#include <vnet/ip/ip4.h>
#include <vnet/plugin/plugin.h>
#include <nat/nat.h>
+#include <nat/nat_dpo.h>
#include <nat/nat_ipfix_logging.h>
#include <nat/nat_det.h>
#include <nat/nat64.h>
/* Add external address to FIB */
pool_foreach (i, sm->interfaces,
({
- if (nat_interface_is_inside(i))
+ if (nat_interface_is_inside(i) || sm->out2in_dpo)
continue;
snat_add_del_addr_to_fib(addr, 32, i->sw_if_index, 1);
}));
pool_foreach (i, sm->output_feature_interfaces,
({
- if (nat_interface_is_inside(i))
+ if (nat_interface_is_inside(i) || sm->out2in_dpo)
continue;
snat_add_del_addr_to_fib(addr, 32, i->sw_if_index, 1);
/* Add/delete external address to FIB */
pool_foreach (interface, sm->interfaces,
({
- if (nat_interface_is_inside(interface))
+ if (nat_interface_is_inside(interface) || sm->out2in_dpo)
continue;
snat_add_del_addr_to_fib(&e_addr, 32, interface->sw_if_index, is_add);
}));
pool_foreach (interface, sm->output_feature_interfaces,
({
- if (nat_interface_is_inside(interface))
+ if (nat_interface_is_inside(interface) || sm->out2in_dpo)
continue;
snat_add_del_addr_to_fib(&e_addr, 32, interface->sw_if_index, is_add);
/* Delete external address from FIB */
pool_foreach (interface, sm->interfaces,
({
- if (nat_interface_is_inside(interface))
+ if (nat_interface_is_inside(interface) || sm->out2in_dpo)
continue;
snat_add_del_addr_to_fib(&addr, 32, interface->sw_if_index, 0);
}));
pool_foreach (interface, sm->output_feature_interfaces,
({
- if (nat_interface_is_inside(interface))
+ if (nat_interface_is_inside(interface) || sm->out2in_dpo)
continue;
snat_add_del_addr_to_fib(&addr, 32, interface->sw_if_index, 0);
snat_static_mapping_t * m;
snat_det_map_t * dm;
+ if (sm->out2in_dpo && !is_inside)
+ return VNET_API_ERROR_UNSUPPORTED;
+
if (sm->static_mapping_only && !(sm->static_mapping_connection_tracking))
feature_name = is_inside ? "nat44-in2out-fast" : "nat44-out2in-fast";
else
/* Add/delete external addresses to FIB */
fib:
- if (is_inside)
+ if (is_inside && !sm->out2in_dpo)
{
vnet_feature_enable_disable ("ip4-local", "nat44-hairpinning",
sw_if_index, !is_del, 0, 0);
vec_add1 (im->add_del_interface_address_callbacks, cb4);
+ nat_dpo_module_init ();
+
/* Init IPFIX logging */
snat_ipfix_logging_init(vm);
return 1;
}
+void
+nat44_add_del_address_dpo (ip4_address_t addr, u8 is_add)
+{
+ dpo_id_t dpo_v4 = DPO_INVALID;
+ fib_prefix_t pfx = {
+ .fp_proto = FIB_PROTOCOL_IP4,
+ .fp_len = 32,
+ .fp_addr.ip4.as_u32 = addr.as_u32,
+ };
+
+ if (is_add)
+ {
+ nat_dpo_create (DPO_PROTO_IP4, 0, &dpo_v4);
+ fib_table_entry_special_dpo_add (0, &pfx, FIB_SOURCE_PLUGIN_HI,
+ FIB_ENTRY_FLAG_EXCLUSIVE, &dpo_v4);
+ dpo_reset (&dpo_v4);
+ }
+ else
+ {
+ fib_table_entry_special_remove (0, &pfx, FIB_SOURCE_PLUGIN_HI);
+ }
+}
+
static clib_error_t *
add_address_command_fn (vlib_main_t * vm,
unformat_input_t * input,
break;
}
+ if (sm->out2in_dpo)
+ nat44_add_del_address_dpo (this_addr, is_add);
+
increment_v4_address (&this_addr);
}
snat_main_per_thread_data_t *tsm;
sm->deterministic = 0;
+ sm->out2in_dpo = 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
else if (unformat (input, "nat64 st hash memory %d",
&nat64_st_memory_size))
;
+ else if (unformat (input, "out2in dpo"))
+ sm->out2in_dpo = 1;
else
return clib_error_return (0, "unknown input '%U'",
format_unformat_error, input);
Code Review / vpp.git / blobdiff