Hi Date,
Port overloading was added to NAT ED for 20.05.
The static mapping with port overloading isn't yet there.
We would have to split that function from non-port overloading NAT and NAT ED.
Feel free to submit a patch!
Best regards,
Ole
> On 22 Jul 2020, at 18:34, Date Huang <tjjh89...@hotmail.com> wrote:
>
> Hi all,
>
> I'm using VPP to develop my program.
> Here is my scenario.
> I want to use VPP to build a NAT gateway with only one Public IPv4, and all
> traffic need to use this Public IP to internet. (for example: 1.1.1.1)
> I only can allow only one port from external firewall
> So I can only use 1.1.1.1:443 for example.
>
> <Server> is in LAN side.
> <Client> is in internet side.
>
> If I setup a DNAT rule to map <Server1>:1234 to 1.1.1.1:443, and <Client1>
> connected to <Server1>:1234 via 1.1.1.1:443.
> I will need to re-use 1.1.1.1:443 for <Client2> connect to <Server2>:4321.
> In Linux Kernel Netfilter, we can use "Conntrack" to save session, and keep
> TCP connection.
> So I can remove DNAT rule and create a new rule to map <Client2> to <Server2>
> without losing <Client1> to <Server1> connection.
>
> I try to use VPP to speed up performance
> I found VPP will delete related session when I removed DNAT rule.
> So I cannot keep session in VPP.
>
> Here is my startup.conf
>
> nat { endpoint-dependent }
>
> Here is my config in vppctl
>
> set interface mac address TenGigabitEthernet6/0/0 00:00:00:00:00:01
> set interface mac address TenGigabitEthernet6/0/1 00:00:00:00:00:02
> create bond mode round-robin
> bond add BondEthernet0 TenGigabitEthernet6/0/0
> bond add BondEthernet0 TenGigabitEthernet6/0/1
> create sub-interfaces BondEthernet0 10
> create sub-interfaces BondEthernet0 11
> set interface ip address BondEthernet0.10 192.168.1.1/16
> set interface ip address BondEthernet0.11 1.1.1.1/24
> ip route add 0.0.0.0/0 via 1.1.1.254 BondEthernet0.11
> set ip neighbor BondEthernet0.11 1.1.1.254 00:00:00:00:00:03
> set interface state BondEthernet0 up
> set interface state BondEthernet0.10 up
> set interface state BondEthernet0.11 up
> set interface state TenGigabitEthernet6/0/0 up
> set interface state TenGigabitEthernet6/0/1 up
> nat44 add interface address BondEthernet0.11
> set interface nat44 in BondEthernet0.10
> set interface nat44 out BondEthernet0.11
>
> nat44 add static mapping tcp local 10.0.0.2 1234 external 1.1.1.1 443
>
>
> Do you guys have some advice for me?
>
> Thanks a lot
> Regards,
> Date Huang
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#17053): https://lists.fd.io/g/vpp-dev/message/17053
Mute This Topic: https://lists.fd.io/mt/75728368/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
