2 * Copyright (c) 2017 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
20 #include <nat/nat64.h>
22 #include <nat/nat_inlines.h>
23 #include <vnet/fib/fib_table.h>
26 nat64_add_del_pool_addr_command_fn (vlib_main_t * vm,
27 unformat_input_t * input,
28 vlib_cli_command_t * cmd)
30 unformat_input_t _line_input, *line_input = &_line_input;
31 ip4_address_t start_addr, end_addr, this_addr;
32 u32 start_host_order, end_host_order;
36 clib_error_t *error = 0;
38 /* Get a line of input. */
39 if (!unformat_user (input, unformat_line_input, line_input))
42 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
44 if (unformat (line_input, "%U - %U",
45 unformat_ip4_address, &start_addr,
46 unformat_ip4_address, &end_addr))
48 else if (unformat (line_input, "tenant-vrf %u", &vrf_id))
50 else if (unformat (line_input, "%U", unformat_ip4_address, &start_addr))
51 end_addr = start_addr;
52 else if (unformat (line_input, "del"))
56 error = clib_error_return (0, "unknown input '%U'",
57 format_unformat_error, line_input);
62 start_host_order = clib_host_to_net_u32 (start_addr.as_u32);
63 end_host_order = clib_host_to_net_u32 (end_addr.as_u32);
65 if (end_host_order < start_host_order)
67 error = clib_error_return (0, "end address less than start address");
71 count = (end_host_order - start_host_order) + 1;
72 this_addr = start_addr;
74 for (i = 0; i < count; i++)
76 rv = nat64_add_del_pool_addr (&this_addr, vrf_id, is_add);
80 case VNET_API_ERROR_NO_SUCH_ENTRY:
82 clib_error_return (0, "NAT64 pool address %U not exist.",
83 format_ip4_address, &this_addr);
85 case VNET_API_ERROR_VALUE_EXIST:
87 clib_error_return (0, "NAT64 pool address %U exist.",
88 format_ip4_address, &this_addr);
94 increment_v4_address (&this_addr);
98 unformat_free (line_input);
104 nat64_cli_pool_walk (snat_address_t * ap, void *ctx)
106 vlib_main_t *vm = ctx;
108 if (ap->fib_index != ~0)
111 fib = fib_table_get (ap->fib_index, FIB_PROTOCOL_IP6);
114 vlib_cli_output (vm, " %U tenant VRF: %u", format_ip4_address,
115 &ap->addr, fib->ft_table_id);
118 vlib_cli_output (vm, " %U", format_ip4_address, &ap->addr);
120 #define _(N, i, n, s) \
121 vlib_cli_output (vm, " %d busy %s ports", ap->busy_##n##_ports, s);
122 foreach_snat_protocol
127 static clib_error_t *
128 nat64_show_pool_command_fn (vlib_main_t * vm,
129 unformat_input_t * input,
130 vlib_cli_command_t * cmd)
132 vlib_cli_output (vm, "NAT64 pool:");
133 nat64_pool_addr_walk (nat64_cli_pool_walk, vm);
138 static clib_error_t *
139 nat64_interface_feature_command_fn (vlib_main_t * vm,
141 input, vlib_cli_command_t * cmd)
143 unformat_input_t _line_input, *line_input = &_line_input;
144 vnet_main_t *vnm = vnet_get_main ();
145 clib_error_t *error = 0;
147 u32 *inside_sw_if_indices = 0;
148 u32 *outside_sw_if_indices = 0;
152 /* Get a line of input. */
153 if (!unformat_user (input, unformat_line_input, line_input))
156 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
158 if (unformat (line_input, "in %U", unformat_vnet_sw_interface,
160 vec_add1 (inside_sw_if_indices, sw_if_index);
161 else if (unformat (line_input, "out %U", unformat_vnet_sw_interface,
163 vec_add1 (outside_sw_if_indices, sw_if_index);
164 else if (unformat (line_input, "del"))
168 error = clib_error_return (0, "unknown input '%U'",
169 format_unformat_error, line_input);
174 if (vec_len (inside_sw_if_indices))
176 for (i = 0; i < vec_len (inside_sw_if_indices); i++)
178 sw_if_index = inside_sw_if_indices[i];
179 rv = nat64_add_del_interface (sw_if_index, 1, is_add);
182 case VNET_API_ERROR_NO_SUCH_ENTRY:
184 clib_error_return (0, "%U NAT64 feature not enabled.",
185 format_vnet_sw_if_index_name, vnm,
188 case VNET_API_ERROR_VALUE_EXIST:
190 clib_error_return (0, "%U NAT64 feature already enabled.",
191 format_vnet_sw_if_index_name, vnm,
194 case VNET_API_ERROR_INVALID_VALUE:
195 case VNET_API_ERROR_INVALID_VALUE_2:
197 clib_error_return (0,
198 "%U NAT64 feature enable/disable failed.",
199 format_vnet_sw_if_index_name, vnm,
209 if (vec_len (outside_sw_if_indices))
211 for (i = 0; i < vec_len (outside_sw_if_indices); i++)
213 sw_if_index = outside_sw_if_indices[i];
214 rv = nat64_add_del_interface (sw_if_index, 0, is_add);
217 case VNET_API_ERROR_NO_SUCH_ENTRY:
219 clib_error_return (0, "%U NAT64 feature not enabled.",
220 format_vnet_sw_if_index_name, vnm,
223 case VNET_API_ERROR_VALUE_EXIST:
225 clib_error_return (0, "%U NAT64 feature already enabled.",
226 format_vnet_sw_if_index_name, vnm,
229 case VNET_API_ERROR_INVALID_VALUE:
230 case VNET_API_ERROR_INVALID_VALUE_2:
232 clib_error_return (0,
233 "%U NAT64 feature enable/disable failed.",
234 format_vnet_sw_if_index_name, vnm,
245 unformat_free (line_input);
246 vec_free (inside_sw_if_indices);
247 vec_free (outside_sw_if_indices);
253 nat64_cli_interface_walk (snat_interface_t * i, void *ctx)
255 vlib_main_t *vm = ctx;
256 vnet_main_t *vnm = vnet_get_main ();
258 vlib_cli_output (vm, " %U %s", format_vnet_sw_if_index_name, vnm,
260 (nat_interface_is_inside (i)
261 && nat_interface_is_outside (i)) ? "in out" :
262 nat_interface_is_inside (i) ? "in" : "out");
266 static clib_error_t *
267 nat64_show_interfaces_command_fn (vlib_main_t * vm,
269 input, vlib_cli_command_t * cmd)
271 vlib_cli_output (vm, "NAT64 interfaces:");
272 nat64_interfaces_walk (nat64_cli_interface_walk, vm);
277 static clib_error_t *
278 nat64_add_del_static_bib_command_fn (vlib_main_t *
281 * input, vlib_cli_command_t * cmd)
283 unformat_input_t _line_input, *line_input = &_line_input;
284 clib_error_t *error = 0;
286 ip6_address_t in_addr;
287 ip4_address_t out_addr;
290 u32 vrf_id = 0, protocol;
291 snat_protocol_t proto = 0;
295 if (!unformat_user (input, unformat_line_input, line_input))
298 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
300 if (unformat (line_input, "%U %u", unformat_ip6_address,
303 else if (unformat (line_input, "%U %u", unformat_ip4_address,
304 &out_addr, &out_port))
306 else if (unformat (line_input, "vrf %u", &vrf_id))
308 else if (unformat (line_input, "%U", unformat_snat_protocol, &proto))
312 (line_input, "%U %U %u", unformat_ip6_address, &in_addr,
313 unformat_ip4_address, &out_addr, &protocol))
315 else if (unformat (line_input, "del"))
319 error = clib_error_return (0, "unknown input: '%U'",
320 format_unformat_error, line_input);
330 clib_error_return (0, "inside port and address must be set");
337 clib_error_return (0, "outside port and address must be set");
341 p = snat_proto_to_ip_proto (proto);
345 nat64_add_del_static_bib_entry (&in_addr, &out_addr, (u16) in_port,
346 (u16) out_port, p, vrf_id, is_add);
350 case VNET_API_ERROR_NO_SUCH_ENTRY:
351 error = clib_error_return (0, "NAT64 BIB entry not exist.");
353 case VNET_API_ERROR_VALUE_EXIST:
354 error = clib_error_return (0, "NAT64 BIB entry exist.");
356 case VNET_API_ERROR_UNSPECIFIED:
357 error = clib_error_return (0, "Crerate NAT64 BIB entry failed.");
359 case VNET_API_ERROR_INVALID_VALUE:
361 clib_error_return (0, "Outside addres %U and port %u already in use.",
362 format_ip4_address, &out_addr, out_port);
364 case VNET_API_ERROR_INVALID_VALUE_2:
365 error = clib_error_return (0, "Invalid outside port.");
371 unformat_free (line_input);
377 nat64_cli_bib_walk (nat64_db_bib_entry_t * bibe, void *ctx)
379 vlib_main_t *vm = ctx;
382 fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
388 case IP_PROTOCOL_ICMP:
389 case IP_PROTOCOL_TCP:
390 case IP_PROTOCOL_UDP:
391 vlib_cli_output (vm, " %U %u %U %u protocol %U vrf %u %s %u sessions",
392 format_ip6_address, &bibe->in_addr,
393 clib_net_to_host_u16 (bibe->in_port),
394 format_ip4_address, &bibe->out_addr,
395 clib_net_to_host_u16 (bibe->out_port),
396 format_snat_protocol,
397 ip_proto_to_snat_proto (bibe->proto), fib->ft_table_id,
398 bibe->is_static ? "static" : "dynamic", bibe->ses_num);
401 vlib_cli_output (vm, " %U %U protocol %u vrf %u %s %u sessions",
402 format_ip6_address, &bibe->in_addr,
403 format_ip4_address, &bibe->out_addr,
404 bibe->proto, fib->ft_table_id,
405 bibe->is_static ? "static" : "dynamic", bibe->ses_num);
410 static clib_error_t *
411 nat64_show_bib_command_fn (vlib_main_t * vm,
412 unformat_input_t * input, vlib_cli_command_t * cmd)
414 nat64_main_t *nm = &nat64_main;
415 unformat_input_t _line_input, *line_input = &_line_input;
416 clib_error_t *error = 0;
421 if (!unformat_user (input, unformat_line_input, line_input))
424 if (unformat (line_input, "%U", unformat_snat_protocol, &proto))
425 p = snat_proto_to_ip_proto (proto);
426 else if (unformat (line_input, "unknown"))
428 else if (unformat (line_input, "all"))
432 error = clib_error_return (0, "unknown input: '%U'",
433 format_unformat_error, line_input);
438 vlib_cli_output (vm, "NAT64 BIB entries:");
440 vlib_cli_output (vm, "NAT64 %U BIB entries:", format_snat_protocol,
444 vec_foreach (db, nm->db)
445 nat64_db_bib_walk (db, p, nat64_cli_bib_walk, vm);
449 unformat_free (line_input);
454 static clib_error_t *
455 nat64_set_timeouts_command_fn (vlib_main_t * vm, unformat_input_t * input,
456 vlib_cli_command_t * cmd)
458 unformat_input_t _line_input, *line_input = &_line_input;
459 clib_error_t *error = 0;
460 u32 timeout, tcp_trans, tcp_est, tcp_incoming_syn;
462 tcp_trans = nat64_get_tcp_trans_timeout ();
463 tcp_est = nat64_get_tcp_est_timeout ();
464 tcp_incoming_syn = nat64_get_tcp_incoming_syn_timeout ();
466 if (!unformat_user (input, unformat_line_input, line_input))
469 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
471 if (unformat (line_input, "udp %u", &timeout))
473 if (nat64_set_udp_timeout (timeout))
475 error = clib_error_return (0, "Invalid UDP timeout value");
479 else if (unformat (line_input, "icmp %u", &timeout))
481 if (nat64_set_icmp_timeout (timeout))
483 error = clib_error_return (0, "Invalid ICMP timeout value");
487 else if (unformat (line_input, "tcp-trans %u", &tcp_trans))
489 if (nat64_set_tcp_timeouts (tcp_trans, tcp_est, tcp_incoming_syn))
492 clib_error_return (0,
493 "Invalid TCP transitory timeouts value");
497 else if (unformat (line_input, "tcp-est %u", &tcp_est))
499 if (nat64_set_tcp_timeouts (tcp_trans, tcp_est, tcp_incoming_syn))
502 clib_error_return (0,
503 "Invalid TCP established timeouts value");
508 if (unformat (line_input, "tcp-incoming-syn %u", &tcp_incoming_syn))
510 if (nat64_set_tcp_timeouts (tcp_trans, tcp_est, tcp_incoming_syn))
513 clib_error_return (0,
514 "Invalid TCP incoming SYN timeouts value");
518 else if (unformat (line_input, "reset"))
520 nat64_set_udp_timeout (0);
521 nat64_set_icmp_timeout (0);
522 nat64_set_tcp_timeouts (0, 0, 0);
526 error = clib_error_return (0, "unknown input '%U'",
527 format_unformat_error, line_input);
533 unformat_free (line_input);
538 static clib_error_t *
539 nat64_show_timeouts_command_fn (vlib_main_t * vm, unformat_input_t * input,
540 vlib_cli_command_t * cmd)
542 vlib_cli_output (vm, "NAT64 session timeouts:");
543 vlib_cli_output (vm, " UDP %usec", nat64_get_udp_timeout ());
544 vlib_cli_output (vm, " ICMP %usec", nat64_get_icmp_timeout ());
545 vlib_cli_output (vm, " TCP transitory %usec",
546 nat64_get_tcp_trans_timeout ());
547 vlib_cli_output (vm, " TCP established %usec",
548 nat64_get_tcp_est_timeout ());
549 vlib_cli_output (vm, " TCP incoming SYN %usec",
550 nat64_get_tcp_incoming_syn_timeout ());
555 typedef struct nat64_cli_st_walk_ctx_t_
559 } nat64_cli_st_walk_ctx_t;
562 nat64_cli_st_walk (nat64_db_st_entry_t * ste, void *arg)
564 nat64_cli_st_walk_ctx_t *ctx = arg;
565 vlib_main_t *vm = ctx->vm;
566 nat64_db_bib_entry_t *bibe;
569 bibe = nat64_db_bib_entry_by_index (ctx->db, ste->proto, ste->bibe_index);
573 fib = fib_table_get (bibe->fib_index, FIB_PROTOCOL_IP6);
577 u32 vrf_id = fib->ft_table_id;
579 if (ste->proto == IP_PROTOCOL_ICMP)
580 vlib_cli_output (vm, " %U %U %u %U %U %u protocol %U vrf %u",
581 format_ip6_address, &bibe->in_addr,
582 format_ip6_address, &ste->in_r_addr,
583 clib_net_to_host_u16 (bibe->in_port),
584 format_ip4_address, &bibe->out_addr,
585 format_ip4_address, &ste->out_r_addr,
586 clib_net_to_host_u16 (bibe->out_port),
587 format_snat_protocol,
588 ip_proto_to_snat_proto (bibe->proto), vrf_id);
589 else if (ste->proto == IP_PROTOCOL_TCP || ste->proto == IP_PROTOCOL_UDP)
590 vlib_cli_output (vm, " %U %u %U %u %U %u %U %u protcol %U vrf %u",
591 format_ip6_address, &bibe->in_addr,
592 clib_net_to_host_u16 (bibe->in_port),
593 format_ip6_address, &ste->in_r_addr,
594 clib_net_to_host_u16 (ste->r_port),
595 format_ip4_address, &bibe->out_addr,
596 clib_net_to_host_u16 (bibe->out_port),
597 format_ip4_address, &ste->out_r_addr,
598 clib_net_to_host_u16 (ste->r_port),
599 format_snat_protocol,
600 ip_proto_to_snat_proto (bibe->proto), vrf_id);
602 vlib_cli_output (vm, " %U %U %U %U protocol %u vrf %u",
603 format_ip6_address, &bibe->in_addr,
604 format_ip6_address, &ste->in_r_addr,
605 format_ip4_address, &bibe->out_addr,
606 format_ip4_address, &ste->out_r_addr,
607 bibe->proto, vrf_id);
612 static clib_error_t *
613 nat64_show_st_command_fn (vlib_main_t * vm,
614 unformat_input_t * input, vlib_cli_command_t * cmd)
616 nat64_main_t *nm = &nat64_main;
617 unformat_input_t _line_input, *line_input = &_line_input;
618 clib_error_t *error = 0;
622 nat64_cli_st_walk_ctx_t ctx = {
626 if (!unformat_user (input, unformat_line_input, line_input))
629 if (unformat (line_input, "%U", unformat_snat_protocol, &proto))
630 p = snat_proto_to_ip_proto (proto);
631 else if (unformat (line_input, "unknown"))
633 else if (unformat (line_input, "all"))
637 error = clib_error_return (0, "unknown input: '%U'",
638 format_unformat_error, line_input);
643 vlib_cli_output (vm, "NAT64 sessions:");
645 vlib_cli_output (vm, "NAT64 %U sessions:", format_snat_protocol, proto);
647 vec_foreach (db, nm->db)
650 nat64_db_st_walk (db, p, nat64_cli_st_walk, &ctx);
655 unformat_free (line_input);
660 static clib_error_t *
661 nat64_add_del_prefix_command_fn (vlib_main_t * vm, unformat_input_t * input,
662 vlib_cli_command_t * cmd)
664 vnet_main_t *vnm = vnet_get_main ();
665 clib_error_t *error = 0;
666 unformat_input_t _line_input, *line_input = &_line_input;
668 u32 vrf_id = 0, sw_if_index = ~0;
669 ip6_address_t prefix;
673 if (!unformat_user (input, unformat_line_input, line_input))
676 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
679 (line_input, "%U/%u", unformat_ip6_address, &prefix, &plen))
681 else if (unformat (line_input, "tenant-vrf %u", &vrf_id))
683 else if (unformat (line_input, "del"))
687 (line_input, "interface %U", unformat_vnet_sw_interface, vnm,
692 error = clib_error_return (0, "unknown input: '%U'",
693 format_unformat_error, line_input);
700 error = clib_error_return (0, "NAT64 prefix must be set.");
704 rv = nat64_add_del_prefix (&prefix, (u8) plen, vrf_id, is_add);
708 case VNET_API_ERROR_NO_SUCH_ENTRY:
709 error = clib_error_return (0, "NAT64 prefix not exist.");
711 case VNET_API_ERROR_INVALID_VALUE:
712 error = clib_error_return (0, "Invalid prefix length.");
719 * Add RX interface route, whenNAT isn't running on the real input
722 if (sw_if_index != ~0)
725 fib_prefix_t fibpfx = {
727 .fp_proto = FIB_PROTOCOL_IP6,
735 fib_table_find_or_create_and_lock (FIB_PROTOCOL_IP6,
736 vrf_id, FIB_SOURCE_PLUGIN_HI);
737 fib_table_entry_update_one_path (fib_index, &fibpfx,
738 FIB_SOURCE_PLUGIN_HI,
742 NULL, FIB_ROUTE_PATH_INTF_RX);
746 fib_index = fib_table_find (FIB_PROTOCOL_IP6, vrf_id);
747 fib_table_entry_path_remove (fib_index, &fibpfx,
748 FIB_SOURCE_PLUGIN_HI,
751 FIB_ROUTE_PATH_INTF_RX);
752 fib_table_unlock (fib_index, FIB_PROTOCOL_IP6,
753 FIB_SOURCE_PLUGIN_HI);
758 unformat_free (line_input);
764 nat64_cli_prefix_walk (nat64_prefix_t * p, void *ctx)
766 vlib_main_t *vm = ctx;
768 vlib_cli_output (vm, " %U/%u tenant-vrf %u",
769 format_ip6_address, &p->prefix, p->plen, p->vrf_id);
774 static clib_error_t *
775 nat64_show_prefix_command_fn (vlib_main_t * vm,
776 unformat_input_t * input,
777 vlib_cli_command_t * cmd)
779 vlib_cli_output (vm, "NAT64 prefix:");
780 nat64_prefix_walk (nat64_cli_prefix_walk, vm);
785 static clib_error_t *
786 nat64_add_interface_address_command_fn (vlib_main_t * vm,
787 unformat_input_t * input,
788 vlib_cli_command_t * cmd)
790 vnet_main_t *vnm = vnet_get_main ();
791 unformat_input_t _line_input, *line_input = &_line_input;
795 clib_error_t *error = 0;
797 /* Get a line of input. */
798 if (!unformat_user (input, unformat_line_input, line_input))
801 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
804 (line_input, "%U", unformat_vnet_sw_interface, vnm, &sw_if_index));
805 else if (unformat (line_input, "del"))
809 error = clib_error_return (0, "unknown input '%U'",
810 format_unformat_error, line_input);
815 rv = nat64_add_interface_address (sw_if_index, is_add);
819 case VNET_API_ERROR_NO_SUCH_ENTRY:
820 error = clib_error_return (0, "entry not exist");
822 case VNET_API_ERROR_VALUE_EXIST:
823 error = clib_error_return (0, "entry exist");
830 unformat_free (line_input);
839 * @cliexstart{nat64 add pool address}
840 * Add/delete NAT64 pool address.
841 * To add single NAT64 pool address use:
842 * vpp# nat64 add pool address 10.1.1.10
843 * To add NAT64 pool address range use:
844 * vpp# nat64 add pool address 10.1.1.2 - 10.1.1.5
845 * To add NAT64 pool address for specific tenant use:
846 * vpp# nat64 add pool address 10.1.1.100 tenant-vrf 100
849 VLIB_CLI_COMMAND (nat64_add_pool_address_command, static) = {
850 .path = "nat64 add pool address",
851 .short_help = "nat64 add pool address <ip4-range-start> [- <ip4-range-end>] "
852 "[tenant-vrf <vrf-id>] [del]",
853 .function = nat64_add_del_pool_addr_command_fn,
858 * @cliexstart{show nat64 pool}
860 * vpp# show nat64 pool
862 * 10.1.1.3 tenant VRF: 0
863 * 10.1.1.10 tenant VRF: 10
866 VLIB_CLI_COMMAND (show_nat64_pool_command, static) = {
867 .path = "show nat64 pool",
868 .short_help = "show nat64 pool",
869 .function = nat64_show_pool_command_fn,
874 * @cliexstart{set interface nat64}
875 * Enable/disable NAT64 feature on the interface.
876 * To enable NAT64 feature with local (IPv6) network interface
877 * GigabitEthernet0/8/0 and external (IPv4) network interface
878 * GigabitEthernet0/a/0 use:
879 * vpp# set interface nat64 in GigabitEthernet0/8/0 out GigabitEthernet0/a/0
882 VLIB_CLI_COMMAND (set_interface_nat64_command, static) = {
883 .path = "set interface nat64",
884 .short_help = "set interface nat64 in|out <intfc> [del]",
885 .function = nat64_interface_feature_command_fn,
890 * @cliexstart{show nat64 interfaces}
891 * Show interfaces with NAT64 feature.
892 * To show interfaces with NAT64 feature use:
893 * vpp# show nat64 interfaces
895 * GigabitEthernet0/8/0 in
896 * GigabitEthernet0/a/0 out
899 VLIB_CLI_COMMAND (show_nat64_interfaces_command, static) = {
900 .path = "show nat64 interfaces",
901 .short_help = "show nat64 interfaces",
902 .function = nat64_show_interfaces_command_fn,
907 * @cliexstart{nat64 add static bib}
908 * Add/delete NAT64 static BIB entry.
909 * To create NAT64 satatic BIB entry use:
910 * vpp# nat64 add static bib 2001:db8:c000:221:: 1234 10.1.1.3 5678 tcp
911 * vpp# nat64 add static bib 2001:db8:c000:221:: 1234 10.1.1.3 5678 udp vrf 10
914 VLIB_CLI_COMMAND (nat64_add_del_static_bib_command, static) = {
915 .path = "nat64 add static bib",
916 .short_help = "nat64 add static bib <ip6-addr> <port> <ip4-addr> <port> "
917 "tcp|udp|icmp [vfr <table-id>] [del]",
918 .function = nat64_add_del_static_bib_command_fn,
923 * @cliexstart{show nat64 bib}
924 * Show NAT64 BIB entries.
925 * To show NAT64 TCP BIB entries use:
926 * vpp# show nat64 bib tcp
928 * fd01:1::2 6303 10.0.0.3 62303 tcp vrf 0 dynamic 1 sessions
929 * 2001:db8:c000:221:: 1234 10.1.1.3 5678 tcp vrf 0 static 2 sessions
930 * To show NAT64 UDP BIB entries use:
931 * vpp# show nat64 bib udp
933 * fd01:1::2 6304 10.0.0.3 10546 udp vrf 0 dynamic 10 sessions
934 * 2001:db8:c000:221:: 1234 10.1.1.3 5678 udp vrf 10 static 0 sessions
935 * To show NAT64 ICMP BIB entries use:
936 * vpp# show nat64 bib icmp
938 * fd01:1::2 6305 10.0.0.3 63209 icmp vrf 10 dynamic 1 sessions
941 VLIB_CLI_COMMAND (show_nat64_bib_command, static) = {
942 .path = "show nat64 bib",
943 .short_help = "show nat64 bib all|tcp|udp|icmp|unknown",
944 .function = nat64_show_bib_command_fn,
949 * @cliexstart{set nat64 timeouts}
950 * Set NAT64 session timeouts (in seconds).
951 * To set NAT64 session timeoutes use use:
952 * vpp# set nat64 timeouts udp 200 icmp 30 tcp-trans 250 tcp-est 7450
953 * To reset NAT64 session timeoutes to default values use:
954 * vpp# set nat64 timeouts reset
957 VLIB_CLI_COMMAND (set_nat64_timeouts_command, static) = {
958 .path = "set nat64 timeouts",
959 .short_help = "set nat64 timeouts udp <sec> icmp <sec> tcp-trans <sec> "
960 "tcp-est <sec> tcp-incoming-syn <sec> | reset",
961 .function = nat64_set_timeouts_command_fn,
966 * @cliexstart{show nat64 timeoutss}
967 * Show NAT64 session timeouts:
968 * vpp# show nat64 timeouts
969 * NAT64 session timeouts:
972 * TCP transitory 240sec
973 * TCP established 7440sec
974 * TCP incoming SYN 6sec
977 VLIB_CLI_COMMAND (show_nat64_timeouts_command, static) = {
978 .path = "show nat64 timeouts",
979 .short_help = "show nat64 timeouts",
980 .function = nat64_show_timeouts_command_fn,
985 * @cliexstart{show nat64 session table}
986 * Show NAT64 session table.
987 * To show NAT64 TCP session table use:
988 * vpp# show nat64 session table tcp
989 * NAT64 tcp session table:
990 * fd01:1::2 6303 64:ff9b::ac10:202 20 10.0.0.3 62303 172.16.2.2 20 tcp vrf 0
991 * fd01:3::2 6303 64:ff9b::ac10:202 20 10.0.10.3 21300 172.16.2.2 20 tcp vrf 10
992 * To show NAT64 UDP session table use:
993 * #vpp show nat64 session table udp
994 * NAT64 udp session table:
995 * fd01:1::2 6304 64:ff9b::ac10:202 20 10.0.0.3 10546 172.16.2.2 20 udp vrf 0
996 * fd01:3::2 6304 64:ff9b::ac10:202 20 10.0.10.3 58627 172.16.2.2 20 udp vrf 10
997 * fd01:1::2 1235 64:ff9b::a00:3 4023 10.0.0.3 24488 10.0.0.3 4023 udp vrf 0
998 * fd01:1::3 23 64:ff9b::a00:3 24488 10.0.0.3 4023 10.0.0.3 24488 udp vrf 0
999 * To show NAT64 ICMP session table use:
1000 * #vpp show nat64 session table icmp
1001 * NAT64 icmp session table:
1002 * fd01:1::2 64:ff9b::ac10:202 6305 10.0.0.3 172.16.2.2 63209 icmp vrf 0
1005 VLIB_CLI_COMMAND (show_nat64_st_command, static) = {
1006 .path = "show nat64 session table",
1007 .short_help = "show nat64 session table all|tcp|udp|icmp|unknown",
1008 .function = nat64_show_st_command_fn,
1013 * @cliexstart{nat64 add prefix}
1014 * Set NAT64 prefix for generating IPv6 representations of IPv4 addresses.
1015 * To set NAT64 global prefix use:
1016 * vpp# nat64 add prefix 2001:db8::/32
1017 * To set NAT64 prefix for specific tenant use:
1018 * vpp# nat64 add prefix 2001:db8:122:300::/56 tenant-vrf 10
1021 VLIB_CLI_COMMAND (nat64_add_del_prefix_command, static) = {
1022 .path = "nat64 add prefix",
1023 .short_help = "nat64 add prefix <ip6-prefix>/<plen> [tenant-vrf <vrf-id>] "
1024 "[del] [interface <interface]",
1025 .function = nat64_add_del_prefix_command_fn,
1030 * @cliexstart{show nat64 prefix}
1031 * Show NAT64 prefix.
1032 * To show NAT64 prefix use:
1033 * vpp# show nat64 prefix
1035 * 2001:db8::/32 tenant-vrf 0
1036 * 2001:db8:122:300::/56 tenant-vrf 10
1039 VLIB_CLI_COMMAND (show_nat64_prefix_command, static) = {
1040 .path = "show nat64 prefix",
1041 .short_help = "show nat64 prefix",
1042 .function = nat64_show_prefix_command_fn,
1047 * @cliexstart{nat64 add interface address}
1048 * Add/delete NAT64 pool address from specific (DHCP addressed) interface.
1049 * To add NAT64 pool address from specific interface use:
1050 * vpp# nat64 add interface address GigabitEthernet0/8/0
1053 VLIB_CLI_COMMAND (nat64_add_interface_address_command, static) = {
1054 .path = "nat64 add interface address",
1055 .short_help = "nat64 add interface address <interface> [del]",
1056 .function = nat64_add_interface_address_command_fn,
1061 * fd.io coding-style-patch-verification: ON
1064 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob