diff --git a/calico-vpp-agent/cni/cni_pod_test.go b/calico-vpp-agent/cni/cni_pod_test.go index 9a4517b03..dd9984eeb 100644 --- a/calico-vpp-agent/cni/cni_pod_test.go +++ b/calico-vpp-agent/cni/cni_pod_test.go @@ -60,6 +60,8 @@ var _ = Describe("Pod-related functionality of CNI", func() { BeforeEach(func() { log = logrus.New() + nodeIP4String := net.ParseIP("6.6.6.6") + nodeIP6String := net.ParseIP("2001:db8::68") testutils.StartVPP() vpp, _ = testutils.ConfigureVPP(log) // setup connectivity server (functionality target of tests) @@ -71,6 +73,7 @@ var _ = Describe("Pod-related functionality of CNI", func() { cniServer = cni.NewCNIServer(vpp, ipamStub, log.WithFields(logrus.Fields{"component": "cni"})) cniServer.SetFelixConfig(&felixconfig.Config{}) cniServer.FetchBufferConfig() + vpp.CnatSetSnatAddresses(nodeIP4String, nodeIP6String) }) Describe("Addition of the pod", func() { diff --git a/calico-vpp-agent/cni/podinterface/common.go b/calico-vpp-agent/cni/podinterface/common.go index 5e3656d7f..82791a627 100644 --- a/calico-vpp-agent/cni/podinterface/common.go +++ b/calico-vpp-agent/cni/podinterface/common.go @@ -107,7 +107,7 @@ func (i *PodInterfaceDriverData) DoPodIfNatConfiguration(podSpec *model.LocalPod stack.Push(i.vpp.RemovePodInterface, swIfIndex) } - err = i.vpp.CnatEnableFeatures(swIfIndex) + err = i.vpp.CnatEnableFeatures(swIfIndex, true) if err != nil { return errors.Wrapf(err, "error configuring nat on pod interface") } @@ -131,6 +131,10 @@ func (i *PodInterfaceDriverData) DoPodInterfaceConfiguration(podSpec *model.Loca } } + err = i.vpp.EnableCnatSNATOnInterfaceVRF(swIfIndex) + if err != nil { + return errors.Wrapf(err, "error configuring cnat snat on pod VRF") + } if !*ifSpec.IsL3 { /* L2 */ err = i.vpp.SetPromiscOn(swIfIndex) diff --git a/calico-vpp-agent/connectivity/connectivity_server.go b/calico-vpp-agent/connectivity/connectivity_server.go index 8b6e2ec33..98ed1813d 100644 --- a/calico-vpp-agent/connectivity/connectivity_server.go +++ b/calico-vpp-agent/connectivity/connectivity_server.go @@ -137,6 +137,21 @@ func (s *ConnectivityServer) updateAllIPConnectivity() { } } +func (s *ConnectivityServer) configureRemoteNodeSnat(node *common.LocalNodeSpec, isAdd bool) { + if node.IPv4Address != nil { + err := s.vpp.CnatAddDelSnatPrefix(common.ToMaxLenCIDR(node.IPv4Address.IP), isAdd) + if err != nil { + s.log.Errorf("error configuring snat prefix for current node (%v): %v", node.IPv4Address.IP, err) + } + } + if node.IPv6Address != nil { + err := s.vpp.CnatAddDelSnatPrefix(common.ToMaxLenCIDR(node.IPv6Address.IP), isAdd) + if err != nil { + s.log.Errorf("error configuring snat prefix for current node (%v): %v", node.IPv6Address.IP, err) + } + } +} + func (s *ConnectivityServer) ServeConnectivity(t *tomb.Tomb) error { /** * There might be leftover state in VPP in case we restarted @@ -214,6 +229,7 @@ func (s *ConnectivityServer) ServeConnectivity(t *tomb.Tomb) error { delete(s.nodeByAddr, old.IPv6Address.IP.String()) } } + s.configureRemoteNodeSnat(old, false /* isAdd */) } if evt.New != nil { new, ok := evt.New.(*common.LocalNodeSpec) @@ -227,6 +243,7 @@ func (s *ConnectivityServer) ServeConnectivity(t *tomb.Tomb) error { s.nodeByAddr[new.IPv6Address.IP.String()] = *new } } + s.configureRemoteNodeSnat(new, true /* isAdd */) } case common.FelixConfChanged: old, ok := evt.Old.(*felixConfig.Config) diff --git a/calico-vpp-agent/connectivity/ipip.go b/calico-vpp-agent/connectivity/ipip.go index 8fd270471..84a6a5f31 100644 --- a/calico-vpp-agent/connectivity/ipip.go +++ b/calico-vpp-agent/connectivity/ipip.go @@ -127,7 +127,7 @@ func (p *IpipProvider) AddConnectivity(cn *common.NodeConnectivity) error { return errors.Wrapf(err, "Error enabling gso for ipip interface") } - err = p.vpp.CnatEnableFeatures(swIfIndex) + err = p.vpp.CnatEnableFeatures(swIfIndex, true) if err != nil { p.errorCleanup(tunnel) return errors.Wrapf(err, "Error enabling nat for ipip interface") diff --git a/calico-vpp-agent/connectivity/ipsec.go b/calico-vpp-agent/connectivity/ipsec.go index c6e4ffc81..3bd128f08 100644 --- a/calico-vpp-agent/connectivity/ipsec.go +++ b/calico-vpp-agent/connectivity/ipsec.go @@ -197,7 +197,7 @@ func (p *IpsecProvider) createIPSECTunnel(tunnel *IpsecTunnel, psk string, stack return errors.Wrapf(err, "Error enabling gso for ipip interface") } - err = p.vpp.CnatEnableFeatures(swIfIndex) + err = p.vpp.CnatEnableFeatures(swIfIndex, true) if err != nil { return errors.Wrapf(err, "Error enabling nat for ipip interface") } diff --git a/calico-vpp-agent/connectivity/vxlan.go b/calico-vpp-agent/connectivity/vxlan.go index c4a0ce032..ab18bd340 100644 --- a/calico-vpp-agent/connectivity/vxlan.go +++ b/calico-vpp-agent/connectivity/vxlan.go @@ -177,7 +177,7 @@ func (p *VXLanProvider) AddConnectivity(cn *common.NodeConnectivity) error { return errors.Wrapf(err, "Error enabling gso for vxlan interface") } - err = p.vpp.CnatEnableFeatures(swIfIndex) + err = p.vpp.CnatEnableFeatures(swIfIndex, true) if err != nil { // TODO : delete tunnel return errors.Wrapf(err, "Error enabling nat for vxlan interface") diff --git a/calico-vpp-agent/connectivity/wireguard.go b/calico-vpp-agent/connectivity/wireguard.go index 859143487..92c2696cf 100644 --- a/calico-vpp-agent/connectivity/wireguard.go +++ b/calico-vpp-agent/connectivity/wireguard.go @@ -217,7 +217,7 @@ func (p *WireguardProvider) createWireguardTunnels() error { return errors.Wrapf(err, "Error enabling gso for wireguard interface") } - err = p.vpp.CnatEnableFeatures(swIfIndex) + err = p.vpp.CnatEnableFeatures(swIfIndex, true) if err != nil { p.errorCleanup(tunnel) return errors.Wrapf(err, "Error enabling nat for wireguard interface") diff --git a/calico-vpp-agent/felix/felix_server.go b/calico-vpp-agent/felix/felix_server.go index c55cbf87c..06ea3246d 100644 --- a/calico-vpp-agent/felix/felix_server.go +++ b/calico-vpp-agent/felix/felix_server.go @@ -1218,21 +1218,17 @@ func (s *Server) handleWireguardEndpointRemove(msg *proto.WireguardEndpointRemov } func (s *Server) onNodeUpdated(old *common.LocalNodeSpec, node *common.LocalNodeSpec) (err error) { - // This is used by the routing server to process Wireguard key updates - // As a result we only send an event when a node is updated, not when it is added or deleted - common.SendEvent(common.CalicoVppEvent{ - Type: common.PeerNodeStateChanged, - Old: old, - New: node, - }) change := common.GetIPNetChangeType(old.IPv4Address, node.IPv4Address) | common.GetIPNetChangeType(old.IPv6Address, node.IPv6Address) if change&(common.ChangeDeleted|common.ChangeUpdated) != 0 && node.Name == *config.NodeName { // restart if our BGP config changed return NodeWatcherRestartError{} } if change != common.ChangeSame { - s.configureRemoteNodeSnat(old, false /* isAdd */) - s.configureRemoteNodeSnat(node, true /* isAdd */) + common.SendEvent(common.CalicoVppEvent{ + Type: common.PeerNodeStateChanged, + Old: old, + New: node, + }) } return nil @@ -1245,12 +1241,21 @@ func (s *Server) onNodeAdded(node *common.LocalNodeSpec) (err error) { /* We found a BGP Spec that seems valid enough */ s.GotOurNodeBGPchan <- node } + ip4 := net.IP{} + ip6 := net.IP{} if node.IPv4Address != nil { s.ip4 = &node.IPv4Address.IP + ip4 = node.IPv4Address.IP } if node.IPv6Address != nil { s.ip6 = &node.IPv6Address.IP + ip6 = node.IPv6Address.IP + } + err = s.vpp.CnatSetSnatAddresses(ip4, ip6) + if err != nil { + s.log.Errorf("Failed to configure SNAT addresses %v", err) } + err = s.createAllowFromHostPolicy() if err != nil { return errors.Wrap(err, "Error in creating AllowFromHostPolicy") @@ -1265,26 +1270,10 @@ func (s *Server) onNodeAdded(node *common.LocalNodeSpec) (err error) { Type: common.PeerNodeStateChanged, New: node, }) - s.configureRemoteNodeSnat(node, true /* isAdd */) return nil } -func (s *Server) configureRemoteNodeSnat(node *common.LocalNodeSpec, isAdd bool) { - if node.IPv4Address != nil { - err := s.vpp.CnatAddDelSnatPrefix(common.ToMaxLenCIDR(node.IPv4Address.IP), isAdd) - if err != nil { - s.log.Errorf("error configuring snat prefix for current node (%v): %v", node.IPv4Address.IP, err) - } - } - if node.IPv6Address != nil { - err := s.vpp.CnatAddDelSnatPrefix(common.ToMaxLenCIDR(node.IPv6Address.IP), isAdd) - if err != nil { - s.log.Errorf("error configuring snat prefix for current node (%v): %v", node.IPv6Address.IP, err) - } - } -} - func (s *Server) onNodeDeleted(old *common.LocalNodeSpec, node *common.LocalNodeSpec) error { common.SendEvent(common.CalicoVppEvent{ Type: common.PeerNodeStateChanged, @@ -1295,7 +1284,6 @@ func (s *Server) onNodeDeleted(old *common.LocalNodeSpec, node *common.LocalNode return NodeWatcherRestartError{} } - s.configureRemoteNodeSnat(old, false /* isAdd */) return nil } @@ -1318,8 +1306,8 @@ func (s *Server) handleIpamPoolUpdate(msg *proto.IPAMPoolUpdate, pending bool) ( if newIpamPool.GetCidr() != oldIpamPool.GetCidr() || newIpamPool.GetMasquerade() != oldIpamPool.GetMasquerade() { var err, err2 error - err = s.addDelSnatPrefix(oldIpamPool, false /* isAdd */) - err2 = s.addDelSnatPrefix(newIpamPool, true /* isAdd */) + err = s.addDelSnatPrefixForIPPool(oldIpamPool, false /* isAdd */) + err2 = s.addDelSnatPrefixForIPPool(newIpamPool, true /* isAdd */) if err != nil || err2 != nil { return errors.Errorf("error updating snat prefix del:%s, add:%s", err, err2) } @@ -1333,7 +1321,7 @@ func (s *Server) handleIpamPoolUpdate(msg *proto.IPAMPoolUpdate, pending bool) ( s.log.Infof("Adding pool: %s, nat:%t", msg.GetId(), newIpamPool.GetMasquerade()) s.ippoolmap[msg.GetId()] = newIpamPool s.log.Debugf("Pool %v Added, handler called", msg) - err = s.addDelSnatPrefix(newIpamPool, true /* isAdd */) + err = s.addDelSnatPrefixForIPPool(newIpamPool, true /* isAdd */) if err != nil { return errors.Wrap(err, "error handling ipam add") } @@ -1359,7 +1347,7 @@ func (s *Server) handleIpamPoolRemove(msg *proto.IPAMPoolRemove, pending bool) ( delete(s.ippoolmap, msg.GetId()) s.log.Infof("Deleting pool: %s", msg.GetId()) s.log.Debugf("Pool %s deleted, handler called", oldIpamPool.Cidr) - err = s.addDelSnatPrefix(oldIpamPool, false /* isAdd */) + err = s.addDelSnatPrefixForIPPool(oldIpamPool, false /* isAdd */) if err != nil { return errors.Wrap(err, "error handling ipam deletion") } @@ -1404,12 +1392,12 @@ func ipamPoolEquals(a *proto.IPAMPool, b *proto.IPAMPool) bool { return true } -// addDelSnatPrefix configures IP Pool prefixes so that we don't source-NAT the packets going +// addDelSnatPrefixForIPPool configures IP Pool prefixes so that we don't source-NAT the packets going // to these addresses. All the IP Pools prefixes are configured that way so that pod <-> pod // communications are never source-nated in the cluster // Note(aloaugus) - I think the iptables dataplane behaves differently and uses the k8s level // pod CIDR for this rather than the individual pool prefixes -func (s *Server) addDelSnatPrefix(pool *proto.IPAMPool, isAdd bool) (err error) { +func (s *Server) addDelSnatPrefixForIPPool(pool *proto.IPAMPool, isAdd bool) (err error) { _, ipNet, err := net.ParseCIDR(pool.GetCidr()) if err != nil { return errors.Wrapf(err, "Couldn't parse pool CIDR %s", pool.Cidr) diff --git a/calico-vpp-agent/services/service_server.go b/calico-vpp-agent/services/service_server.go index 41adcb6b6..739677876 100644 --- a/calico-vpp-agent/services/service_server.go +++ b/calico-vpp-agent/services/service_server.go @@ -346,10 +346,6 @@ func objectID(meta *metav1.ObjectMeta) string { } func (s *Server) configureSnat() (err error) { - err = s.vpp.CnatSetSnatAddresses(s.getNodeIP(false /* isv6 */), s.getNodeIP(true /* isv6 */)) - if err != nil { - s.log.Errorf("Failed to configure SNAT addresses %v", err) - } nodeIP4, nodeIP6 := common.GetBGPSpecAddresses(s.nodeBGPSpec) if nodeIP6 != nil { err = s.vpp.CnatAddSnatPrefix(common.FullyQualified(*nodeIP6)) @@ -369,6 +365,23 @@ func (s *Server) configureSnat() (err error) { s.log.Errorf("Failed to Add Service CIDR %s %v", serviceCIDR, err) } } + err = s.vpp.SetK8sSnatPolicy() + if err != nil { + return errors.Wrap(err, "Error configuring cnat source policy") + } + for _, uplink := range common.VppManagerInfo.UplinkStatuses { + // register vpptap0 + err = s.vpp.RegisterPodInterface(uplink.TapSwIfIndex) + if err != nil { + return errors.Wrap(err, "error configuring vpptap0 as pod intf") + } + + err = s.vpp.RegisterHostInterface(uplink.TapSwIfIndex) + if err != nil { + return errors.Wrap(err, "error configuring vpptap0 as host intf") + } + } + return nil } @@ -515,11 +528,6 @@ func (s *Server) ServeService(t *tomb.Tomb) error { }) } - err = s.vpp.CnatPurge() - if err != nil { - return err - } - if *config.GetCalicoVppDebug().ServicesEnabled { s.t.Go(func() error { s.serviceInformer.Run(t.Dying()); return nil }) s.t.Go(func() error { s.endpointslicesInformer.Run(t.Dying()); return nil }) diff --git a/vpp-manager/vpp_runner.go b/vpp-manager/vpp_runner.go index d9fd9f90e..fb5e437e5 100644 --- a/vpp-manager/vpp_runner.go +++ b/vpp-manager/vpp_runner.go @@ -460,7 +460,7 @@ func (v *VppRunner) configureVppUplinkInterface( return errors.Wrap(err, "Error disabling ipv6 RA on uplink interface") } - err = v.vpp.CnatEnableFeatures(ifSpec.SwIfIndex) + err = v.vpp.CnatEnableFeatures(ifSpec.SwIfIndex, true) if err != nil { return errors.Wrap(err, "Error configuring NAT on uplink interface") } @@ -606,21 +606,11 @@ func (v *VppRunner) configureVppUplinkInterface( log.Errorf("Error SetInterfaceRxMode on vpptap0 %v", err) } - err = v.vpp.CnatEnableFeatures(tapSwIfIndex) + err = v.vpp.CnatEnableFeatures(tapSwIfIndex, true) if err != nil { return errors.Wrap(err, "Error configuring NAT on vpptap0") } - err = v.vpp.RegisterPodInterface(tapSwIfIndex) - if err != nil { - return errors.Wrap(err, "error configuring vpptap0 as pod intf") - } - - err = v.vpp.RegisterHostInterface(tapSwIfIndex) - if err != nil { - return errors.Wrap(err, "error configuring vpptap0 as host intf") - } - // Linux side tap setup link, err := netlink.LinkByName(ifSpec.InterfaceName) if err != nil { @@ -659,11 +649,6 @@ func (v *VppRunner) doVppGlobalConfiguration() (err error) { return errors.Wrap(err, "Error creating static VRFs in VPP") } - err = v.vpp.SetK8sSnatPolicy() - if err != nil { - return errors.Wrap(err, "Error configuring cnat source policy") - } - err = v.vpp.ConfigureNeighborsV4(&types.NeighborConfig{ MaxNumber: *config.GetCalicoVppInitialConfig().IP4NeighborsMaxNumber, MaxAge: *config.GetCalicoVppInitialConfig().IP4NeighborsMaxAge, diff --git a/vpplink/cnat.go b/vpplink/cnat.go index 1551cff8b..f5131ebb7 100644 --- a/vpplink/cnat.go +++ b/vpplink/cnat.go @@ -64,7 +64,7 @@ func (v *VppLink) CnatTranslateAdd(tr *types.CnatTranslateEntry) (uint32, error) IPProto: types.ToVppIPProto(tr.Proto), Paths: paths, IsRealIP: BoolToU8(tr.IsRealIP), - Flags: uint8(cnat.CNAT_TRANSLATION_ALLOC_PORT), + Flags: uint8(cnat.CNAT_TRANSLATION_ALLOC_PORT | cnat.CNAT_TRANSLATION_NO_CLIENT), LbType: cnat.CnatLbType(tr.LbType), FlowHashConfig: ip.IPFlowHashConfigV2(tr.HashConfig), }, @@ -97,6 +97,7 @@ func (v *VppLink) CnatSetSnatAddresses(v4, v6 net.IP) error { SnatIP4: types.ToVppIP4Address(v4), SnatIP6: types.ToVppIP6Address(v6), SwIfIndex: types.InvalidInterface, + Flags: cnat.CNAT_TRANSLATION_NO_CLIENT, }) if err != nil { return fmt.Errorf("setting SNAT addresses failed: %w", err) @@ -125,14 +126,16 @@ func (v *VppLink) CnatDelSnatPrefix(prefix *net.IPNet) error { return v.CnatAddDelSnatPrefix(prefix, false) } -func (v *VppLink) CnatEnableFeatures(swIfIndex uint32) (err error) { - err = v.EnableFeatureArc46(swIfIndex, FeatureArcCnatInput) - if err != nil { - return fmt.Errorf("enabling arc dnat input failed: %w", err) +func (v *VppLink) CnatEnableFeatures(swIfIndex uint32, isEnable bool) error { + client := cnat.NewServiceClient(v.GetConnection()) + + request := &cnat.FeatureCnatEnableDisable{ + SwIfIndex: interface_types.InterfaceIndex(swIfIndex), + EnableDisable: isEnable, } - err = v.EnableFeatureArc46(swIfIndex, FeatureArcCnatOutput) + _, err := client.FeatureCnatEnableDisable(v.GetContext(), request) if err != nil { - return fmt.Errorf("enabling arc dnat output failed: %w", err) + return fmt.Errorf("FeatureEnableDisable %+v failed: %w", request, err) } return nil } @@ -189,7 +192,7 @@ func (v *VppLink) disableCnatSNAT(swIfIndex uint32, isIP6 bool) (err error) { return v.cnatSnatPolicyAddDelPodInterface(swIfIndex, false /* isAdd */, cnat.CNAT_POLICY_INCLUDE_V4) } -func (v *VppLink) cnatSetSnatPolicy(pol cnat.CnatSnatPolicies) error { +func (v *VppLink) cnatSetSnatPolicyForDefaultVRF(pol cnat.CnatSnatPolicies) error { client := cnat.NewServiceClient(v.GetConnection()) _, err := client.CnatSetSnatPolicy(v.GetContext(), &cnat.CnatSetSnatPolicy{ @@ -202,9 +205,22 @@ func (v *VppLink) cnatSetSnatPolicy(pol cnat.CnatSnatPolicies) error { } func (v *VppLink) SetK8sSnatPolicy() (err error) { - return v.cnatSetSnatPolicy(cnat.CNAT_POLICY_K8S) + return v.cnatSetSnatPolicyForDefaultVRF(cnat.CNAT_POLICY_K8S) } func (v *VppLink) ClearSnatPolicy() (err error) { - return v.cnatSetSnatPolicy(cnat.CNAT_POLICY_NONE) + return v.cnatSetSnatPolicyForDefaultVRF(cnat.CNAT_POLICY_NONE) +} + +func (v *VppLink) EnableCnatSNATOnInterfaceVRF(swifindex uint32) (err error) { + client := cnat.NewServiceClient(v.GetConnection()) + + _, err = client.ApplyDefaultCnatSnat(v.GetContext(), &cnat.ApplyDefaultCnatSnat{ + SwIfIndex: interface_types.InterfaceIndex(swifindex), + }) + if err != nil { + return fmt.Errorf("ApplyDefaultCnatSnat for interface %d failed: %w", swifindex, err) + } + return nil + } diff --git a/vpplink/generated/bindings/cnat/cnat.ba.go b/vpplink/generated/bindings/cnat/cnat.ba.go index 8b9adc889..d2dae16e8 100644 --- a/vpplink/generated/bindings/cnat/cnat.ba.go +++ b/vpplink/generated/bindings/cnat/cnat.ba.go @@ -4,8 +4,8 @@ // // Contents: // - 5 enums -// - 4 structs -// - 20 messages +// - 5 structs +// - 26 messages package cnat import ( @@ -30,22 +30,22 @@ const _ = api.GoVppAPIPackageIsVersion2 const ( APIFile = "cnat" APIVersion = "0.3.0" - VersionCrc = 0xce7be3ad + VersionCrc = 0x575ccfbb ) // CnatEndpointTupleFlags defines enum 'cnat_endpoint_tuple_flags'. type CnatEndpointTupleFlags uint8 const ( - CNAT_EPT_NO_NAT CnatEndpointTupleFlags = 1 + CNAT_EPT_NO_NAT CnatEndpointTupleFlags = 2 ) var ( CnatEndpointTupleFlags_name = map[uint8]string{ - 1: "CNAT_EPT_NO_NAT", + 2: "CNAT_EPT_NO_NAT", } CnatEndpointTupleFlags_value = map[string]uint8{ - "CNAT_EPT_NO_NAT": 1, + "CNAT_EPT_NO_NAT": 2, } ) @@ -172,16 +172,19 @@ type CnatTranslationFlags uint8 const ( CNAT_TRANSLATION_ALLOC_PORT CnatTranslationFlags = 1 CNAT_TRANSLATION_NO_RETURN_SESSION CnatTranslationFlags = 4 + CNAT_TRANSLATION_NO_CLIENT CnatTranslationFlags = 8 ) var ( CnatTranslationFlags_name = map[uint8]string{ 1: "CNAT_TRANSLATION_ALLOC_PORT", 4: "CNAT_TRANSLATION_NO_RETURN_SESSION", + 8: "CNAT_TRANSLATION_NO_CLIENT", } CnatTranslationFlags_value = map[string]uint8{ "CNAT_TRANSLATION_ALLOC_PORT": 1, "CNAT_TRANSLATION_NO_RETURN_SESSION": 4, + "CNAT_TRANSLATION_NO_CLIENT": 8, } ) @@ -212,6 +215,13 @@ func (x CnatTranslationFlags) String() string { return s } +// Cnat5tuple defines type 'cnat_5tuple'. +type Cnat5tuple struct { + Addr [2]ip_types.Address `binapi:"address[2],name=addr" json:"addr,omitempty"` + Port []uint16 `binapi:"u16[2],name=port" json:"port,omitempty"` + IPProto ip_types.IPProto `binapi:"ip_proto,name=ip_proto" json:"ip_proto,omitempty"` +} + // CnatEndpoint defines type 'cnat_endpoint'. type CnatEndpoint struct { Addr ip_types.Address `binapi:"address,name=addr" json:"addr,omitempty"` @@ -229,12 +239,9 @@ type CnatEndpointTuple struct { // CnatSession defines type 'cnat_session'. type CnatSession struct { - Src CnatEndpoint `binapi:"cnat_endpoint,name=src" json:"src,omitempty"` - Dst CnatEndpoint `binapi:"cnat_endpoint,name=dst" json:"dst,omitempty"` - New CnatEndpoint `binapi:"cnat_endpoint,name=new" json:"new,omitempty"` - IPProto ip_types.IPProto `binapi:"ip_proto,name=ip_proto" json:"ip_proto,omitempty"` - Location uint8 `binapi:"u8,name=location" json:"location,omitempty"` - Timestamp float64 `binapi:"f64,name=timestamp" json:"timestamp,omitempty"` + Tuple Cnat5tuple `binapi:"cnat_5tuple,name=tuple" json:"tuple,omitempty"` + TsIndex uint32 `binapi:"u32,name=ts_index" json:"ts_index,omitempty"` + Flags uint32 `binapi:"u32,name=flags" json:"flags,omitempty"` } // CnatTranslation defines type 'cnat_translation'. @@ -250,6 +257,75 @@ type CnatTranslation struct { Paths []CnatEndpointTuple `binapi:"cnat_endpoint_tuple[n_paths],name=paths" json:"paths,omitempty"` } +// Duplicate the cnat snat policy of the default vrf into another vrf +// - table_id_ip4 - +// +// ApplyDefaultCnatSnat defines message 'apply_default_cnat_snat'. +type ApplyDefaultCnatSnat struct { + SwIfIndex interface_types.InterfaceIndex `binapi:"interface_index,name=sw_if_index" json:"sw_if_index,omitempty"` +} + +func (m *ApplyDefaultCnatSnat) Reset() { *m = ApplyDefaultCnatSnat{} } +func (*ApplyDefaultCnatSnat) GetMessageName() string { return "apply_default_cnat_snat" } +func (*ApplyDefaultCnatSnat) GetCrcString() string { return "f9e6675e" } +func (*ApplyDefaultCnatSnat) GetMessageType() api.MessageType { + return api.RequestMessage +} + +func (m *ApplyDefaultCnatSnat) Size() (size int) { + if m == nil { + return 0 + } + size += 4 // m.SwIfIndex + return size +} +func (m *ApplyDefaultCnatSnat) Marshal(b []byte) ([]byte, error) { + if b == nil { + b = make([]byte, m.Size()) + } + buf := codec.NewBuffer(b) + buf.EncodeUint32(uint32(m.SwIfIndex)) + return buf.Bytes(), nil +} +func (m *ApplyDefaultCnatSnat) Unmarshal(b []byte) error { + buf := codec.NewBuffer(b) + m.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) + return nil +} + +// ApplyDefaultCnatSnatReply defines message 'apply_default_cnat_snat_reply'. +type ApplyDefaultCnatSnatReply struct { + Retval int32 `binapi:"i32,name=retval" json:"retval,omitempty"` +} + +func (m *ApplyDefaultCnatSnatReply) Reset() { *m = ApplyDefaultCnatSnatReply{} } +func (*ApplyDefaultCnatSnatReply) GetMessageName() string { return "apply_default_cnat_snat_reply" } +func (*ApplyDefaultCnatSnatReply) GetCrcString() string { return "e8d4e804" } +func (*ApplyDefaultCnatSnatReply) GetMessageType() api.MessageType { + return api.ReplyMessage +} + +func (m *ApplyDefaultCnatSnatReply) Size() (size int) { + if m == nil { + return 0 + } + size += 4 // m.Retval + return size +} +func (m *ApplyDefaultCnatSnatReply) Marshal(b []byte) ([]byte, error) { + if b == nil { + b = make([]byte, m.Size()) + } + buf := codec.NewBuffer(b) + buf.EncodeInt32(m.Retval) + return buf.Bytes(), nil +} +func (m *ApplyDefaultCnatSnatReply) Unmarshal(b []byte) error { + buf := codec.NewBuffer(b) + m.Retval = buf.DecodeInt32() + return nil +} + // CnatGetSnatAddresses defines message 'cnat_get_snat_addresses'. type CnatGetSnatAddresses struct{} @@ -333,7 +409,7 @@ type CnatSessionDetails struct { func (m *CnatSessionDetails) Reset() { *m = CnatSessionDetails{} } func (*CnatSessionDetails) GetMessageName() string { return "cnat_session_details" } -func (*CnatSessionDetails) GetCrcString() string { return "7e5017c7" } +func (*CnatSessionDetails) GetCrcString() string { return "7a78bf3f" } func (*CnatSessionDetails) GetMessageType() api.MessageType { return api.ReplyMessage } @@ -342,24 +418,14 @@ func (m *CnatSessionDetails) Size() (size int) { if m == nil { return 0 } - size += 1 // m.Session.Src.Addr.Af - size += 1 * 16 // m.Session.Src.Addr.Un - size += 4 // m.Session.Src.SwIfIndex - size += 1 // m.Session.Src.IfAf - size += 2 // m.Session.Src.Port - size += 1 // m.Session.Dst.Addr.Af - size += 1 * 16 // m.Session.Dst.Addr.Un - size += 4 // m.Session.Dst.SwIfIndex - size += 1 // m.Session.Dst.IfAf - size += 2 // m.Session.Dst.Port - size += 1 // m.Session.New.Addr.Af - size += 1 * 16 // m.Session.New.Addr.Un - size += 4 // m.Session.New.SwIfIndex - size += 1 // m.Session.New.IfAf - size += 2 // m.Session.New.Port - size += 1 // m.Session.IPProto - size += 1 // m.Session.Location - size += 8 // m.Session.Timestamp + for j3 := 0; j3 < 2; j3++ { + size += 1 // m.Session.Tuple.Addr[j3].Af + size += 1 * 16 // m.Session.Tuple.Addr[j3].Un + } + size += 2 * 2 // m.Session.Tuple.Port + size += 1 // m.Session.Tuple.IPProto + size += 4 // m.Session.TsIndex + size += 4 // m.Session.Flags return size } func (m *CnatSessionDetails) Marshal(b []byte) ([]byte, error) { @@ -367,46 +433,35 @@ func (m *CnatSessionDetails) Marshal(b []byte) ([]byte, error) { b = make([]byte, m.Size()) } buf := codec.NewBuffer(b) - buf.EncodeUint8(uint8(m.Session.Src.Addr.Af)) - buf.EncodeBytes(m.Session.Src.Addr.Un.XXX_UnionData[:], 16) - buf.EncodeUint32(uint32(m.Session.Src.SwIfIndex)) - buf.EncodeUint8(uint8(m.Session.Src.IfAf)) - buf.EncodeUint16(m.Session.Src.Port) - buf.EncodeUint8(uint8(m.Session.Dst.Addr.Af)) - buf.EncodeBytes(m.Session.Dst.Addr.Un.XXX_UnionData[:], 16) - buf.EncodeUint32(uint32(m.Session.Dst.SwIfIndex)) - buf.EncodeUint8(uint8(m.Session.Dst.IfAf)) - buf.EncodeUint16(m.Session.Dst.Port) - buf.EncodeUint8(uint8(m.Session.New.Addr.Af)) - buf.EncodeBytes(m.Session.New.Addr.Un.XXX_UnionData[:], 16) - buf.EncodeUint32(uint32(m.Session.New.SwIfIndex)) - buf.EncodeUint8(uint8(m.Session.New.IfAf)) - buf.EncodeUint16(m.Session.New.Port) - buf.EncodeUint8(uint8(m.Session.IPProto)) - buf.EncodeUint8(m.Session.Location) - buf.EncodeFloat64(m.Session.Timestamp) + for j2 := 0; j2 < 2; j2++ { + buf.EncodeUint8(uint8(m.Session.Tuple.Addr[j2].Af)) + buf.EncodeBytes(m.Session.Tuple.Addr[j2].Un.XXX_UnionData[:], 16) + } + for i := 0; i < 2; i++ { + var x uint16 + if i < len(m.Session.Tuple.Port) { + x = uint16(m.Session.Tuple.Port[i]) + } + buf.EncodeUint16(x) + } + buf.EncodeUint8(uint8(m.Session.Tuple.IPProto)) + buf.EncodeUint32(m.Session.TsIndex) + buf.EncodeUint32(m.Session.Flags) return buf.Bytes(), nil } func (m *CnatSessionDetails) Unmarshal(b []byte) error { buf := codec.NewBuffer(b) - m.Session.Src.Addr.Af = ip_types.AddressFamily(buf.DecodeUint8()) - copy(m.Session.Src.Addr.Un.XXX_UnionData[:], buf.DecodeBytes(16)) - m.Session.Src.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) - m.Session.Src.IfAf = ip_types.AddressFamily(buf.DecodeUint8()) - m.Session.Src.Port = buf.DecodeUint16() - m.Session.Dst.Addr.Af = ip_types.AddressFamily(buf.DecodeUint8()) - copy(m.Session.Dst.Addr.Un.XXX_UnionData[:], buf.DecodeBytes(16)) - m.Session.Dst.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) - m.Session.Dst.IfAf = ip_types.AddressFamily(buf.DecodeUint8()) - m.Session.Dst.Port = buf.DecodeUint16() - m.Session.New.Addr.Af = ip_types.AddressFamily(buf.DecodeUint8()) - copy(m.Session.New.Addr.Un.XXX_UnionData[:], buf.DecodeBytes(16)) - m.Session.New.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) - m.Session.New.IfAf = ip_types.AddressFamily(buf.DecodeUint8()) - m.Session.New.Port = buf.DecodeUint16() - m.Session.IPProto = ip_types.IPProto(buf.DecodeUint8()) - m.Session.Location = buf.DecodeUint8() - m.Session.Timestamp = buf.DecodeFloat64() + for j2 := 0; j2 < 2; j2++ { + m.Session.Tuple.Addr[j2].Af = ip_types.AddressFamily(buf.DecodeUint8()) + copy(m.Session.Tuple.Addr[j2].Un.XXX_UnionData[:], buf.DecodeBytes(16)) + } + m.Session.Tuple.Port = make([]uint16, 2) + for i := 0; i < len(m.Session.Tuple.Port); i++ { + m.Session.Tuple.Port[i] = buf.DecodeUint16() + } + m.Session.Tuple.IPProto = ip_types.IPProto(buf.DecodeUint8()) + m.Session.TsIndex = buf.DecodeUint32() + m.Session.Flags = buf.DecodeUint32() return nil } @@ -502,11 +557,12 @@ type CnatSetSnatAddresses struct { SnatIP4 ip_types.IP4Address `binapi:"ip4_address,name=snat_ip4" json:"snat_ip4,omitempty"` SnatIP6 ip_types.IP6Address `binapi:"ip6_address,name=snat_ip6" json:"snat_ip6,omitempty"` SwIfIndex interface_types.InterfaceIndex `binapi:"interface_index,name=sw_if_index" json:"sw_if_index,omitempty"` + Flags CnatTranslationFlags `binapi:"cnat_translation_flags,name=flags" json:"flags,omitempty"` } func (m *CnatSetSnatAddresses) Reset() { *m = CnatSetSnatAddresses{} } func (*CnatSetSnatAddresses) GetMessageName() string { return "cnat_set_snat_addresses" } -func (*CnatSetSnatAddresses) GetCrcString() string { return "d997e96c" } +func (*CnatSetSnatAddresses) GetCrcString() string { return "e9472ed4" } func (*CnatSetSnatAddresses) GetMessageType() api.MessageType { return api.RequestMessage } @@ -518,6 +574,7 @@ func (m *CnatSetSnatAddresses) Size() (size int) { size += 1 * 4 // m.SnatIP4 size += 1 * 16 // m.SnatIP6 size += 4 // m.SwIfIndex + size += 1 // m.Flags return size } func (m *CnatSetSnatAddresses) Marshal(b []byte) ([]byte, error) { @@ -528,6 +585,7 @@ func (m *CnatSetSnatAddresses) Marshal(b []byte) ([]byte, error) { buf.EncodeBytes(m.SnatIP4[:], 4) buf.EncodeBytes(m.SnatIP6[:], 16) buf.EncodeUint32(uint32(m.SwIfIndex)) + buf.EncodeUint8(uint8(m.Flags)) return buf.Bytes(), nil } func (m *CnatSetSnatAddresses) Unmarshal(b []byte) error { @@ -535,6 +593,7 @@ func (m *CnatSetSnatAddresses) Unmarshal(b []byte) error { copy(m.SnatIP4[:], buf.DecodeBytes(4)) copy(m.SnatIP6[:], buf.DecodeBytes(16)) m.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) + m.Flags = CnatTranslationFlags(buf.DecodeUint8()) return nil } @@ -638,6 +697,94 @@ func (m *CnatSetSnatPolicyReply) Unmarshal(b []byte) error { return nil } +// CnatSnatAddressesDetails defines message 'cnat_snat_addresses_details'. +type CnatSnatAddressesDetails struct { + Retval int32 `binapi:"i32,name=retval" json:"retval,omitempty"` + FwdTableID4 uint32 `binapi:"u32,name=fwd_table_id4" json:"fwd_table_id4,omitempty"` + FwdTableID6 uint32 `binapi:"u32,name=fwd_table_id6" json:"fwd_table_id6,omitempty"` + RetTableID4 uint32 `binapi:"u32,name=ret_table_id4" json:"ret_table_id4,omitempty"` + RetTableID6 uint32 `binapi:"u32,name=ret_table_id6" json:"ret_table_id6,omitempty"` + SnatIP4 ip_types.IP4Address `binapi:"ip4_address,name=snat_ip4" json:"snat_ip4,omitempty"` + SnatIP6 ip_types.IP6Address `binapi:"ip6_address,name=snat_ip6" json:"snat_ip6,omitempty"` + SwIfIndex interface_types.InterfaceIndex `binapi:"interface_index,name=sw_if_index" json:"sw_if_index,omitempty"` +} + +func (m *CnatSnatAddressesDetails) Reset() { *m = CnatSnatAddressesDetails{} } +func (*CnatSnatAddressesDetails) GetMessageName() string { return "cnat_snat_addresses_details" } +func (*CnatSnatAddressesDetails) GetCrcString() string { return "09ae6b38" } +func (*CnatSnatAddressesDetails) GetMessageType() api.MessageType { + return api.ReplyMessage +} + +func (m *CnatSnatAddressesDetails) Size() (size int) { + if m == nil { + return 0 + } + size += 4 // m.Retval + size += 4 // m.FwdTableID4 + size += 4 // m.FwdTableID6 + size += 4 // m.RetTableID4 + size += 4 // m.RetTableID6 + size += 1 * 4 // m.SnatIP4 + size += 1 * 16 // m.SnatIP6 + size += 4 // m.SwIfIndex + return size +} +func (m *CnatSnatAddressesDetails) Marshal(b []byte) ([]byte, error) { + if b == nil { + b = make([]byte, m.Size()) + } + buf := codec.NewBuffer(b) + buf.EncodeInt32(m.Retval) + buf.EncodeUint32(m.FwdTableID4) + buf.EncodeUint32(m.FwdTableID6) + buf.EncodeUint32(m.RetTableID4) + buf.EncodeUint32(m.RetTableID6) + buf.EncodeBytes(m.SnatIP4[:], 4) + buf.EncodeBytes(m.SnatIP6[:], 16) + buf.EncodeUint32(uint32(m.SwIfIndex)) + return buf.Bytes(), nil +} +func (m *CnatSnatAddressesDetails) Unmarshal(b []byte) error { + buf := codec.NewBuffer(b) + m.Retval = buf.DecodeInt32() + m.FwdTableID4 = buf.DecodeUint32() + m.FwdTableID6 = buf.DecodeUint32() + m.RetTableID4 = buf.DecodeUint32() + m.RetTableID6 = buf.DecodeUint32() + copy(m.SnatIP4[:], buf.DecodeBytes(4)) + copy(m.SnatIP6[:], buf.DecodeBytes(16)) + m.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) + return nil +} + +// CnatSnatAddressesDump defines message 'cnat_snat_addresses_dump'. +type CnatSnatAddressesDump struct{} + +func (m *CnatSnatAddressesDump) Reset() { *m = CnatSnatAddressesDump{} } +func (*CnatSnatAddressesDump) GetMessageName() string { return "cnat_snat_addresses_dump" } +func (*CnatSnatAddressesDump) GetCrcString() string { return "51077d14" } +func (*CnatSnatAddressesDump) GetMessageType() api.MessageType { + return api.RequestMessage +} + +func (m *CnatSnatAddressesDump) Size() (size int) { + if m == nil { + return 0 + } + return size +} +func (m *CnatSnatAddressesDump) Marshal(b []byte) ([]byte, error) { + if b == nil { + b = make([]byte, m.Size()) + } + buf := codec.NewBuffer(b) + return buf.Bytes(), nil +} +func (m *CnatSnatAddressesDump) Unmarshal(b []byte) error { + return nil +} + // CnatSnatPolicyAddDelExcludePfx defines message 'cnat_snat_policy_add_del_exclude_pfx'. type CnatSnatPolicyAddDelExcludePfx struct { IsAdd uint8 `binapi:"u8,name=is_add" json:"is_add,omitempty"` @@ -1158,18 +1305,98 @@ func (m *CnatTranslationUpdateReply) Unmarshal(b []byte) error { return nil } +// Enable or disable interface feature cnat arc +// - sw_if_index - The interface to enable/disable cnat feature arc. +// - enable_disable - set to 1 to enable, 0 to disable cnat feature arc +// +// FeatureCnatEnableDisable defines message 'feature_cnat_enable_disable'. +type FeatureCnatEnableDisable struct { + SwIfIndex interface_types.InterfaceIndex `binapi:"interface_index,name=sw_if_index" json:"sw_if_index,omitempty"` + EnableDisable bool `binapi:"bool,name=enable_disable" json:"enable_disable,omitempty"` +} + +func (m *FeatureCnatEnableDisable) Reset() { *m = FeatureCnatEnableDisable{} } +func (*FeatureCnatEnableDisable) GetMessageName() string { return "feature_cnat_enable_disable" } +func (*FeatureCnatEnableDisable) GetCrcString() string { return "5501adee" } +func (*FeatureCnatEnableDisable) GetMessageType() api.MessageType { + return api.RequestMessage +} + +func (m *FeatureCnatEnableDisable) Size() (size int) { + if m == nil { + return 0 + } + size += 4 // m.SwIfIndex + size += 1 // m.EnableDisable + return size +} +func (m *FeatureCnatEnableDisable) Marshal(b []byte) ([]byte, error) { + if b == nil { + b = make([]byte, m.Size()) + } + buf := codec.NewBuffer(b) + buf.EncodeUint32(uint32(m.SwIfIndex)) + buf.EncodeBool(m.EnableDisable) + return buf.Bytes(), nil +} +func (m *FeatureCnatEnableDisable) Unmarshal(b []byte) error { + buf := codec.NewBuffer(b) + m.SwIfIndex = interface_types.InterfaceIndex(buf.DecodeUint32()) + m.EnableDisable = buf.DecodeBool() + return nil +} + +// FeatureCnatEnableDisableReply defines message 'feature_cnat_enable_disable_reply'. +type FeatureCnatEnableDisableReply struct { + Retval int32 `binapi:"i32,name=retval" json:"retval,omitempty"` +} + +func (m *FeatureCnatEnableDisableReply) Reset() { *m = FeatureCnatEnableDisableReply{} } +func (*FeatureCnatEnableDisableReply) GetMessageName() string { + return "feature_cnat_enable_disable_reply" +} +func (*FeatureCnatEnableDisableReply) GetCrcString() string { return "e8d4e804" } +func (*FeatureCnatEnableDisableReply) GetMessageType() api.MessageType { + return api.ReplyMessage +} + +func (m *FeatureCnatEnableDisableReply) Size() (size int) { + if m == nil { + return 0 + } + size += 4 // m.Retval + return size +} +func (m *FeatureCnatEnableDisableReply) Marshal(b []byte) ([]byte, error) { + if b == nil { + b = make([]byte, m.Size()) + } + buf := codec.NewBuffer(b) + buf.EncodeInt32(m.Retval) + return buf.Bytes(), nil +} +func (m *FeatureCnatEnableDisableReply) Unmarshal(b []byte) error { + buf := codec.NewBuffer(b) + m.Retval = buf.DecodeInt32() + return nil +} + func init() { file_cnat_binapi_init() } func file_cnat_binapi_init() { + api.RegisterMessage((*ApplyDefaultCnatSnat)(nil), "apply_default_cnat_snat_f9e6675e") + api.RegisterMessage((*ApplyDefaultCnatSnatReply)(nil), "apply_default_cnat_snat_reply_e8d4e804") api.RegisterMessage((*CnatGetSnatAddresses)(nil), "cnat_get_snat_addresses_51077d14") api.RegisterMessage((*CnatGetSnatAddressesReply)(nil), "cnat_get_snat_addresses_reply_879513c1") - api.RegisterMessage((*CnatSessionDetails)(nil), "cnat_session_details_7e5017c7") + api.RegisterMessage((*CnatSessionDetails)(nil), "cnat_session_details_7a78bf3f") api.RegisterMessage((*CnatSessionDump)(nil), "cnat_session_dump_51077d14") api.RegisterMessage((*CnatSessionPurge)(nil), "cnat_session_purge_51077d14") api.RegisterMessage((*CnatSessionPurgeReply)(nil), "cnat_session_purge_reply_e8d4e804") - api.RegisterMessage((*CnatSetSnatAddresses)(nil), "cnat_set_snat_addresses_d997e96c") + api.RegisterMessage((*CnatSetSnatAddresses)(nil), "cnat_set_snat_addresses_e9472ed4") api.RegisterMessage((*CnatSetSnatAddressesReply)(nil), "cnat_set_snat_addresses_reply_e8d4e804") api.RegisterMessage((*CnatSetSnatPolicy)(nil), "cnat_set_snat_policy_d3e6eaf4") api.RegisterMessage((*CnatSetSnatPolicyReply)(nil), "cnat_set_snat_policy_reply_e8d4e804") + api.RegisterMessage((*CnatSnatAddressesDetails)(nil), "cnat_snat_addresses_details_09ae6b38") + api.RegisterMessage((*CnatSnatAddressesDump)(nil), "cnat_snat_addresses_dump_51077d14") api.RegisterMessage((*CnatSnatPolicyAddDelExcludePfx)(nil), "cnat_snat_policy_add_del_exclude_pfx_e26dd79a") api.RegisterMessage((*CnatSnatPolicyAddDelExcludePfxReply)(nil), "cnat_snat_policy_add_del_exclude_pfx_reply_e8d4e804") api.RegisterMessage((*CnatSnatPolicyAddDelIf)(nil), "cnat_snat_policy_add_del_if_4ebb8d02") @@ -1180,11 +1407,15 @@ func file_cnat_binapi_init() { api.RegisterMessage((*CnatTranslationDump)(nil), "cnat_translation_dump_51077d14") api.RegisterMessage((*CnatTranslationUpdate)(nil), "cnat_translation_update_f8d40bc5") api.RegisterMessage((*CnatTranslationUpdateReply)(nil), "cnat_translation_update_reply_e2fc8294") + api.RegisterMessage((*FeatureCnatEnableDisable)(nil), "feature_cnat_enable_disable_5501adee") + api.RegisterMessage((*FeatureCnatEnableDisableReply)(nil), "feature_cnat_enable_disable_reply_e8d4e804") } // Messages returns list of all messages in this module. func AllMessages() []api.Message { return []api.Message{ + (*ApplyDefaultCnatSnat)(nil), + (*ApplyDefaultCnatSnatReply)(nil), (*CnatGetSnatAddresses)(nil), (*CnatGetSnatAddressesReply)(nil), (*CnatSessionDetails)(nil), @@ -1195,6 +1426,8 @@ func AllMessages() []api.Message { (*CnatSetSnatAddressesReply)(nil), (*CnatSetSnatPolicy)(nil), (*CnatSetSnatPolicyReply)(nil), + (*CnatSnatAddressesDetails)(nil), + (*CnatSnatAddressesDump)(nil), (*CnatSnatPolicyAddDelExcludePfx)(nil), (*CnatSnatPolicyAddDelExcludePfxReply)(nil), (*CnatSnatPolicyAddDelIf)(nil), @@ -1205,5 +1438,7 @@ func AllMessages() []api.Message { (*CnatTranslationDump)(nil), (*CnatTranslationUpdate)(nil), (*CnatTranslationUpdateReply)(nil), + (*FeatureCnatEnableDisable)(nil), + (*FeatureCnatEnableDisableReply)(nil), } } diff --git a/vpplink/generated/bindings/cnat/cnat_rpc.ba.go b/vpplink/generated/bindings/cnat/cnat_rpc.ba.go index 034995b2a..2c671785d 100644 --- a/vpplink/generated/bindings/cnat/cnat_rpc.ba.go +++ b/vpplink/generated/bindings/cnat/cnat_rpc.ba.go @@ -13,16 +13,19 @@ import ( // RPCService defines RPC service cnat. type RPCService interface { + ApplyDefaultCnatSnat(ctx context.Context, in *ApplyDefaultCnatSnat) (*ApplyDefaultCnatSnatReply, error) CnatGetSnatAddresses(ctx context.Context, in *CnatGetSnatAddresses) (*CnatGetSnatAddressesReply, error) CnatSessionDump(ctx context.Context, in *CnatSessionDump) (RPCService_CnatSessionDumpClient, error) CnatSessionPurge(ctx context.Context, in *CnatSessionPurge) (*CnatSessionPurgeReply, error) CnatSetSnatAddresses(ctx context.Context, in *CnatSetSnatAddresses) (*CnatSetSnatAddressesReply, error) CnatSetSnatPolicy(ctx context.Context, in *CnatSetSnatPolicy) (*CnatSetSnatPolicyReply, error) + CnatSnatAddressesDump(ctx context.Context, in *CnatSnatAddressesDump) (RPCService_CnatSnatAddressesDumpClient, error) CnatSnatPolicyAddDelExcludePfx(ctx context.Context, in *CnatSnatPolicyAddDelExcludePfx) (*CnatSnatPolicyAddDelExcludePfxReply, error) CnatSnatPolicyAddDelIf(ctx context.Context, in *CnatSnatPolicyAddDelIf) (*CnatSnatPolicyAddDelIfReply, error) CnatTranslationDel(ctx context.Context, in *CnatTranslationDel) (*CnatTranslationDelReply, error) CnatTranslationDump(ctx context.Context, in *CnatTranslationDump) (RPCService_CnatTranslationDumpClient, error) CnatTranslationUpdate(ctx context.Context, in *CnatTranslationUpdate) (*CnatTranslationUpdateReply, error) + FeatureCnatEnableDisable(ctx context.Context, in *FeatureCnatEnableDisable) (*FeatureCnatEnableDisableReply, error) } type serviceClient struct { @@ -33,6 +36,15 @@ func NewServiceClient(conn api.Connection) RPCService { return &serviceClient{conn} } +func (c *serviceClient) ApplyDefaultCnatSnat(ctx context.Context, in *ApplyDefaultCnatSnat) (*ApplyDefaultCnatSnatReply, error) { + out := new(ApplyDefaultCnatSnatReply) + err := c.conn.Invoke(ctx, in, out) + if err != nil { + return nil, err + } + return out, api.RetvalToVPPApiError(out.Retval) +} + func (c *serviceClient) CnatGetSnatAddresses(ctx context.Context, in *CnatGetSnatAddresses) (*CnatGetSnatAddressesReply, error) { out := new(CnatGetSnatAddressesReply) err := c.conn.Invoke(ctx, in, out) @@ -112,6 +124,49 @@ func (c *serviceClient) CnatSetSnatPolicy(ctx context.Context, in *CnatSetSnatPo return out, api.RetvalToVPPApiError(out.Retval) } +func (c *serviceClient) CnatSnatAddressesDump(ctx context.Context, in *CnatSnatAddressesDump) (RPCService_CnatSnatAddressesDumpClient, error) { + stream, err := c.conn.NewStream(ctx) + if err != nil { + return nil, err + } + x := &serviceClient_CnatSnatAddressesDumpClient{stream} + if err := x.Stream.SendMsg(in); err != nil { + return nil, err + } + if err = x.Stream.SendMsg(&memclnt.ControlPing{}); err != nil { + return nil, err + } + return x, nil +} + +type RPCService_CnatSnatAddressesDumpClient interface { + Recv() (*CnatSnatAddressesDetails, error) + api.Stream +} + +type serviceClient_CnatSnatAddressesDumpClient struct { + api.Stream +} + +func (c *serviceClient_CnatSnatAddressesDumpClient) Recv() (*CnatSnatAddressesDetails, error) { + msg, err := c.Stream.RecvMsg() + if err != nil { + return nil, err + } + switch m := msg.(type) { + case *CnatSnatAddressesDetails: + return m, nil + case *memclnt.ControlPingReply: + err = c.Stream.Close() + if err != nil { + return nil, err + } + return nil, io.EOF + default: + return nil, fmt.Errorf("unexpected message: %T %v", m, m) + } +} + func (c *serviceClient) CnatSnatPolicyAddDelExcludePfx(ctx context.Context, in *CnatSnatPolicyAddDelExcludePfx) (*CnatSnatPolicyAddDelExcludePfxReply, error) { out := new(CnatSnatPolicyAddDelExcludePfxReply) err := c.conn.Invoke(ctx, in, out) @@ -190,3 +245,12 @@ func (c *serviceClient) CnatTranslationUpdate(ctx context.Context, in *CnatTrans } return out, api.RetvalToVPPApiError(out.Retval) } + +func (c *serviceClient) FeatureCnatEnableDisable(ctx context.Context, in *FeatureCnatEnableDisable) (*FeatureCnatEnableDisableReply, error) { + out := new(FeatureCnatEnableDisableReply) + err := c.conn.Invoke(ctx, in, out) + if err != nil { + return nil, err + } + return out, api.RetvalToVPPApiError(out.Retval) +} diff --git a/vpplink/generated/generate.log b/vpplink/generated/generate.log index d7e1ed79c..cf687cb49 100755 --- a/vpplink/generated/generate.log +++ b/vpplink/generated/generate.log @@ -1,10 +1,12 @@ -VPP Version : 25.10.0-8~gd4f438470 +VPP Version : 25.10.0-10~g12f332bcf Binapi-generator version : v0.11.0 VPP Base commit : 4f366b5bb misc: Initial changes for stable/2510 branch ------------------ Cherry picked commits -------------------- acl: acl-plugin custom policies cnat: [WIP] no k8s maglev from pods pbl: Port based balancer +gerrit:43369/9 cnat: converge new cnat implementation to support encaps (calico) +gerrit:41089/21 cnat: combine multiple changes gerrit:43952/2 npol: fix test-debug gerrit:43710/12 npol: Network Policies plugin gerrit:revert:39675/5 Revert "ip-neighbor: do not use sas to determine NS source address" diff --git a/vpplink/generated/patches/0002-cnat-WIP-no-k8s-maglev-from-pods.patch b/vpplink/generated/patches/0002-cnat-WIP-no-k8s-maglev-from-pods.patch index 26eadbfdd..da362294b 100644 --- a/vpplink/generated/patches/0002-cnat-WIP-no-k8s-maglev-from-pods.patch +++ b/vpplink/generated/patches/0002-cnat-WIP-no-k8s-maglev-from-pods.patch @@ -1,49 +1,49 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Nathan Skrzypczak -Date: Mon, 8 Mar 2021 19:00:04 +0100 +From: hedi bouattour +Date: Tue, 23 Sep 2025 12:00:38 +0000 Subject: [PATCH 2/3] cnat: [WIP] no k8s maglev from pods Type: improvement Change-Id: If0702dbc51c308f0bb0ed16149c293d7adf9a984 -Signed-off-by: Nathan Skrzypczak +Signed-off-by: hedi bouattour --- - src/plugins/cnat/cnat_node_feature.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) + src/plugins/cnat/cnat_node_feature.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/plugins/cnat/cnat_node_feature.c b/src/plugins/cnat/cnat_node_feature.c -index 9b2c0c2fe..d862a84c0 100644 +index 4462d4e99..18e239d13 100644 --- a/src/plugins/cnat/cnat_node_feature.c +++ b/src/plugins/cnat/cnat_node_feature.c -@@ -43,6 +43,7 @@ cnat_input_feature_fn (vlib_main_t *vm, vlib_node_runtime_t *node, - int session_not_found, cnat_session_t *session) +@@ -43,6 +43,7 @@ cnat_input_feature_new_flow_inline (vlib_main_t *vm, vlib_buffer_t *b, + cnat_timestamp_t *ts) { vlib_combined_counter_main_t *cntm = &cnat_translation_counters; -+ cnat_snat_policy_main_t *cpm = &cnat_snat_policy_main; ++ cnat_snat_policy_entry_t *cpe = cnat_snat_policy_entry_get_default (); + cnat_main_t *cm = &cnat_main; const cnat_translation_t *ct = NULL; - ip4_header_t *ip4 = NULL; - ip_protocol_t iproto; -@@ -53,6 +54,9 @@ cnat_input_feature_fn (vlib_main_t *vm, vlib_node_runtime_t *node, + cnat_timestamp_rewrite_t *rw = NULL; +@@ -55,7 +56,8 @@ cnat_input_feature_new_flow_inline (vlib_main_t *vm, vlib_buffer_t *b, + ip6_header_t *ip6 = NULL; + udp_header_t *udp0; index_t cti; - u8 trace_flags = 0; - +- + u32 in_if = vnet_buffer (b)->sw_if_index[VLIB_RX]; -+ int ispod; -+ - /* By default follow arc default next */ - vnet_feature_next (&next0, b); - -@@ -127,7 +131,9 @@ cnat_input_feature_fn (vlib_main_t *vm, vlib_node_runtime_t *node, - session->value.cs_port[VLIB_RX] = udp0->src_port; - session->value.flags = 0; ++ int ispod = 0; + if (AF_IP4 == af) + { + ip4 = vlib_buffer_get_current (b); +@@ -115,7 +117,10 @@ cnat_input_feature_new_flow_inline (vlib_main_t *vm, vlib_buffer_t *b, + rw->tuple.port[VLIB_TX]; -- if (trk0->ct_flags & CNAT_TRK_FLAG_NO_NAT) -+ ispod = clib_bitmap_get ( -+ cpm->interface_maps[CNAT_SNAT_IF_MAP_INCLUDE_POD], in_if); -+ if (trk0->ct_flags & CNAT_TRK_FLAG_NO_NAT && !ispod) - { - const dpo_id_t *dpo0; - const load_balance_t *lb1; + ts->trk = trk0_i; +- if (trk0->ct_flags & CNAT_TRK_FLAG_NO_NAT) ++ if (cpe) ++ ispod = clib_bitmap_get (cpe->interface_maps[CNAT_SNAT_IF_MAP_INCLUDE_POD], ++ in_if); ++ if (trk0->ct_flags & CNAT_TRK_FLAG_NO_NAT && !ispod) + { + const dpo_id_t *dpo0; + const load_balance_t *lb1; -- -2.43.0 - +2.34.1 diff --git a/vpplink/generated/vpp_clone_current.sh b/vpplink/generated/vpp_clone_current.sh index 15ac47b5c..11651b625 100755 --- a/vpplink/generated/vpp_clone_current.sh +++ b/vpplink/generated/vpp_clone_current.sh @@ -127,6 +127,10 @@ git_revert refs/changes/75/39675/5 # ip-neighbor: do not use sas to determine N # npol: Network Policies plugin git_cherry_pick refs/changes/10/43710/12 # 43710: npol: Network Policies plugin | https://gerrit.fd.io/r/c/vpp/+/43710 git_cherry_pick refs/changes/52/43952/2 # 43952: npol: fix test-debug | https://gerrit.fd.io/r/c/vpp/+/43952 +# testing new cnat stuff +git_cherry_pick refs/changes/89/41089/21 # https://gerrit.fd.io/r/c/vpp/+/41089 cnat: combine multiple changes +git_cherry_pick refs/changes/69/43369/9 # https://gerrit.fd.io/r/c/vpp/+/43369 cnat: converge new cnat implementation to support encaps (calico) + # --------------- private plugins --------------- # Generated with 'git format-patch --zero-commit -o ./patches/ HEAD^^^'