0].tag).split(b'\0', 1)[0], b'') @@ -1903,9 +1946,12 @@ class TestNAT44(MethodHolder): self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip, tag=tag) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) sm = self.vapi.nat44_static_mapping_dump() self.assertEqual(len(sm), 1) self.assertEqual((sm[0].tag).split(b'\0', 1)[0], tag) @@ -1944,9 +1990,12 @@ class TestNAT44(MethodHolder): self.icmp_id_in, self.icmp_id_out, proto=IP_PROTOS.icmp) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # in2out pkts = self.create_stream_in(self.pg0, self.pg1) @@ -1982,9 +2031,12 @@ class TestNAT44(MethodHolder): self.icmp_id_in, self.icmp_id_out, proto=IP_PROTOS.icmp) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # out2in pkts = self.create_stream_out(self.pg1) @@ -2016,11 +2068,15 @@ class TestNAT44(MethodHolder): self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip2, vrf_id=10) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg3.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg4.sw_if_index, - flags=flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg3.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg4.sw_if_index, + flags=flags, is_add=1) # inside interface VRF match NAT44 static mapping VRF pkts = self.create_stream_in(self.pg4, self.pg3) @@ -2047,9 +2103,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # dynamic pkts = self.create_stream_in(self.pg0, self.pg1) @@ -2073,12 +2132,16 @@ class TestNAT44(MethodHolder): def test_identity_nat(self): """ Identity NAT """ flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_identity_mapping(ip=self.pg0.remote_ip4n, - flags=flags) + self.vapi.nat44_add_del_identity_mapping( + ip_address=self.pg0.remote_ip4n, sw_if_index=0xFFFFFFFF, + flags=flags, is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / IP(src=self.pg1.remote_ip4, dst=self.pg0.remote_ip4) / @@ -2103,8 +2166,9 @@ class TestNAT44(MethodHolder): sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0) self.assertEqual(len(sessions), 0) flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_identity_mapping(ip=self.pg0.remote_ip4n, - flags=flags, vrf_id=1) + self.vapi.nat44_add_del_identity_mapping( + ip_address=self.pg0.remote_ip4n, sw_if_index=0xFFFFFFFF, + flags=flags, vrf_id=1, is_add=1) identity_mappings = self.vapi.nat44_identity_mapping_dump() self.assertEqual(len(identity_mappings), 2) @@ -2113,11 +2177,15 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg3.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg3.sw_if_index, + is_add=1) # between two NAT44 inside interfaces (no translation) pkts = self.create_stream_in(self.pg0, self.pg1) @@ -2173,13 +2241,18 @@ class TestNAT44(MethodHolder): static_nat_ip = "10.0.0.10" self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg3.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg4.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg5.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg6.sw_if_index, - flags=flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg3.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg4.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg5.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg6.sw_if_index, + flags=flags, is_add=1) self.nat44_add_static_mapping(self.pg6.remote_ip4, static_nat_ip, vrf_id=20) @@ -2332,9 +2405,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # add static mapping for server self.nat44_add_static_mapping(server.ip4, self.nat_addr, @@ -2397,9 +2473,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # add static mapping for servers self.nat44_add_static_mapping(server1.ip4, server1_nat_ip) @@ -2556,9 +2635,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # get maximum number of translations per user nat44_config = self.vapi.nat_show_config() @@ -2605,7 +2687,9 @@ class TestNAT44(MethodHolder): def test_interface_addr(self): """ Acquire NAT44 addresses from interface """ - self.vapi.nat44_add_del_interface_addr(self.pg7.sw_if_index) + self.vapi.nat44_add_del_interface_addr( + is_add=1, + sw_if_index=self.pg7.sw_if_index) # no address in NAT pool addresses = self.vapi.nat44_address_dump() @@ -2626,7 +2710,9 @@ class TestNAT44(MethodHolder): """ Static mapping with addresses from interface """ tag = b"testTAG" - self.vapi.nat44_add_del_interface_addr(self.pg7.sw_if_index) + self.vapi.nat44_add_del_interface_addr( + is_add=1, + sw_if_index=self.pg7.sw_if_index) self.nat44_add_static_mapping( '1.2.3.4', external_sw_if_index=self.pg7.sw_if_index, @@ -2686,11 +2772,15 @@ class TestNAT44(MethodHolder): """ Identity NAT with addresses from interface """ port = 53053 - self.vapi.nat44_add_del_interface_addr(self.pg7.sw_if_index) + self.vapi.nat44_add_del_interface_addr( + is_add=1, + sw_if_index=self.pg7.sw_if_index) self.vapi.nat44_add_del_identity_mapping( + ip_address=b'0', sw_if_index=self.pg7.sw_if_index, port=port, - protocol=IP_PROTOS.tcp) + protocol=IP_PROTOS.tcp, + is_add=1) # identity mappings with external interface identity_mappings = self.vapi.nat44_identity_mapping_dump() @@ -2727,16 +2817,20 @@ class TestNAT44(MethodHolder): bind_layers(UDP, IPFIX, dport=30303) self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n, src_address=self.pg3.local_ip4n, path_mtu=512, template_interval=10, collector_port=collector_port) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) pkts = self.create_stream_in(self.pg0, self.pg1) self.pg0.add_stream(pkts) @@ -2768,15 +2862,19 @@ class TestNAT44(MethodHolder): def test_ipfix_addr_exhausted(self): """ IPFIX logging NAT addresses exhausted """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n, src_address=self.pg3.local_ip4n, path_mtu=512, template_interval=10) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) / @@ -2811,9 +2909,12 @@ class TestNAT44(MethodHolder): """ IPFIX logging maximum session entries exceeded """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) nat44_config = self.vapi.nat_show_config() max_sessions = 10 * nat44_config.translation_buckets @@ -2835,7 +2936,8 @@ class TestNAT44(MethodHolder): path_mtu=512, template_interval=10) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) / @@ -2867,13 +2969,17 @@ class TestNAT44(MethodHolder): def test_syslog_apmap(self): """ Test syslog address and port mapping creation and deletion """ - self.vapi.syslog_set_filter(SYSLOG_SEVERITY.INFO) + self.vapi.syslog_set_filter( + self.SYSLOG_SEVERITY.SYSLOG_API_SEVERITY_INFO) self.vapi.syslog_set_sender(self.pg3.local_ip4n, self.pg3.remote_ip4n) self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) / @@ -2897,9 +3003,12 @@ class TestNAT44(MethodHolder): static_addr = '10.0.0.10' self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.nat44_add_static_mapping(self.pg0.remote_ip4, static_addr) # NAT44 address @@ -2976,11 +3085,15 @@ class TestNAT44(MethodHolder): self.nat44_add_address(nat_ip1, vrf_id=vrf_id1) self.nat44_add_address(nat_ip2, vrf_id=vrf_id2) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg2.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg2.sw_if_index, + is_add=1) try: # first VRF @@ -3020,11 +3133,15 @@ class TestNAT44(MethodHolder): self.nat44_add_address(nat_ip1) self.nat44_add_address(nat_ip2, vrf_id=99) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg2.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg2.sw_if_index, + is_add=1) # first VRF pkts = self.create_stream_in(self.pg0, self.pg2) @@ -3069,9 +3186,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg7.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg8.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg7.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg8.sw_if_index, + is_add=1) # in2out pkts = self.create_stream_in(self.pg7, self.pg8) @@ -3116,9 +3236,12 @@ class TestNAT44(MethodHolder): self.nat44_add_static_mapping(self.pg7.remote_ip4, self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg7.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg8.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg7.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg8.sw_if_index, + is_add=1) # out2in pkts = self.create_stream_out(self.pg8) @@ -3176,9 +3299,12 @@ class TestNAT44(MethodHolder): self.icmp_id_in, self.icmp_id_out, proto=IP_PROTOS.icmp) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg7.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg8.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg7.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg8.sw_if_index, + is_add=1) # out2in pkts = self.create_stream_out(self.pg8) @@ -3201,9 +3327,12 @@ class TestNAT44(MethodHolder): nat_ip = "10.0.0.10" self.nat44_add_static_mapping(self.pg0.remote_ip4, nat_ip) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # in2out p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / @@ -3257,9 +3386,12 @@ class TestNAT44(MethodHolder): self.nat44_add_static_mapping(host.ip4, host_nat_ip) self.nat44_add_static_mapping(server.ip4, server_nat_ip) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # host to server p = (Ether(dst=self.pg0.local_mac, src=host.mac) / @@ -3305,11 +3437,15 @@ class TestNAT44(MethodHolder): """ NAT44 interface output feature (in2out postrouting) """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_output_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg3.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, flags=flags, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg3.sw_if_index) # in2out pkts = self.create_stream_in(self.pg0, self.pg3) @@ -3354,11 +3490,15 @@ class TestNAT44(MethodHolder): self.nat44_add_address(nat_ip_vrf10, vrf_id=10) self.nat44_add_address(nat_ip_vrf20, vrf_id=20) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_output_feature(self.pg4.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg6.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg3.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, flags=flags, + sw_if_index=self.pg4.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, flags=flags, + sw_if_index=self.pg6.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg3.sw_if_index) # in2out VRF 10 pkts = self.create_stream_in(self.pg4, self.pg3) @@ -3403,9 +3543,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_output_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) # add static mapping for server self.nat44_add_static_mapping(server.ip4, self.nat_addr, @@ -3463,9 +3606,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg9.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg9.sw_if_index, - flags=flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg9.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg9.sw_if_index, + flags=flags, is_add=1) # in2out p = (Ether(src=self.pg9.remote_mac, dst=self.pg9.local_mac) / @@ -3510,18 +3656,23 @@ class TestNAT44(MethodHolder): self.logger.error(ppp("Unexpected or invalid packet:", p)) raise - err = self.statistics.get_counter('/err/nat44-classify/next in2out') + err = self.statistics.get_err_counter( + '/err/nat44-classify/next in2out') self.assertEqual(err, 1) - err = self.statistics.get_counter('/err/nat44-classify/next out2in') + err = self.statistics.get_err_counter( + '/err/nat44-classify/next out2in') self.assertEqual(err, 1) def test_del_session(self): """ Delete NAT44 session """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) pkts = self.create_stream_in(self.pg0, self.pg1) self.pg0.add_stream(pkts) @@ -3532,20 +3683,20 @@ class TestNAT44(MethodHolder): sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0) nsessions = len(sessions) - self.vapi.nat44_del_session(sessions[0].inside_ip_address, - sessions[0].inside_port, - sessions[0].protocol, + self.vapi.nat44_del_session(address=sessions[0].inside_ip_address, + port=sessions[0].inside_port, + protocol=sessions[0].protocol, flags=self.config_flags.NAT_IS_INSIDE) - self.vapi.nat44_del_session(sessions[1].outside_ip_address, - sessions[1].outside_port, - sessions[1].protocol) + self.vapi.nat44_del_session(address=sessions[1].outside_ip_address, + port=sessions[1].outside_port, + protocol=sessions[1].protocol) sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0) self.assertEqual(nsessions - len(sessions), 2) - self.vapi.nat44_del_session(sessions[0].inside_ip_address, - sessions[0].inside_port, - sessions[0].protocol, + self.vapi.nat44_del_session(address=sessions[0].inside_ip_address, + port=sessions[0].inside_port, + protocol=sessions[0].protocol, flags=self.config_flags.NAT_IS_INSIDE) self.verify_no_nat44_user() @@ -3556,7 +3707,8 @@ class TestNAT44(MethodHolder): self.vapi.nat_set_reass(timeout=reas_cfg1.ip4_timeout + 5, max_reass=reas_cfg1.ip4_max_reass * 2, - max_frag=reas_cfg1.ip4_max_frag * 2) + max_frag=reas_cfg1.ip4_max_frag * 2, + drop_frag=0) reas_cfg2 = self.vapi.nat_get_reass() @@ -3564,7 +3716,8 @@ class TestNAT44(MethodHolder): self.assertEqual(reas_cfg1.ip4_max_reass * 2, reas_cfg2.ip4_max_reass) self.assertEqual(reas_cfg1.ip4_max_frag * 2, reas_cfg2.ip4_max_frag) - self.vapi.nat_set_reass(drop_frag=1) + self.vapi.nat_set_reass(timeout=2, max_reass=1024, max_frag=5, + drop_frag=1) self.assertTrue(self.vapi.nat_get_reass().ip4_drop_frag) def test_frag_in_order(self): @@ -3572,9 +3725,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.frag_in_order(proto=IP_PROTOS.tcp) self.frag_in_order(proto=IP_PROTOS.udp) @@ -3582,12 +3738,17 @@ class TestNAT44(MethodHolder): def test_frag_forwarding(self): """ NAT44 forwarding fragment test """ - self.vapi.nat44_add_del_interface_addr(self.pg1.sw_if_index) + self.vapi.nat44_add_del_interface_addr( + is_add=1, + sw_if_index=self.pg1.sw_if_index) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat44_forwarding_enable_disable(enable=1) data = b"A" * 16 + b"B" * 16 + b"C" * 3 pkts = self.create_stream_frag(self.pg1, @@ -3617,9 +3778,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # add static mapping for server self.nat44_add_static_mapping(self.server.ip4, self.nat_addr, self.server_in_port, @@ -3640,9 +3804,12 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.frag_out_of_order(proto=IP_PROTOS.tcp) self.frag_out_of_order(proto=IP_PROTOS.udp) @@ -3652,9 +3819,12 @@ class TestNAT44(MethodHolder): """ Port restricted NAT44 (MAP-E CE) """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.nat_set_addr_and_port_alloc_alg(alg=1, psid_offset=6, psid_length=6, @@ -3685,9 +3855,12 @@ class TestNAT44(MethodHolder): """ External address port range """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.nat_set_addr_and_port_alloc_alg(alg=2, start_port=1025, end_port=1027) @@ -3711,16 +3884,21 @@ class TestNAT44(MethodHolder): """ IPFIX logging maximum fragments pending reassembly exceeded """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat_set_reass(max_frag=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat_set_reass(timeout=2, max_reass=1024, max_frag=1, + drop_frag=0) self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n, src_address=self.pg3.local_ip4n, path_mtu=512, template_interval=10) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) data = b"A" * 4 + b"B" * 16 + b"C" * 3 self.tcp_port_in = random.randint(1025, 65535) @@ -3774,10 +3952,15 @@ class TestNAT44(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg2.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg2.sw_if_index, + is_add=1) try: # first VRF @@ -3815,6 +3998,7 @@ class TestNAT44(MethodHolder): self.verify_capture_in(capture, self.pg0) finally: + self.nat44_add_address(self.nat_addr, is_add=0) self.pg1.unconfig_ip4() self.pg2.unconfig_ip4() self.pg1.set_table_ip4(0) @@ -3829,10 +4013,14 @@ class TestNAT44(MethodHolder): """ NAT44 session timeouts """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat_set_timeouts(udp=5) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat_set_timeouts(udp=5, tcp_established=7440, + tcp_transitory=240, icmp=60) max_sessions = 1000 pkts = [] @@ -3871,9 +4059,12 @@ class TestNAT44(MethodHolder): """ TCP MSS clamping """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) / @@ -3888,7 +4079,7 @@ class TestNAT44(MethodHolder): # Negotiated MSS value greater than configured - changed self.verify_mss_value(capture[0], 1000) - self.vapi.nat_set_mss_clamping(enable=0) + self.vapi.nat_set_mss_clamping(enable=0, mss_value=1500) self.pg0.add_stream(p) self.pg_enable_capture(self.pg_interfaces) self.pg_start() @@ -3909,11 +4100,17 @@ class TestNAT44(MethodHolder): """ Send HA session synchronization events (active) """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat_ha_set_listener(self.pg3.local_ip4, port=12345) - self.vapi.nat_ha_set_failover(self.pg3.remote_ip4, port=12346) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat_ha_set_listener(ip_address=self.pg3.local_ip4, + port=12345, + path_mtu=512) + self.vapi.nat_ha_set_failover(ip_address=self.pg3.remote_ip4, + port=12346, session_refresh_interval=10) bind_layers(UDP, HANATStateSync, sport=12345) # create sessions @@ -3964,9 +4161,9 @@ class TestNAT44(MethodHolder): # delete one session self.pg_enable_capture(self.pg_interfaces) - self.vapi.nat44_del_session(self.pg0.remote_ip4n, - self.tcp_port_in, - IP_PROTOS.tcp, + self.vapi.nat44_del_session(address=self.pg0.remote_ip4n, + port=self.tcp_port_in, + protocol=IP_PROTOS.tcp, flags=self.config_flags.NAT_IS_INSIDE) self.vapi.nat_ha_flush() stats = self.statistics.get_counter('/nat44/ha/del-event-send') @@ -4039,10 +4236,15 @@ class TestNAT44(MethodHolder): """ Receive HA session synchronization events (passive) """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat_ha_set_listener(self.pg3.local_ip4, port=12345) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat_ha_set_listener(ip_address=self.pg3.local_ip4, + port=12345, + path_mtu=512) bind_layers(UDP, HANATStateSync, sport=12345) self.tcp_port_out = random.randint(1025, 65535) @@ -4150,7 +4352,7 @@ class TestNAT44(MethodHolder): stats = self.statistics.get_counter('/nat44/ha/del-event-recv') self.assertEqual(stats[0][0], 1) - stats = self.statistics.get_counter('/err/nat-ha/pkts-processed') + stats = self.statistics.get_err_counter('/err/nat-ha/pkts-processed') self.assertEqual(stats, 2) # send HA session refresh event to failover/passive @@ -4194,7 +4396,7 @@ class TestNAT44(MethodHolder): stats = self.statistics.get_counter('/nat44/ha/refresh-event-recv') self.assertEqual(stats[0][0], 1) - stats = self.statistics.get_counter('/err/nat-ha/pkts-processed') + stats = self.statistics.get_err_counter('/err/nat-ha/pkts-processed') self.assertEqual(stats, 3) # send packet to test session created by HA @@ -4347,9 +4549,12 @@ class TestNAT44EndpointDependent(MethodHolder): """ NAT44 translate fragments arriving in order """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.frag_in_order(proto=IP_PROTOS.tcp) self.frag_in_order(proto=IP_PROTOS.udp) self.frag_in_order(proto=IP_PROTOS.icmp) @@ -4357,9 +4562,12 @@ class TestNAT44EndpointDependent(MethodHolder): def test_frag_in_order_dont_translate(self): """ NAT44 don't translate fragments arriving in order """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.nat44_forwarding_enable_disable(enable=True) self.frag_in_order(proto=IP_PROTOS.tcp, dont_translate=True) @@ -4367,9 +4575,12 @@ class TestNAT44EndpointDependent(MethodHolder): """ NAT44 translate fragments arriving out of order """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.frag_out_of_order(proto=IP_PROTOS.tcp) self.frag_out_of_order(proto=IP_PROTOS.udp) self.frag_out_of_order(proto=IP_PROTOS.icmp) @@ -4377,21 +4588,30 @@ class TestNAT44EndpointDependent(MethodHolder): def test_frag_out_of_order_dont_translate(self): """ NAT44 don't translate fragments arriving out of order """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.nat44_forwarding_enable_disable(enable=True) self.frag_out_of_order(proto=IP_PROTOS.tcp, dont_translate=True) def test_frag_in_order_in_plus_out(self): """ in+out interface fragments in order """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index, - flags=flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + flags=flags, is_add=1) self.server = self.pg1.remote_hosts[0] @@ -4417,7 +4637,8 @@ class TestNAT44EndpointDependent(MethodHolder): self.server_out_addr, proto=IP_PROTOS.icmp) - self.vapi.nat_set_reass(timeout=10) + self.vapi.nat_set_reass(timeout=10, max_reass=1024, max_frag=5, + drop_frag=0) self.frag_in_order_in_plus_out(proto=IP_PROTOS.tcp) self.frag_in_order_in_plus_out(proto=IP_PROTOS.udp) @@ -4426,12 +4647,18 @@ class TestNAT44EndpointDependent(MethodHolder): def test_frag_out_of_order_in_plus_out(self): """ in+out interface fragments out of order """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index, - flags=flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + flags=flags, is_add=1) self.server = self.pg1.remote_hosts[0] @@ -4457,7 +4684,8 @@ class TestNAT44EndpointDependent(MethodHolder): self.server_out_addr, proto=IP_PROTOS.icmp) - self.vapi.nat_set_reass(timeout=10) + self.vapi.nat_set_reass(timeout=10, max_reass=1024, max_frag=5, + drop_frag=0) self.frag_out_of_order_in_plus_out(proto=IP_PROTOS.tcp) self.frag_out_of_order_in_plus_out(proto=IP_PROTOS.udp) @@ -4472,9 +4700,12 @@ class TestNAT44EndpointDependent(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # add static mapping for server self.nat44_add_static_mapping(self.server.ip4, self.nat_addr, self.server_in_port, @@ -4495,21 +4726,24 @@ class TestNAT44EndpointDependent(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) nat_config = self.vapi.nat_show_config() self.assertEqual(1, nat_config.endpoint_dependent) # in2out - tcpn = self.statistics.get_counter( + tcpn = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/TCP packets') - udpn = self.statistics.get_counter( + udpn = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/UDP packets') - icmpn = self.statistics.get_counter( + icmpn = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/ICMP packets') - totaln = self.statistics.get_counter( + totaln = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/good in2out packets processed') pkts = self.create_stream_in(self.pg0, self.pg1) @@ -4519,25 +4753,27 @@ class TestNAT44EndpointDependent(MethodHolder): capture = self.pg1.get_capture(len(pkts)) self.verify_capture_out(capture) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/TCP packets') self.assertEqual(err - tcpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/UDP packets') self.assertEqual(err - udpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/ICMP packets') self.assertEqual(err - icmpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-ed-in2out-slowpath/good in2out packets processed') self.assertEqual(err - totaln, 3) # out2in - tcpn = self.statistics.get_counter('/err/nat44-ed-out2in/TCP packets') - udpn = self.statistics.get_counter('/err/nat44-ed-out2in/UDP packets') - icmpn = self.statistics.get_counter( + tcpn = self.statistics.get_err_counter( + '/err/nat44-ed-out2in/TCP packets') + udpn = self.statistics.get_err_counter( + '/err/nat44-ed-out2in/UDP packets') + icmpn = self.statistics.get_err_counter( '/err/nat44-ed-out2in-slowpath/ICMP packets') - totaln = self.statistics.get_counter( + totaln = self.statistics.get_err_counter( '/err/nat44-ed-out2in/good out2in packets processed') pkts = self.create_stream_out(self.pg1) @@ -4547,14 +4783,16 @@ class TestNAT44EndpointDependent(MethodHolder): capture = self.pg0.get_capture(len(pkts)) self.verify_capture_in(capture, self.pg0) - err = self.statistics.get_counter('/err/nat44-ed-out2in/TCP packets') + err = self.statistics.get_err_counter( + '/err/nat44-ed-out2in/TCP packets') self.assertEqual(err - tcpn, 1) - err = self.statistics.get_counter('/err/nat44-ed-out2in/UDP packets') + err = self.statistics.get_err_counter( + '/err/nat44-ed-out2in/UDP packets') self.assertEqual(err - udpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-ed-out2in-slowpath/ICMP packets') self.assertEqual(err - icmpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat44-ed-out2in/good out2in packets processed') self.assertEqual(err - totaln, 2) @@ -4567,16 +4805,21 @@ class TestNAT44EndpointDependent(MethodHolder): """ NAT44 forwarding test """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat44_forwarding_enable_disable(enable=1) real_ip = self.pg0.remote_ip4 alias_ip = self.nat_addr flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_static_mapping(local_ip=real_ip, - external_ip=alias_ip, + self.vapi.nat44_add_del_static_mapping(is_add=1, + local_ip_address=real_ip, + external_ip_address=alias_ip, + external_sw_if_index=0xFFFFFFFF, flags=flags) try: @@ -4626,9 +4869,9 @@ class TestNAT44EndpointDependent(MethodHolder): self.assertTrue(sessions[0].flags & self.config_flags.NAT_IS_EXT_HOST_VALID) self.vapi.nat44_del_session( - sessions[0].inside_ip_address, - sessions[0].inside_port, - sessions[0].protocol, + address=sessions[0].inside_ip_address, + port=sessions[0].inside_port, + protocol=sessions[0].protocol, flags=(self.config_flags.NAT_IS_INSIDE | self.config_flags.NAT_IS_EXT_HOST_VALID), ext_host_address=sessions[0].ext_host_address, @@ -4637,11 +4880,14 @@ class TestNAT44EndpointDependent(MethodHolder): self.assertEqual(len(sessions), 2) finally: - self.vapi.nat44_forwarding_enable_disable(0) + self.vapi.nat44_forwarding_enable_disable(enable=0) flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_static_mapping(local_ip=real_ip, - external_ip=alias_ip, - is_add=0, flags=flags) + self.vapi.nat44_add_del_static_mapping( + is_add=0, + local_ip_address=real_ip, + external_ip_address=alias_ip, + external_sw_if_index=0xFFFFFFFF, + flags=flags) def test_static_lb(self): """ NAT44 local service load balancing """ @@ -4661,15 +4907,20 @@ class TestNAT44EndpointDependent(MethodHolder): 'vrf_id': 0}] self.nat44_add_address(self.nat_addr) - self.vapi.nat44_add_del_lb_static_mapping(external_addr_n, - external_port, - IP_PROTOS.tcp, - local_num=len(locals), - locals=locals) + self.vapi.nat44_add_del_lb_static_mapping( + is_add=1, + external_addr=external_addr_n, + external_port=external_port, + protocol=IP_PROTOS.tcp, + local_num=len(locals), + locals=locals) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # from client to service p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / @@ -4719,9 +4970,9 @@ class TestNAT44EndpointDependent(MethodHolder): self.assertTrue(sessions[0].flags & self.config_flags.NAT_IS_EXT_HOST_VALID) self.vapi.nat44_del_session( - sessions[0].inside_ip_address, - sessions[0].inside_port, - sessions[0].protocol, + address=sessions[0].inside_ip_address, + port=sessions[0].inside_port, + protocol=sessions[0].protocol, flags=(self.config_flags.NAT_IS_INSIDE | self.config_flags.NAT_IS_EXT_HOST_VALID), ext_host_address=sessions[0].ext_host_address, @@ -4750,15 +5001,19 @@ class TestNAT44EndpointDependent(MethodHolder): 'vrf_id': 0}] self.nat44_add_address(self.nat_addr) - self.vapi.nat44_add_del_lb_static_mapping(external_addr, - external_port, - IP_PROTOS.tcp, + self.vapi.nat44_add_del_lb_static_mapping(is_add=1, + external_addr=external_addr, + external_port=external_port, + protocol=IP_PROTOS.tcp, local_num=len(locals), locals=locals) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) server1_n = 0 server2_n = 0 @@ -4780,13 +5035,20 @@ class TestNAT44EndpointDependent(MethodHolder): server2_n += 1 self.assertGreater(server1_n, server2_n) + local = { + 'addr': server3.ip4n, + 'port': local_port, + 'probability': 20, + 'vrf_id': 0 + } + # add new back-end - self.vapi.nat44_lb_static_mapping_add_del_local(external_addr, - external_port, - server3.ip4n, - local_port, - IP_PROTOS.tcp, - 20) + self.vapi.nat44_lb_static_mapping_add_del_local( + is_add=1, + external_addr=external_addr, + external_port=external_port, + local=local, + protocol=IP_PROTOS.tcp) server1_n = 0 server2_n = 0 server3_n = 0 @@ -4813,14 +5075,20 @@ class TestNAT44EndpointDependent(MethodHolder): self.assertGreater(server2_n, 0) self.assertGreater(server3_n, 0) + local = { + 'addr': server2.ip4n, + 'port': local_port, + 'probability': 10, + 'vrf_id': 0 + } + # remove one back-end - self.vapi.nat44_lb_static_mapping_add_del_local(external_addr, - external_port, - server2.ip4n, - local_port, - IP_PROTOS.tcp, - 10, - is_add=0) + self.vapi.nat44_lb_static_mapping_add_del_local( + is_add=0, + external_addr=external_addr, + external_port=external_port, + local=local, + protocol=IP_PROTOS.tcp) server1_n = 0 server2_n = 0 server3_n = 0 @@ -4856,18 +5124,21 @@ class TestNAT44EndpointDependent(MethodHolder): 'probability': 30, 'vrf_id': 0}] - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) flags = self.config_flags.NAT_IS_OUT2IN_ONLY - self.vapi.nat44_add_del_lb_static_mapping(external_addr, - external_port, - IP_PROTOS.tcp, + self.vapi.nat44_add_del_lb_static_mapping(is_add=1, flags=flags, + external_addr=external_addr, + external_port=external_port, + protocol=IP_PROTOS.tcp, local_num=len(locals), - locals=locals, - flags=flags) + locals=locals) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # from client to service p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / @@ -4969,16 +5240,20 @@ class TestNAT44EndpointDependent(MethodHolder): 'vrf_id': 0}] self.nat44_add_address(self.nat_addr) - self.vapi.nat44_add_del_lb_static_mapping(external_addr, - external_port, - IP_PROTOS.tcp, + self.vapi.nat44_add_del_lb_static_mapping(is_add=1, + external_addr=external_addr, + external_port=external_port, + protocol=IP_PROTOS.tcp, affinity=10800, local_num=len(locals), locals=locals) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) p = (Ether(dst=self.pg1.local_mac, src=self.pg1.remote_mac) / IP(src=self.pg1.remote_ip4, dst=self.nat_addr) / @@ -4994,9 +5269,9 @@ class TestNAT44EndpointDependent(MethodHolder): self.assertTrue(sessions[0].flags & self.config_flags.NAT_IS_EXT_HOST_VALID) self.vapi.nat44_del_session( - sessions[0].inside_ip_address, - sessions[0].inside_port, - sessions[0].protocol, + address=sessions[0].inside_ip_address, + port=sessions[0].inside_port, + protocol=sessions[0].protocol, flags=(self.config_flags.NAT_IS_INSIDE | self.config_flags.NAT_IS_EXT_HOST_VALID), ext_host_address=sessions[0].ext_host_address, @@ -5019,9 +5294,12 @@ class TestNAT44EndpointDependent(MethodHolder): """ NAT44 translate packet with unknown protocol """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # in2out p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / @@ -5081,9 +5359,12 @@ class TestNAT44EndpointDependent(MethodHolder): self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # add static mapping for server self.nat44_add_static_mapping(server.ip4, server_nat_ip) @@ -5142,20 +5423,26 @@ class TestNAT44EndpointDependent(MethodHolder): external_port = 80 local_port = 8080 - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_ADDR_ONLY - self.vapi.nat44_add_del_identity_mapping(ip=self.pg1.remote_ip4n, - flags=flags) + self.vapi.nat44_add_del_identity_mapping( + ip_address=self.pg1.remote_ip4n, sw_if_index=0xFFFFFFFF, + flags=flags, is_add=1) flags = self.config_flags.NAT_IS_OUT2IN_ONLY self.nat44_add_static_mapping(self.pg0.remote_ip4, external_addr, local_port, external_port, proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) # from client to service p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / @@ -5219,9 +5506,11 @@ class TestNAT44EndpointDependent(MethodHolder): def test_output_feature_and_service2(self): """ NAT44 interface output feature and service host direct access """ - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.nat_addr) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) # session initiated from service host - translate pkts = self.create_stream_in(self.pg0, self.pg1) @@ -5265,17 +5554,22 @@ class TestNAT44EndpointDependent(MethodHolder): external_port = 80 local_port = 8080 - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_OUT2IN_ONLY self.nat44_add_static_mapping(self.pg1.remote_ip4, external_addr, local_port, external_port, proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=external_addr) / @@ -5324,7 +5618,7 @@ class TestNAT44EndpointDependent(MethodHolder): local_port = 8080 post_twice_nat_port = 0 - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(twice_nat_addr, twice_nat=1) flags = (self.config_flags.NAT_IS_OUT2IN_ONLY | self.config_flags.NAT_IS_SELF_TWICE_NAT) @@ -5332,7 +5626,9 @@ class TestNAT44EndpointDependent(MethodHolder): local_port, external_port, proto=IP_PROTOS.tcp, vrf_id=1, flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg6.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg6.sw_if_index, + is_add=1) p = (Ether(src=self.pg6.remote_mac, dst=self.pg6.local_mac) / IP(src=self.pg6.remote_ip4, dst=self.pg1.remote_ip4) / @@ -5432,16 +5728,19 @@ class TestNAT44EndpointDependent(MethodHolder): 'vrf_id': 0}] out_addr = self.nat_addr - self.vapi.nat44_add_del_lb_static_mapping(out_addr, - port_out, - IP_PROTOS.tcp, + self.vapi.nat44_add_del_lb_static_mapping(is_add=1, flags=flags, + external_addr=out_addr, + external_port=port_out, + protocol=IP_PROTOS.tcp, local_num=len(locals), - locals=locals, - flags=flags) + locals=locals) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=pg1.sw_if_index, + is_add=1) if same_pg: if not lb: @@ -5520,9 +5819,9 @@ class TestNAT44EndpointDependent(MethodHolder): self.config_flags.NAT_IS_TWICE_NAT) self.logger.error(self.vapi.cli("show nat44 sessions detail")) self.vapi.nat44_del_session( - sessions[0].inside_ip_address, - sessions[0].inside_port, - sessions[0].protocol, + address=sessions[0].inside_ip_address, + port=sessions[0].inside_port, + protocol=sessions[0].protocol, flags=(self.config_flags.NAT_IS_INSIDE | self.config_flags.NAT_IS_EXT_HOST_VALID), ext_host_address=sessions[0].ext_host_nat_address, @@ -5559,8 +5858,10 @@ class TestNAT44EndpointDependent(MethodHolder): def test_twice_nat_interface_addr(self): """ Acquire twice NAT44 addresses from interface """ flags = self.config_flags.NAT_IS_TWICE_NAT - self.vapi.nat44_add_del_interface_addr(self.pg3.sw_if_index, - flags=flags) + self.vapi.nat44_add_del_interface_addr( + is_add=1, + sw_if_index=self.pg3.sw_if_index, + flags=flags) # no address in NAT pool adresses = self.vapi.nat44_address_dump() @@ -5581,16 +5882,21 @@ class TestNAT44EndpointDependent(MethodHolder): def test_tcp_close(self): """ Close TCP session from inside network - output feature """ - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.pg1.local_ip4) twice_nat_addr = '10.0.1.3' service_ip = '192.168.16.150' self.nat44_add_address(twice_nat_addr, twice_nat=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) flags = (self.config_flags.NAT_IS_OUT2IN_ONLY | self.config_flags.NAT_IS_TWICE_NAT) self.nat44_add_static_mapping(self.pg0.remote_ip4, @@ -5674,9 +5980,12 @@ class TestNAT44EndpointDependent(MethodHolder): proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0) start_sessnum = len(sessions) @@ -5740,9 +6049,12 @@ class TestNAT44EndpointDependent(MethodHolder): proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0) start_sessnum = len(sessions) @@ -5796,9 +6108,12 @@ class TestNAT44EndpointDependent(MethodHolder): proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) sessions = self.vapi.nat44_user_session_dump(self.pg0.remote_ip4n, 0) start_sessnum = len(sessions) @@ -5857,7 +6172,7 @@ class TestNAT44EndpointDependent(MethodHolder): local_port = 8080 eh_port_in = 0 - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.nat_addr, twice_nat=1) flags = (self.config_flags.NAT_IS_OUT2IN_ONLY | self.config_flags.NAT_IS_TWICE_NAT) @@ -5865,9 +6180,12 @@ class TestNAT44EndpointDependent(MethodHolder): local_port, external_port, proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg4.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg4.sw_if_index, - flags=flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg4.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg4.sw_if_index, + flags=flags, is_add=1) # from client to service p = (Ether(src=self.pg4.remote_mac, dst=self.pg4.local_mac) / @@ -5918,15 +6236,18 @@ class TestNAT44EndpointDependent(MethodHolder): external_port = 80 local_port = 8080 - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) flags = self.config_flags.NAT_IS_OUT2IN_ONLY self.nat44_add_static_mapping(self.pg0.remote_ip4, self.nat_addr, local_port, external_port, proto=IP_PROTOS.tcp, flags=flags) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # from client to service p = (Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) / @@ -6042,10 +6363,14 @@ class TestNAT44EndpointDependent(MethodHolder): def test_output_feature(self): """ NAT44 interface output feature (in2out postrouting) """ - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.nat_addr) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) # in2out pkts = self.create_stream_in(self.pg0, self.pg1) @@ -6070,29 +6395,39 @@ class TestNAT44EndpointDependent(MethodHolder): local_port = 8080 port = 0 - self.vapi.nat44_forwarding_enable_disable(1) + self.vapi.nat44_forwarding_enable_disable(enable=1) self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_output_feature(self.pg1.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg5.sw_if_index) - self.vapi.nat44_interface_add_del_feature(self.pg5.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg6.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_output_feature( + is_add=1, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg5.sw_if_index, + is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg5.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg6.sw_if_index, + is_add=1) flags = self.config_flags.NAT_IS_OUT2IN_ONLY self.nat44_add_static_mapping(self.pg5.remote_ip4, external_addr, local_port, external_port, vrf_id=1, proto=IP_PROTOS.tcp, flags=flags) self.nat44_add_static_mapping( - self.pg0.remote_ip4, - external_sw_if_index=self.pg0.sw_if_index, - local_port=local_port, - vrf_id=0, - external_port=external_port, - proto=IP_PROTOS.tcp, - flags=flags + self.pg0.remote_ip4, + external_sw_if_index=self.pg0.sw_if_index, + local_port=local_port, + vrf_id=0, + external_port=external_port, + proto=IP_PROTOS.tcp, + flags=flags ) # from client to service (both VRF1) @@ -6366,10 +6701,14 @@ class TestNAT44EndpointDependent(MethodHolder): """ NAT44 session timeouts """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat_set_timeouts(icmp=5) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat_set_timeouts(udp=300, tcp_established=7440, + tcp_transitory=240, icmp=5) max_sessions = 1000 pkts = [] @@ -6409,10 +6748,14 @@ class TestNAT44EndpointDependent(MethodHolder): """ NAT44 session RST timeouts """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) - self.vapi.nat_set_timeouts(tcp_transitory=5) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) + self.vapi.nat_set_timeouts(udp=300, tcp_established=7440, + tcp_transitory=5, icmp=60) self.initiate_tcp_session(self.pg0, self.pg1) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / @@ -6447,14 +6790,18 @@ class TestNAT44EndpointDependent(MethodHolder): """ Maximum sessions per user limit """ self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.set_ipfix_exporter(collector_address=self.pg2.remote_ip4n, src_address=self.pg2.local_ip4n, path_mtu=512, template_interval=10) - self.vapi.nat_set_timeouts(udp=5) + self.vapi.nat_set_timeouts(udp=5, tcp_established=7440, + tcp_transitory=240, icmp=60) # get maximum number of translations per user nat44_config = self.vapi.nat_show_config() @@ -6472,7 +6819,8 @@ class TestNAT44EndpointDependent(MethodHolder): capture = self.pg1.get_capture(len(pkts)) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) / @@ -6512,13 +6860,17 @@ class TestNAT44EndpointDependent(MethodHolder): def test_syslog_sess(self): """ Test syslog session creation and deletion """ - self.vapi.syslog_set_filter(SYSLOG_SEVERITY.INFO) + self.vapi.syslog_set_filter( + self.SYSLOG_SEVERITY.SYSLOG_API_SEVERITY_INFO) self.vapi.syslog_set_sender(self.pg2.local_ip4n, self.pg2.remote_ip4n) self.nat44_add_address(self.nat_addr) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) / @@ -6623,9 +6975,12 @@ class TestNAT44Out2InDPO(MethodHolder): self.configure_xlat() flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_add_del_address_range(self.nat_addr_n, self.nat_addr_n) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_add_del_address_range(first_ip_address=self.nat_addr_n, + last_ip_address=self.nat_addr_n, + vrf_id=0xFFFFFFFF, is_add=1) out_src_ip6 = self.compose_ip6(self.dst_ip4, self.dst_ip6_pfx, self.dst_ip6_pfx_len) @@ -6649,10 +7004,13 @@ class TestNAT44Out2InDPO(MethodHolder): capture = self.pg0.get_capture(len(pkts)) self.verify_capture_in(capture, self.pg0) finally: - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - is_add=0, flags=flags) - self.vapi.nat44_add_del_address_range(self.nat_addr_n, - self.nat_addr_n, is_add=0) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags) + self.vapi.nat44_add_del_address_range( + first_ip_address=self.nat_addr_n, + last_ip_address=self.nat_addr_n, + vrf_id=0xFFFFFFFF) @unittest.skip('Temporary disabled') def test_464xlat_ce_no_nat(self): @@ -6816,7 +7174,9 @@ class TestDeterministicNAT(MethodHolder): nat_config = self.vapi.nat_show_config() self.assertEqual(1, nat_config.deterministic) - self.vapi.nat_det_add_del_map(1, in_addr, in_plen, out_addr, out_plen) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=in_addr, + in_plen=in_plen, out_addr=out_addr, + out_plen=out_plen) rep1 = self.vapi.nat_det_forward(in_addr_t) self.assertEqual(str(rep1.out_addr), out_addr) @@ -6840,10 +7200,11 @@ class TestDeterministicNAT(MethodHolder): """ Set deterministic NAT timeouts """ timeouts_before = self.vapi.nat_get_timeouts() - self.vapi.nat_set_timeouts(timeouts_before.udp + 10, - timeouts_before.tcp_established + 10, - timeouts_before.tcp_transitory + 10, - timeouts_before.icmp + 10) + self.vapi.nat_set_timeouts( + udp=timeouts_before.udp + 10, + tcp_established=timeouts_before.tcp_established + 10, + tcp_transitory=timeouts_before.tcp_transitory + 10, + icmp=timeouts_before.icmp + 10) timeouts_after = self.vapi.nat_get_timeouts() @@ -6859,16 +7220,18 @@ class TestDeterministicNAT(MethodHolder): nat_ip = "10.0.0.10" - self.vapi.nat_det_add_del_map(1, - self.pg0.remote_ip4n, - 32, - socket.inet_aton(nat_ip), - 32) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=self.pg0.remote_ip4n, + in_plen=32, + out_addr=socket.inet_aton(nat_ip), + out_plen=32) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # in2out pkts = self.create_stream_in(self.pg0, self.pg1) @@ -6920,15 +7283,16 @@ class TestDeterministicNAT(MethodHolder): host0 = self.pg0.remote_hosts[0] host1 = self.pg0.remote_hosts[1] - self.vapi.nat_det_add_del_map(1, - host0.ip4n, - 24, - socket.inet_aton(nat_ip), - 32) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=host0.ip4n, in_plen=24, + out_addr=socket.inet_aton(nat_ip), + out_plen=32) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) # host0 to out p = (Ether(src=host0.mac, dst=self.pg0.local_mac) / @@ -7031,15 +7395,17 @@ class TestDeterministicNAT(MethodHolder): def test_tcp_session_close_detection_in(self): """ Deterministic NAT TCP session close from inside network """ - self.vapi.nat_det_add_del_map(1, - self.pg0.remote_ip4n, - 32, - socket.inet_aton(self.nat_addr), - 32) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=self.pg0.remote_ip4n, + in_plen=32, + out_addr=socket.inet_aton(self.nat_addr), + out_plen=32) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.initiate_tcp_session(self.pg0, self.pg1) @@ -7095,15 +7461,17 @@ class TestDeterministicNAT(MethodHolder): def test_tcp_session_close_detection_out(self): """ Deterministic NAT TCP session close from outside network """ - self.vapi.nat_det_add_del_map(1, - self.pg0.remote_ip4n, - 32, - socket.inet_aton(self.nat_addr), - 32) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=self.pg0.remote_ip4n, + in_plen=32, + out_addr=socket.inet_aton(self.nat_addr), + out_plen=32) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.initiate_tcp_session(self.pg0, self.pg1) @@ -7160,18 +7528,21 @@ class TestDeterministicNAT(MethodHolder): @unittest.skipUnless(running_extended_tests, "part of extended tests") def test_session_timeout(self): """ Deterministic NAT session timeouts """ - self.vapi.nat_det_add_del_map(1, - self.pg0.remote_ip4n, - 32, - socket.inet_aton(self.nat_addr), - 32) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=self.pg0.remote_ip4n, + in_plen=32, + out_addr=socket.inet_aton(self.nat_addr), + out_plen=32) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.initiate_tcp_session(self.pg0, self.pg1) - self.vapi.nat_set_timeouts(5, 5, 5, 5) + self.vapi.nat_set_timeouts(udp=5, tcp_established=5, tcp_transitory=5, + icmp=5) pkts = self.create_stream_in(self.pg0, self.pg1) self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) @@ -7185,20 +7556,23 @@ class TestDeterministicNAT(MethodHolder): @unittest.skipUnless(running_extended_tests, "part of extended tests") def test_session_limit_per_user(self): """ Deterministic NAT maximum sessions per user limit """ - self.vapi.nat_det_add_del_map(1, - self.pg0.remote_ip4n, - 32, - socket.inet_aton(self.nat_addr), - 32) + self.vapi.nat_det_add_del_map(is_add=1, in_addr=self.pg0.remote_ip4n, + in_plen=32, + out_addr=socket.inet_aton(self.nat_addr), + out_plen=32) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat44_interface_add_del_feature(self.pg0.sw_if_index, - flags=flags) - self.vapi.nat44_interface_add_del_feature(self.pg1.sw_if_index) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg0.sw_if_index, + flags=flags, is_add=1) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=self.pg1.sw_if_index, + is_add=1) self.vapi.set_ipfix_exporter(collector_address=self.pg2.remote_ip4n, src_address=self.pg2.local_ip4n, path_mtu=512, template_interval=10) - self.vapi.nat_ipfix_enable_disable() + self.vapi.nat_ipfix_enable_disable(domain_id=1, src_port=4739, + enable=1) pkts = [] for port in range(1025, 2025): @@ -7258,21 +7632,22 @@ class TestDeterministicNAT(MethodHolder): """ Clear deterministic NAT configuration. """ - self.vapi.nat_ipfix_enable_disable(enable=0) - self.vapi.nat_set_timeouts() + self.vapi.nat_ipfix_enable_disable(domain_id=1, src_port=4739, + enable=0) + self.vapi.nat_set_timeouts(udp=300, tcp_established=7440, + tcp_transitory=240, icmp=60) deterministic_mappings = self.vapi.nat_det_map_dump() for dsm in deterministic_mappings: - self.vapi.nat_det_add_del_map(0, - dsm.in_addr, - dsm.in_plen, - dsm.out_addr, - dsm.out_plen) + self.vapi.nat_det_add_del_map(is_add=0, in_addr=dsm.in_addr, + in_plen=dsm.in_plen, + out_addr=dsm.out_addr, + out_plen=dsm.out_plen) interfaces = self.vapi.nat44_interface_dump() for intf in interfaces: - self.vapi.nat44_interface_add_del_feature(intf.sw_if_index, - is_add=0, - flags=intf.flags) + self.vapi.nat44_interface_add_del_feature( + sw_if_index=intf.sw_if_index, + flags=intf.flags) def tearDown(self): super(TestDeterministicNAT, self).tearDown() @@ -7359,7 +7734,8 @@ class TestNAT64(MethodHolder): """ NAT64 inside interface handles Neighbor Advertisement """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg5.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg5.sw_if_index) # Try to send ping ping = (Ether(dst=self.pg5.local_mac, src=self.pg5.remote_mac) / @@ -7412,13 +7788,17 @@ class TestNAT64(MethodHolder): """ Add/delete address to NAT64 pool """ nat_addr = '1.2.3.4' - self.vapi.nat64_add_del_pool_addr_range(nat_addr, nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=nat_addr, + end_addr=nat_addr, + vrf_id=0xFFFFFFFF, is_add=1) addresses = self.vapi.nat64_pool_addr_dump() self.assertEqual(len(addresses), 1) self.assertEqual(str(addresses[0].address), nat_addr) - self.vapi.nat64_add_del_pool_addr_range(nat_addr, nat_addr, is_add=0) + self.vapi.nat64_add_del_pool_addr_range(start_addr=nat_addr, + end_addr=nat_addr, + vrf_id=0xFFFFFFFF, is_add=0) addresses = self.vapi.nat64_pool_addr_dump() self.assertEqual(len(addresses), 0) @@ -7426,8 +7806,10 @@ class TestNAT64(MethodHolder): def test_interface(self): """ Enable/disable NAT64 feature on the interface """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) interfaces = self.vapi.nat64_interface_dump() self.assertEqual(len(interfaces), 2) @@ -7448,8 +7830,10 @@ class TestNAT64(MethodHolder): features = self.vapi.cli("show interface features pg1") self.assertIn('nat64-out2in', features) - self.vapi.nat64_add_del_interface(0, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(0, flags, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=0, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=0, flags=flags, + sw_if_index=self.pg1.sw_if_index) interfaces = self.vapi.nat64_interface_dump() self.assertEqual(len(interfaces), 0) @@ -7462,12 +7846,10 @@ class TestNAT64(MethodHolder): out_port = 5678 proto = IP_PROTOS.tcp - self.vapi.nat64_add_del_static_bib(in_addr, - out_addr, - in_port, - out_port, - proto) - bib = self.vapi.nat64_bib_dump(IP_PROTOS.tcp) + self.vapi.nat64_add_del_static_bib(i_addr=in_addr, o_addr=out_addr, + i_port=in_port, o_port=out_port, + proto=proto, vrf_id=0, is_add=1) + bib = self.vapi.nat64_bib_dump(proto=IP_PROTOS.tcp) static_bib_num = 0 for bibe in bib: if bibe.flags & self.config_flags.NAT_IS_STATIC: @@ -7480,13 +7862,10 @@ class TestNAT64(MethodHolder): bibs = self.statistics.get_counter('/nat64/total-bibs') self.assertEqual(bibs[0][0], 1) - self.vapi.nat64_add_del_static_bib(in_addr, - out_addr, - in_port, - out_port, - proto, - is_add=0) - bib = self.vapi.nat64_bib_dump(IP_PROTOS.tcp) + self.vapi.nat64_add_del_static_bib(i_addr=in_addr, o_addr=out_addr, + i_port=in_port, o_port=out_port, + proto=proto, vrf_id=0, is_add=0) + bib = self.vapi.nat64_bib_dump(proto=IP_PROTOS.tcp) static_bib_num = 0 for bibe in bib: if bibe.flags & self.config_flags.NAT_IS_STATIC: @@ -7505,8 +7884,8 @@ class TestNAT64(MethodHolder): self.assertEqual(timeouts.tcp_established, 7440) # set and verify custom values - self.vapi.nat_set_timeouts(udp=200, icmp=30, tcp_transitory=250, - tcp_established=7450) + self.vapi.nat_set_timeouts(udp=200, tcp_established=7450, + tcp_transitory=250, icmp=30) timeouts = self.vapi.nat_get_timeouts() self.assertEqual(timeouts.udp, 200) self.assertEqual(timeouts.icmp, 30) @@ -7521,17 +7900,22 @@ class TestNAT64(MethodHolder): ses_num_start = self.nat64_get_ses_num() - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) # in2out - tcpn = self.statistics.get_counter('/err/nat64-in2out/TCP packets') - udpn = self.statistics.get_counter('/err/nat64-in2out/UDP packets') - icmpn = self.statistics.get_counter('/err/nat64-in2out/ICMP packets') - totaln = self.statistics.get_counter( + tcpn = self.statistics.get_err_counter('/err/nat64-in2out/TCP packets') + udpn = self.statistics.get_err_counter('/err/nat64-in2out/UDP packets') + icmpn = self.statistics.get_err_counter( + '/err/nat64-in2out/ICMP packets') + totaln = self.statistics.get_err_counter( '/err/nat64-in2out/good in2out packets processed') pkts = self.create_stream_in_ip6(self.pg0, self.pg1) @@ -7542,21 +7926,22 @@ class TestNAT64(MethodHolder): self.verify_capture_out(capture, nat_ip=self.nat_addr, dst_ip=self.pg1.remote_ip4) - err = self.statistics.get_counter('/err/nat64-in2out/TCP packets') + err = self.statistics.get_err_counter('/err/nat64-in2out/TCP packets') self.assertEqual(err - tcpn, 1) - err = self.statistics.get_counter('/err/nat64-in2out/UDP packets') + err = self.statistics.get_err_counter('/err/nat64-in2out/UDP packets') self.assertEqual(err - udpn, 1) - err = self.statistics.get_counter('/err/nat64-in2out/ICMP packets') + err = self.statistics.get_err_counter('/err/nat64-in2out/ICMP packets') self.assertEqual(err - icmpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat64-in2out/good in2out packets processed') self.assertEqual(err - totaln, 3) # out2in - tcpn = self.statistics.get_counter('/err/nat64-out2in/TCP packets') - udpn = self.statistics.get_counter('/err/nat64-out2in/UDP packets') - icmpn = self.statistics.get_counter('/err/nat64-out2in/ICMP packets') - totaln = self.statistics.get_counter( + tcpn = self.statistics.get_err_counter('/err/nat64-out2in/TCP packets') + udpn = self.statistics.get_err_counter('/err/nat64-out2in/UDP packets') + icmpn = self.statistics.get_err_counter( + '/err/nat64-out2in/ICMP packets') + totaln = self.statistics.get_err_counter( '/err/nat64-out2in/good out2in packets processed') pkts = self.create_stream_out(self.pg1, dst_ip=self.nat_addr) @@ -7567,13 +7952,13 @@ class TestNAT64(MethodHolder): ip = IPv6(src=''.join(['64:ff9b::', self.pg1.remote_ip4])) self.verify_capture_in_ip6(capture, ip[IPv6].src, self.pg0.remote_ip6) - err = self.statistics.get_counter('/err/nat64-out2in/TCP packets') + err = self.statistics.get_err_counter('/err/nat64-out2in/TCP packets') self.assertEqual(err - tcpn, 1) - err = self.statistics.get_counter('/err/nat64-out2in/UDP packets') + err = self.statistics.get_err_counter('/err/nat64-out2in/UDP packets') self.assertEqual(err - udpn, 1) - err = self.statistics.get_counter('/err/nat64-out2in/ICMP packets') + err = self.statistics.get_err_counter('/err/nat64-out2in/ICMP packets') self.assertEqual(err - icmpn, 1) - err = self.statistics.get_counter( + err = self.statistics.get_err_counter( '/err/nat64-out2in/good out2in packets processed') self.assertEqual(err - totaln, 3) @@ -7604,11 +7989,12 @@ class TestNAT64(MethodHolder): self.assertEqual(ses_num_end - ses_num_start, 3) # tenant with specific VRF - self.vapi.nat64_add_del_pool_addr_range(self.vrf1_nat_addr, - self.vrf1_nat_addr, - vrf_id=self.vrf1_id) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.vrf1_nat_addr, + end_addr=self.vrf1_nat_addr, + vrf_id=self.vrf1_id, is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg2.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg2.sw_if_index) pkts = self.create_stream_in_ip6(self.pg2, self.pg1) self.pg2.add_stream(pkts) @@ -7636,27 +8022,34 @@ class TestNAT64(MethodHolder): ses_num_start = self.nat64_get_ses_num() - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - - self.vapi.nat64_add_del_static_bib(self.pg0.remote_ip6n, - self.nat_addr, - self.tcp_port_in, - self.tcp_port_out, - IP_PROTOS.tcp) - self.vapi.nat64_add_del_static_bib(self.pg0.remote_ip6n, - self.nat_addr, - self.udp_port_in, - self.udp_port_out, - IP_PROTOS.udp) - self.vapi.nat64_add_del_static_bib(self.pg0.remote_ip6n, - self.nat_addr, - self.icmp_id_in, - self.icmp_id_out, - IP_PROTOS.icmp) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + + self.vapi.nat64_add_del_static_bib(i_addr=self.pg0.remote_ip6n, + o_addr=self.nat_addr, + i_port=self.tcp_port_in, + o_port=self.tcp_port_out, + proto=IP_PROTOS.tcp, vrf_id=0, + is_add=1) + self.vapi.nat64_add_del_static_bib(i_addr=self.pg0.remote_ip6n, + o_addr=self.nat_addr, + i_port=self.udp_port_in, + o_port=self.udp_port_out, + proto=IP_PROTOS.udp, vrf_id=0, + is_add=1) + self.vapi.nat64_add_del_static_bib(i_addr=self.pg0.remote_ip6n, + o_addr=self.nat_addr, + i_port=self.icmp_id_in, + o_port=self.icmp_id_out, + proto=IP_PROTOS.icmp, vrf_id=0, + is_add=1) # in2out pkts = self.create_stream_in_ip6(self.pg0, self.pg1) @@ -7684,12 +8077,18 @@ class TestNAT64(MethodHolder): def test_session_timeout(self): """ NAT64 session timeout """ self.icmp_id_in = 1234 - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - self.vapi.nat_set_timeouts(icmp=5, tcp_transitory=5, tcp_established=5) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat_set_timeouts(udp=300, tcp_established=5, + tcp_transitory=5, + icmp=5) pkts = self.create_stream_in_ip6(self.pg0, self.pg1) self.pg0.add_stream(pkts) @@ -7711,11 +8110,15 @@ class TestNAT64(MethodHolder): self.udp_port_in = 6304 self.icmp_id_in = 6305 - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) # send some packets to create sessions pkts = self.create_stream_in_ip6(self.pg0, self.pg1) @@ -7811,22 +8214,28 @@ class TestNAT64(MethodHolder): ip = IPv6(src=''.join(['64:ff9b::', self.nat_addr])) nat_addr_ip6 = ip.src - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - - self.vapi.nat64_add_del_static_bib(server.ip6n, - self.nat_addr, - server_tcp_in_port, - server_tcp_out_port, - IP_PROTOS.tcp) - self.vapi.nat64_add_del_static_bib(server.ip6n, - self.nat_addr, - server_udp_in_port, - server_udp_out_port, - IP_PROTOS.udp) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + + self.vapi.nat64_add_del_static_bib(i_addr=server.ip6n, + o_addr=self.nat_addr, + i_port=server_tcp_in_port, + o_port=server_tcp_out_port, + proto=IP_PROTOS.tcp, vrf_id=0, + is_add=1) + self.vapi.nat64_add_del_static_bib(i_addr=server.ip6n, + o_addr=self.nat_addr, + i_port=server_udp_in_port, + o_port=server_udp_out_port, + proto=IP_PROTOS.udp, vrf_id=0, + is_add=1) # client to server pkts = [] @@ -7923,21 +8332,27 @@ class TestNAT64(MethodHolder): def test_prefix(self): """ NAT64 Network-Specific Prefix """ - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - self.vapi.nat64_add_del_pool_addr_range(self.vrf1_nat_addr, - self.vrf1_nat_addr, - vrf_id=self.vrf1_id) - self.vapi.nat64_add_del_interface(1, flags, self.pg2.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.vrf1_nat_addr, + end_addr=self.vrf1_nat_addr, + vrf_id=self.vrf1_id, is_add=1) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg2.sw_if_index) # Add global prefix global_pref64 = "2001:db8::" global_pref64_len = 32 global_pref64_str = "{}/{}".format(global_pref64, global_pref64_len) - self.vapi.nat64_add_del_prefix(global_pref64_str) + self.vapi.nat64_add_del_prefix(prefix=global_pref64_str, vrf_id=0, + is_add=1) prefix = self.vapi.nat64_prefix_dump() self.assertEqual(len(prefix), 1) @@ -7949,7 +8364,8 @@ class TestNAT64(MethodHolder): vrf1_pref64 = "2001:db8:122:300::" vrf1_pref64_len = 56 vrf1_pref64_str = "{}/{}".format(vrf1_pref64, vrf1_pref64_len) - self.vapi.nat64_add_del_prefix(vrf1_pref64_str, vrf_id=self.vrf1_id) + self.vapi.nat64_add_del_prefix(prefix=vrf1_pref64_str, + vrf_id=self.vrf1_id, is_add=1) prefix = self.vapi.nat64_prefix_dump() self.assertEqual(len(prefix), 2) @@ -8001,11 +8417,15 @@ class TestNAT64(MethodHolder): def test_unknown_proto(self): """ NAT64 translate packet with unknown protocol """ - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) remote_ip6 = self.compose_ip6(self.pg1.remote_ip4, '64:ff9b::', 96) # in2out @@ -8069,29 +8489,35 @@ class TestNAT64(MethodHolder): server_nat_ip6 = self.compose_ip6(server_nat_ip, '64:ff9b::', 96) client_nat_ip6 = self.compose_ip6(client_nat_ip, '64:ff9b::', 96) - self.vapi.nat64_add_del_pool_addr_range(server_nat_ip, - client_nat_ip) + self.vapi.nat64_add_del_pool_addr_range(start_addr=server_nat_ip, + end_addr=client_nat_ip, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - - self.vapi.nat64_add_del_static_bib(server.ip6n, - server_nat_ip, - server_tcp_in_port, - server_tcp_out_port, - IP_PROTOS.tcp) - - self.vapi.nat64_add_del_static_bib(server.ip6n, - server_nat_ip, - 0, - 0, - IP_PROTOS.gre) - - self.vapi.nat64_add_del_static_bib(client.ip6n, - client_nat_ip, - client_tcp_in_port, - client_tcp_out_port, - IP_PROTOS.tcp) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + + self.vapi.nat64_add_del_static_bib(i_addr=server.ip6n, + o_addr=server_nat_ip, + i_port=server_tcp_in_port, + o_port=server_tcp_out_port, + proto=IP_PROTOS.tcp, vrf_id=0, + is_add=1) + + self.vapi.nat64_add_del_static_bib(i_addr=server.ip6n, + o_addr=server_nat_ip, i_port=0, + o_port=0, + proto=IP_PROTOS.gre, vrf_id=0, + is_add=1) + + self.vapi.nat64_add_del_static_bib(i_addr=client.ip6n, + o_addr=client_nat_ip, + i_port=client_tcp_in_port, + o_port=client_tcp_out_port, + proto=IP_PROTOS.tcp, vrf_id=0, + is_add=1) # client to server p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / @@ -8146,11 +8572,15 @@ class TestNAT64(MethodHolder): '64:ff9b::', 96) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg3.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg3.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg3.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg3.sw_if_index) # in2out p = (Ether(src=self.pg3.remote_mac, dst=self.pg3.local_mac) / @@ -8199,11 +8629,15 @@ class TestNAT64(MethodHolder): """ NAT64 translate fragments arriving in order """ self.tcp_port_in = random.randint(1025, 65535) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) reass = self.vapi.nat_reass_dump() reass_n_start = len(reass) @@ -8256,18 +8690,23 @@ class TestNAT64(MethodHolder): ip = IPv6(src=''.join(['64:ff9b::', self.nat_addr])) nat_addr_ip6 = ip.src - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) # add static BIB entry for server - self.vapi.nat64_add_del_static_bib(server.ip6n, - self.nat_addr, - server_in_port, - server_out_port, - IP_PROTOS.tcp) + self.vapi.nat64_add_del_static_bib(i_addr=server.ip6n, + o_addr=self.nat_addr, + i_port=server_in_port, + o_port=server_out_port, + proto=IP_PROTOS.tcp, vrf_id=0, + is_add=1) # send packet from host to server pkts = self.create_stream_frag_ip6(self.pg0, @@ -8288,11 +8727,15 @@ class TestNAT64(MethodHolder): """ NAT64 translate fragments arriving out of order """ self.tcp_port_in = random.randint(1025, 65535) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) # in2out data = b'a' * 200 @@ -8331,7 +8774,9 @@ class TestNAT64(MethodHolder): def test_interface_addr(self): """ Acquire NAT64 pool addresses from interface """ - self.vapi.nat64_add_del_interface_addr(self.pg4.sw_if_index) + self.vapi.nat64_add_del_interface_addr( + is_add=1, + sw_if_index=self.pg4.sw_if_index) # no address in NAT64 pool addresses = self.vapi.nat44_address_dump() @@ -8359,11 +8804,15 @@ class TestNAT64(MethodHolder): '64:ff9b::', 96) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) pkts = [] src = "" @@ -8387,7 +8836,8 @@ class TestNAT64(MethodHolder): path_mtu=512, template_interval=10) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IPv6(src=src, dst=remote_host_ip6) / @@ -8442,18 +8892,24 @@ class TestNAT64(MethodHolder): def test_ipfix_max_frags(self): """ IPFIX logging maximum fragments pending reassembly exceeded """ - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - self.vapi.nat_set_reass(max_frag=1, is_ip6=1) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat_set_reass(timeout=2, max_reass=1024, max_frag=1, + drop_frag=0, is_ip6=1) self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n, src_address=self.pg3.local_ip4n, path_mtu=512, template_interval=10) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) data = b'a' * 200 pkts = self.create_stream_frag_ip6(self.pg0, self.pg1.remote_ip4, @@ -8492,17 +8948,22 @@ class TestNAT64(MethodHolder): '64:ff9b::', 96) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) self.vapi.set_ipfix_exporter(collector_address=self.pg3.remote_ip4n, src_address=self.pg3.local_ip4n, path_mtu=512, template_interval=10) self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, - src_port=self.ipfix_src_port) + src_port=self.ipfix_src_port, + enable=1) # Create p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / @@ -8544,8 +9005,9 @@ class TestNAT64(MethodHolder): # Delete self.pg_enable_capture(self.pg_interfaces) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr, + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, is_add=0) self.vapi.cli("ipfix flush") # FIXME this should be an API call capture = self.pg3.get_capture(2) @@ -8578,12 +9040,17 @@ class TestNAT64(MethodHolder): '64:ff9b::', 96) - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, + is_add=1) flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat64_add_del_interface(1, flags, self.pg0.sw_if_index) - self.vapi.nat64_add_del_interface(1, 0, self.pg1.sw_if_index) - self.vapi.syslog_set_filter(SYSLOG_SEVERITY.INFO) + self.vapi.nat64_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=1, flags=0, + sw_if_index=self.pg1.sw_if_index) + self.vapi.syslog_set_filter( + self.SYSLOG_SEVERITY.SYSLOG_API_SEVERITY_INFO) self.vapi.syslog_set_sender(self.pg3.local_ip4n, self.pg3.remote_ip4n) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / @@ -8599,8 +9066,9 @@ class TestNAT64(MethodHolder): self.pg_enable_capture(self.pg_interfaces) self.pg_start() - self.vapi.nat64_add_del_pool_addr_range(self.nat_addr, - self.nat_addr, + self.vapi.nat64_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + vrf_id=0xFFFFFFFF, is_add=0) capture = self.pg3.get_capture(1) self.verify_syslog_sess(capture[0][Raw].load, False, True) @@ -8609,52 +9077,52 @@ class TestNAT64(MethodHolder): """ Return number of active NAT64 sessions. """ - st = self.vapi.nat64_st_dump() + st = self.vapi.nat64_st_dump(proto=255) return len(st) def clear_nat64(self): """ Clear NAT64 configuration. """ - self.vapi.nat_ipfix_enable_disable(enable=0, + self.vapi.nat_ipfix_enable_disable(domain_id=self.ipfix_domain_id, src_port=self.ipfix_src_port, - domain_id=self.ipfix_domain_id) + enable=0) self.ipfix_src_port = 4739 self.ipfix_domain_id = 1 - self.vapi.syslog_set_filter(SYSLOG_SEVERITY.EMERG) + self.vapi.syslog_set_filter( + self.SYSLOG_SEVERITY.SYSLOG_API_SEVERITY_EMERG) - self.vapi.nat_set_timeouts() + self.vapi.nat_set_timeouts(udp=300, tcp_established=7440, + tcp_transitory=240, icmp=60) interfaces = self.vapi.nat64_interface_dump() for intf in interfaces: - self.vapi.nat64_add_del_interface(0, - intf.flags, - intf.sw_if_index) + self.vapi.nat64_add_del_interface(is_add=0, flags=intf.flags, + sw_if_index=intf.sw_if_index) - bib = self.vapi.nat64_bib_dump(255) + bib = self.vapi.nat64_bib_dump(proto=255) for bibe in bib: if bibe.flags & self.config_flags.NAT_IS_STATIC: - self.vapi.nat64_add_del_static_bib(bibe.i_addr, - bibe.o_addr, - bibe.i_port, - bibe.o_port, - bibe.proto, - bibe.vrf_id, + self.vapi.nat64_add_del_static_bib(i_addr=bibe.i_addr, + o_addr=bibe.o_addr, + i_port=bibe.i_port, + o_port=bibe.o_port, + proto=bibe.proto, + vrf_id=bibe.vrf_id, is_add=0) adresses = self.vapi.nat64_pool_addr_dump() for addr in adresses: - self.vapi.nat64_add_del_pool_addr_range(addr.address, - addr.address, + self.vapi.nat64_add_del_pool_addr_range(start_addr=addr.address, + end_addr=addr.address, vrf_id=addr.vrf_id, is_add=0) prefixes = self.vapi.nat64_prefix_dump() for prefix in prefixes: - self.vapi.nat64_add_del_prefix(str(prefix.prefix), - vrf_id=prefix.vrf_id, - is_add=0) + self.vapi.nat64_add_del_prefix(prefix=str(prefix.prefix), + vrf_id=prefix.vrf_id, is_add=0) bibs = self.statistics.get_counter('/nat64/total-bibs') self.assertEqual(bibs[0][0], 0) @@ -8733,11 +9201,12 @@ class TestDSlite(MethodHolder): nat_config = self.vapi.nat_show_config() self.assertEqual(0, nat_config.dslite_ce) - self.vapi.dslite_add_del_pool_addr_range(self.nat_addr, - self.nat_addr) + self.vapi.dslite_add_del_pool_addr_range(start_addr=self.nat_addr, + end_addr=self.nat_addr, + is_add=1) aftr_ip4 = '192.0.0.1' aftr_ip6 = '2001:db8:85a3::8a2e:370:1' - self.vapi.dslite_set_aftr_addr(aftr_ip6, aftr_ip4) + self.vapi.dslite_set_aftr_addr(ip4_addr=aftr_ip4, ip6_addr=aftr_ip6) self.vapi.syslog_set_sender(self.pg2.local_ip4n, self.pg2.remote_ip4n) # UDP @@ -8910,12 +9379,12 @@ class TestDSliteCE(MethodHolder): b4_ip4 = '192.0.0.2' b4_ip6 = '2001:db8:62aa::375e:f4c1:1' - self.vapi.dslite_set_b4_addr(b4_ip6, b4_ip4) + self.vapi.dslite_set_b4_addr(ip4_addr=b4_ip4, ip6_addr=b4_ip6) aftr_ip4 = '192.0.0.1' aftr_ip6 = '2001:db8:85a3::8a2e:370:1' aftr_ip6_n = socket.inet_pton(socket.AF_INET6, aftr_ip6) - self.vapi.dslite_set_aftr_addr(aftr_ip6, aftr_ip4) + self.vapi.dslite_set_aftr_addr(ip4_addr=aftr_ip4, ip6_addr=aftr_ip6) self.vapi.ip_add_del_route(dst_address=aftr_ip6_n, dst_address_length=128, @@ -9009,10 +9478,14 @@ class TestNAT66(MethodHolder): def test_static(self): """ 1:1 NAT66 test """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat66_add_del_interface(self.pg0.sw_if_index, flags=flags) - self.vapi.nat66_add_del_interface(self.pg1.sw_if_index) - self.vapi.nat66_add_del_static_mapping(self.pg0.remote_ip6n, - self.nat_addr) + self.vapi.nat66_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat66_add_del_interface(is_add=1, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat66_add_del_static_mapping( + local_ip_address=self.pg0.remote_ip6n, + external_ip_address=self.nat_addr, + is_add=1) # in2out pkts = [] @@ -9083,10 +9556,14 @@ class TestNAT66(MethodHolder): def test_check_no_translate(self): """ NAT66 translate only when egress interface is outside interface """ flags = self.config_flags.NAT_IS_INSIDE - self.vapi.nat66_add_del_interface(self.pg0.sw_if_index, flags=flags) - self.vapi.nat66_add_del_interface(self.pg1.sw_if_index, flags=flags) - self.vapi.nat66_add_del_static_mapping(self.pg0.remote_ip6n, - self.nat_addr) + self.vapi.nat66_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg0.sw_if_index) + self.vapi.nat66_add_del_interface(is_add=1, flags=flags, + sw_if_index=self.pg1.sw_if_index) + self.vapi.nat66_add_del_static_mapping( + local_ip_address=self.pg0.remote_ip6n, + external_ip_address=self.nat_addr, + is_add=1) # in2out p = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / @@ -9110,16 +9587,15 @@ class TestNAT66(MethodHolder): """ interfaces = self.vapi.nat66_interface_dump() for intf in interfaces: - self.vapi.nat66_add_del_interface(intf.sw_if_index, - is_add=0, - flags=intf.flags) + self.vapi.nat66_add_del_interface(is_add=0, flags=intf.flags, + sw_if_index=intf.sw_if_index) static_mappings = self.vapi.nat66_static_mapping_dump() for sm in static_mappings: - self.vapi.nat66_add_del_static_mapping(sm.local_ip_address, - sm.external_ip_address, - sm.vrf_id, - is_add=0) + self.vapi.nat66_add_del_static_mapping( + local_ip_address=sm.local_ip_address, + external_ip_address=sm.external_ip_address, vrf_id=sm.vrf_id, + is_add=0) def tearDown(self): super(TestNAT66, self).tearDown() @@ -9129,5 +9605,6 @@ class TestNAT66(MethodHolder): self.logger.info(self.vapi.cli("show nat66 interfaces")) self.logger.info(self.vapi.cli("show nat66 static mappings")) + if __name__ == '__main__': unittest.main(testRunner=VppTestRunner)